a note to those who would automate their rejection notices
Doug Luce
doug at nanog.con.com
Sat Dec 27 22:14:30 UTC 2003
This reminds me:
I'm scared to death of false positives. So much so that every email that
triggers a positive from Spamassassin (i.e. several thousand spams a day)
gets a response. It tries to be as polite as possible, both by being
good-natured in tone and by both a "Precedence: bulk" header and an
application-specific X-header to break loops.
It's worked well enough for me to plan an implementation for an email
system I run (servicing about 70k users). There are no real anti-DDOS
provisions in it that would prevent someone from sending several million
messages with a forged SMTP envelope to flood someone's mailbox
quasi-anonymously.
I haven't ever heard of this sort of system being used. Other than the
obvious problems (like above, and the fact that it generates a LOT of mail
that's going nowhere). Does anyone know of a precedent? Or wants to pick
apart the idea in terms of community effect?
Thanks,
Doug
More information about the NANOG
mailing list