[NMLUG] Tool for validating sender address as spam-fighting technique?

Subject: [NMLUG] Tool for validating sender address as spam-fighting technique?
From: matt at mattorama.net (Matt Grommes)
Date: Mon, 12 Mar 2007 08:10:02 -0700 (MST)
In-reply-to: <26face530703101127l558d2db7y54ddb6674d663383@mail.gmail.com>
References: <26face530703101127l558d2db7y54ddb6674d663383@mail.gmail.com>

I think most mail servers will do this for you. It's been awhile since I
did my postfix config but I'm pretty sure there's a way to reject
malformed email addresses.


> To fight spam, I want to validate the address (not necessarily in
> real-time) of the a given email sender. Is there a Unix tool that does
> this?
>
> The basics are simple: to validate "kmnyqi at wnonline.net", I connect to
> the MX record of wnonline.net and go as far as "RCPT TO" as follows:
>
>> host -t mx wnonline.net
> wnonline.net mail is handled by 5 wnspf.bayou.com.
>
>> telnet wnspf.bayou.com. 25
> Trying 209.209.192.75...
> Connected to wnspf.bayou.com..
> Escape character is '^]'.
> 220 Welcome to Bayou mxfilter
> HELO domaintester.com
> 250 mxfilter.bayou.com
> MAIL FROM: <test at ignoreme.com>
> 250 Ok
> RCPT TO: <kmnyqi at wnonline.net>
> 550 <kmnyqi at wnonline.net>: Recipient address rejected: 5.1.1
> <kmnyqi at wnonline.net>... User unknown
> QUIT
> 221 Bye
> Connection closed by foreign host.
>
> This tells me kmnyqi at wnonline.net is an invalid address and that mail
> from that address is probably bogus.
>
> A more sophisticated tool would cache results, handle temporary
> failures (eg, inability to connect to the MX server), handle multiple
> MX records, perhaps even publish results [carefully, to avoid giving
> spammers a source of legit email addresses!], etc. Plus, I'd prefer to
> use a tested tool vs hacking something up myself.
>
> I realize this technique is far from perfect:
>
> Spammers spoof legit addresses
>
> Bounces/Mailing lists/etc legitimately use "do not reply" addresses
>
> It could be considered unfriendly to the target MX servers
>
> Some mail servers incorrectly say "user unknown" when they see spam,
> figuring it's more of a deterrent than saying "you're a spammer"
>
> Some mail servers inefficiently accept mail for "foo at xxx.com" (where
> xxx.com is one of their domains), figure out if foo exists later, and
> send a bounce back to the envelope sender, instead of rejecting email
> at the SMTP level (a really good tool would create throwaway addresses
> to catch these cases too)
>
> ... but I still think it might help.
>
> --
> We're just a Bunch Of Regular Guys, a collective group that's trying
> to understand and assimilate technology. We feel that resistance to
> new ideas and technology is unwise and ultimately futile.
> _______________________________________________
> NMLUG mailing list
> NMLUG at nmlug.org
> http://www.nmlug.org/mailman/listinfo/nmlug
>
>

References:
- [NMLUG] Tool for validating sender address as spam-fighting technique?
  - From: kelly.terry.jones at gmail.com (Kelly Jones)

Prev by Date: [NMLUG] Tool for validating sender address as spam-fighting technique?
Next by Date: [NMLUG] PLEASE UNSUBSCRIBE
Index(es):
- Chronological
- Thread

Please send sugestions and comments to webmaster@nmlug.org.