> On 2004-05-14 08:40 -0300, Fernando Schapachnik <[email protected]> wrote: > > As everybody is throwing in their favorite anti-spam solutions, here's mine: > > > > http://www.paganini.net/ask/ > > > > From the home page: > > > > ASK takes advantage of the fact that most spammers use invalid or > > fake "From:" address in their messages. When a new message arrives > > and the sender is unknown, ASK sends a "confirmation message" > > back, informing the sender that the original message has been > > queued, pending confirmation. When the sender confirms (a simple > > reply), ASK delivers the original message and adds the sender to a > > "whitelist". Further messages from this sender will be immediately > > delivered. > > (I apologize for posting this O/T message.) > > Here's a well-thought-out argument against systems of this type: > > Challenge-Response Anti-Spam Systems Considered Harmful > http://kmself.home.netcom.com/Rants/challenge-response.html I don't know ask, but I'm using tmda which is configured to NOT send any query. this way, the offending messages are queued until I release or delete them using tmda-pending. so, such tool may not be so problematic, but the configuration or the implementation may be :( the first versions of tmda don't allow to not bounce, the first thing I've done was to patch tmda to go this way, then I submit the patch which wasn't accepted at first. the time beeing, it was implemented differently, but the idea was kept :P here is the trick : echo 'ACTION_INCOMING = "hold"' >> ~/.tmda/config don't know if ask may hold queries instead of bouncing ? Cyrille Lefevre. -- home: mailto:[email protected] _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"