Sendmail: How does one blacklist annoying spammers?

[Tim]

Joel Rees:
>> Deliberately leak trap addresses in places I tend to use my real  
>> addresses, auto-blacklist anything that hits the trap addresses.

Bruno Wolff III:
> That approach has a problem. One significant source of spam is compromised
> accounts. If you go that route, eventually you will end up blocking the
> big free email providers. You'll either need to white list them or be willing
> to block their email.

Only if you use the trap address to block a whole domain.

The technique I used was to consider all *messages* identical to ones
received at trap addresses were spam.  You can't fail with that approach
(content checking, and received at honeypot trap addresses).  No real
mail will ever be sent to one of them, and any other address receiving
the same content was being spammed.

You feed such messages to your spam recogniser along with an extreme
spam rating.  i.e. "This is 100% spam," not a "this is probably spam."

Blocking addresses is just doomed to failure.  Most spams fake their
addresses, *from* and other mail header addresses.  And they keep using
different ones.  So you won't block their next spam, and you will block
addresses that belonged to someone other than the spammer.

-- 
[tim at localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.