Re: sendmail issue.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2004-07-21 at 20:21, Craig White wrote:

> > 
> > And I agree with you that the majority of the spam comes from
> > compromised zombie windows clients.  I recently setup greylisting on the
> > mail server and this alone reduced spam by 98 to 99% (was 2000 to 6000
> > spam messages a day and now we get 3 to 8 spam messages a day). 
> > Greylisting works by telling the remote MTA that there is a temporary
> > error (451).  A real MTA will wait a few minutes and try to connect
> > again.  Virtually all the zombie machines out there are not that smart,
> > they get an error and just move on and don't retry.  Amazingly quiet on
> > the email server now.  :)
> ----
> why is it that I feel this is only a temporary fix?
> 
> ;-(
> 
> Craig

Ah!  If/when they change their mode of operation you combine this with a
realtime block list.  The idea being that when a new system starts
spamming it will hit you where you delay delivery.  Then it moves on and
sends a spam to one of the many spam traps on the Internet which reports
the spam and adds that address to a realtime block list (rbl).  Once
your time out has expired and the spammer comes back around to deliver
that message your system checks the rbl which has it listed and you deny
delivery at that point.  

The only downside is the amount of time email will be delayed.  But for
a fairly simple system that can virtually eliminate almost all spam I
think it will be very effective.
-- 
Scot L. Harris
webid@xxxxxxxxxx

Newlan's Truism:
	An "acceptable" level of unemployment means that the 
	government economist to whom it is acceptable still has a job. 



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux