At 12:34 PM -0500 11/4/05, Ki Song wrote: >> From: Alexander Dalloz <ad+lists@xxxxxxxxx> >> Reply-To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx> >> Date: Fri, 04 Nov 2005 18:26:29 +0100 >> To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx> >> Subject: Re: Postfix Sluggish >> >> Am Fr, den 04.11.2005 schrieb Ki Song um 18:16: >> >>> Another tidbit I thought was interesting was that the maillog is about >>> 23megs. It seems like it is unusually large ... the past couple weeks, the >>> logs have been around 4-8 megs ... every sunday evening the logs are backed >>> up and a new log is generated. is this relevant at all? >> >> A huge log can slow down things. Did you enable debug mode to get such a >> huge maillog file? Or were you target of mailbombing? > >One reason why the maillog is so huge is because all the messages that are >trying to be sent to this domain (knifecenter.com) that are the target of >spam ... basically, they are sending to any and all potential names in the >knifecenter domain ... for example, a particular server tries to send a >message (probably spam) to: a@xxxxxxxxxxxxxxx, then aa@xxxxxxxxxxxxxxx, then >ab@xxxxxxxxxxxxxxx, then ac@xxxxxxxxxxxxxxx, etc. > >The maillog contains all the rejected messages because those addresses do >not exist. How do I continue to reject the messages to erroneous addresses >without showing it in the maillog? ... Greylisting will make most of the spammers go away. Search the list archives. Note that attacks come from all over, so keeping a list by hand of bad servers is a lot of work. RBLs do this for you, but they often result in rejecting legitimate email (avoid SpamCop) and are generally more work to set up than greylisting. Actually searching the list archives does not work. Here's a list mirror to search: http://marc.theaimsgroup.com/?l=fedora-list&r=1&w=2 or use Google: greylisting site:www.redhat.com/archives/fedora-list I'm sure you are starting to learn why mail hosting is hard work. ____________________________________________________________________ TonyN.:' <mailto:tonynelson@xxxxxxxxxxxxxxxxx> ' <http://www.georgeanelson.com/>