On Wed, 2005-12-07 at 13:33, Timothy Alberts wrote: > Thank you for the response Paul. > > I like the idea of blocking an IP range, as I'm already doing that for > several spammers. However, when I blocked on IP, they changed IP to > 200.206.123.10. I could try and block multiple IP ranges, but it's just > a moving target I think. I block one and they move to another. I don't > want to have to play that game. > > So if sendmail finds that it can't trust the name (DNS fails in some > manner), is there a way to configure sendmail to REJECT the mail as it > is coming in based on failed DNS, rather than block IP ranges? > > When they change IP addresses are they using zombie systems to send the spam? If so greylisting will most likely take care of the problem no matter which IP address the spam comes from. You might also look into enabling the delay feature on sendmail. Have not used that myself but understand it can block most zombie spam systems since they don't follow the RFC rules. As I understand it sendmail will delay several seconds responding to the initial connection request. Most spam tools just dump and run and don't really wait for the conversation to take place. At least that is the theory.
