Re: [OT] HELP!!! mail attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2008-03-26 at 23:06 +1030, Tim wrote:
> On Wed, 2008-03-26 at 05:12 -0700, Craig White wrote:
> > My first 'defense' is greylisting, run as a policy in postfix.
> 
> Though do so with the knowledge that it may mean some mail never gets
> delivered/accepted.  Greylisting, for both cases of rejecting spam and
> accepting ham, requires the services sending to you to work in certain
> way [1], and they don't all do that [2].
> 
> 1. They reject the initial attempt, tell the sender to resend later, and
> accept the resend.
> 
> 2. Some senders never resend, causing mail to get lost permanently.
> Some resends come from a different server, and that can get rejected,
> too - causing long delays, or permanently lost mail.  Some resend
> attempts come after a very long delay, which can be annoying or business
> destroying, or can cause another reject.
> 
> I've experienced all of the above bad scenarios.
----
I had heard that before I set it up but I have been running this same
setup on servers for 7 separate businesses and besides the initial
complaints of delays, it has been completely a non-issue. Few delays
have ever been longer than 30 minutes.

On the other hand, my setup has completely lightened the mail load.

And for an amusing side note to this...

My boss forwarded an e-mail to me which was a newsletter that he gets
via e-mail. I asked him what he expected me to do with it and he pointed
out to me a paragraph about their upcoming changes and that subscribers
should alter their 'filters' to be sure that they receive it.

I pointed out to him that on our network, I don't know of a single user
that has had to implement 'user level filters' for spam because so few
spam messages get through (I get about 5 a week and I am a very heavy
e-mail user). I pointed out that my methodology at the server level has
been so effective that I have no 'whitelisted' senders, no 'special
handling rules' at all beyond the high scoring spamassassin filter that
each user automatically inherits.

He replied back - never mind and later expressed to me that yeah, he
never gets spam and manages to get all of his e-mail.

Greylisting has been a very effective tool for me and I have had NO
complaints about it at all. There's actually a way around it in a
crunch...I've put a 5 minute window. The sender need only wait 5 minutes
and send the e-mail again which ultimately means that 2 copies show up
but the second one is delivered immediately and the first one is
delivered when their SMTP server decides to try again which is almost
always 15-30 minutes later.

Craig


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux