My spam approach has been to always reject as soon as possible. If
it's a guaranteed marker, 5xx. If it's not, 4xx. This stops me having
it archived on my disks, taking up my RAM, or clogging my inbox.
I greylist all email. This causes "new" servers to get a bit slow in
their initial email, but dealt with some of the spam still managing to
leak past sbl-xbl.spamhaus.org and my other DNSBL lists.
I use Postfix's anvil to limit per-client connections and also enforce
rates of sending. If someone tries to connect and doesn't (for example)
wait until my system sends its banner, that's considered an error (fully
compliant SMTP MTAs pause, per rfc, until the banner; spam bots just
blast an EHLO out and then fire RCPTs). RCTPs to non-addresses on the
system are considered error, and a couple causes a connection to be
booted (which frees us resources).
The only other thing I really want to automate is to get my SMTP server
to reject email stamped with bogus time stamps. I can see having NOW +
1week and NOW -2weeks as a window, but stuff from "1969" (0) or "2038"
(2^32-1) are bogus and 100% spam. And, if not spam, at least it'll tell
the sender their system is broken :)
Received on Fri Oct 5 09:37:26 2007
This archive was generated by hypermail 2.1.8 : Fri Oct 05 2007 - 09:37:31 CST