[Mimedefang] Re: Spammers who won't take no for an answer
Jeremy Mates
jmates at sial.org
Fri Oct 24 12:54:53 EDT 2003
* Jonas Eckerman <jonas_lists at frukt.org>
> Only problem I see with this is that the spammer might start pestering
> secondary MX servers instead.
Spammers are already known to target the secondary MX servers.
> Instead of firewalling, what about routing (through a NAT or
> something?) to another machine with a rather stupid mail server acting
> like this:
You describe a SMTP tarpit (or teergrube). Usually requires a firewall
between the SMTP server and the Internet that can divert connections
from certain IP addresses. I use spamd on OpenBSD, via an IP address
table in PostgreSQL populated on my primary e-mail server and pushed
over to the firewall as needed. Plus some RSS feeds to monitor what is
being blocked.
OpenBSD's spamd is very efficient (spends most of time sleeping), and
usually ties connections up for five minutes; the message is temp or
perm failed before the DATA verb, which reduces the bandwidth costs.
More on OpenBSD pf/spamd; there are daemons for other OS:
http://www.benzedrine.cx/relaydb.html
More information about the MIMEDefang
mailing list