[Mimedefang] SpamAssassin via mimedefang is slow
Jeff Rife
mimedefang at nabs.net
Sun Nov 9 15:35:24 EST 2008
On 9 Nov 2008 at 17:00, Michiel Brandenburg wrote:
> I do need more methods to prevent "evil" messages from getting to the
> data phase but we don't use graylisting. Our users are spoiled and
> starting a graylist at this point in time on our production servers will
> make ppl call the support line because customers can't seem to get the
> idea that mail is not instantaneous.
So, start a greylist implementation but don't delay...just build a list
of who you got mail from. If you add in the various big domains
(Yahoo, GMail, Amazon, eBay, etc.) to the starting whitelist, you don't
see delays for most of the mail that users are "expecting".
The thing to remember is that the whitelist portion of the greylist
doesn't say "this is good mail"...it merely says "this host will
retry".
> My hash database is a kinda of graylist [only I tempfail at the data
> phase not the rcpt to phase as graylist does], except it triggers on bad
> messages only. Not on all connections we receive as graylisting does (
> well it has to learn the white senders, but I'm working on that). You
> are right saying that this code stops spamruns, it does, spam run comes
> in scan 1st 10 messages (drop them) in the worst case scenario and
> tempfail all others, works wonders :).
Along with greylisting, enforcing SMTP standards (no pre-greeting
traffic, connection rate limits, HELO parameter enforcement) will stop
the spam runs even sooner.
Also, when you have chosen to reject, delaying the response for 20
seconds or so will also discourage those bots.
--
Jeff Rife |
| http://www.nabs.net/Cartoons/Dilbert/Win95CatOnMonitor.gif
More information about the MIMEDefang
mailing list