On Apr 20, 2006, at 9:49, David F. Skoll wrote:
The ones who use "legitimate" mail relays will get past greylisting
and greet_pause. The more sophisticated ones *DO* have essentially
unlimited resources. So, some recipients throttle one of my zombie
computers
to sending an e-mail every 5 seconds. No problem; just add 1,000 more
zombies
and I can send an e-mail every 5 milliseconds.
Except that the more they flex their zombies, the more attention it
draws to the zombie's real owner that something is wrong with their
computer and needs to be fixed. They don't have an unlimited number of
zombies, and the individual zombies themselves have finite capacity (of
which the spammer can only utilize a fraction).
Plus, a huge percentage of the machines that show up in my logs for
"got whacked by greet_pause" are the very sorts of dynamic addresses
you'd expect to see with a zombie ... not the unsophisticated channels
you mention. If the sophisticated spammers aren't vulnerable to things
like greet_pause, why are they still getting caught by the greet_pause?
Last, I don't worry about them hitting my machines with 10's or 100's
of connections per zombie (parallelizing their attempts within a given
zombie). For non-trusted mail relays, I limit the number of
connections to 2.
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
