On May 25, 2012, at 6:08 AM, Charlie Brady wrote: > On Thu, 24 May 2012, Matt Simerson wrote: > >> I have written a plugin that is currently named naughty. >> >> The POD has a good description of what it does and how it works. You can >> read the POD here: >> >> https://www.tnpi.net/internet/mail/naughty.html >> >> The plugin is very effective at blocking spam and it has reduced my CPU >> load enough to be measurable on munin graphs (which aren't exactly >> granular). Read the POD at the URL above to see how and why. >> >> The plugin has one teensy tiny problem. Because it penalizes servers >> that send spam, it occasionally penalizes a "mostly good" server. In a >> week of running, it has done this exactly twice, and the two servers it >> nabbed are mx.develooper.com and mx2.freebsd.org. Both are servers that >> send lots of ham, and occasionally, some spam. >> >> I see a couple options. > ... >> c) Other? > > You will do much less severe damage to your ham stream if you use 4XX > rather than 550. Since you are only indicating a temporary delivery ban, > it seems that 550 is inappropriate.
Been there, tried that. I've had mx2.freebsd.org soft 4xx blocked for 1 day at a time for over a week. Besides the increased number of connections to my server, using a 4xx error makes almost no difference. As soon as the penalty box expires, the queued ham and spam pour in and mx2 gets tossed back into the penalty box. For most messages, a 4xx error ends up being the same as 5xx error except with a delay. Matt
