If you replace DNS RBL check with some other check, then the program
you're talking about is the linux kernel. This subject has been
discussed last April under the subject Zombies blocking my smtp. See
e.g.
http://www.mail-archive.com/courier-users@lists.sourceforge.net/msg33586.html
Robert Penz wrote:
It's a war of attrition.
hmmm ... I would think that if the SMTP connection is handled by a program
which does not create a process or thread for each handshake before it has
done a DNS RBL check it would increase the systems resistance to spam waves
dramatically.
If you
On Sat, 2009-07-18 at 10:28 +0200, Robert Penz wrote:
memory usage up to 1GB only for smtp.
Use OpenBSD, pf(4), spamd(8) to tarpit and blacklist:
http://www.openbsd.org/cgi-bin/man.cgi?query=spamdsektion=8
http://www.openbsd.org/spamd/
Hi!
On one of the mailservers I run I get really much spam (as some mail
addresses are really widely known). I'm using the courier dns blacklist
feature as the first line of defence. It blocks a lot of spam, but I've a
resources problem with it.
The problem is that the spam seems to hit this
Robert Penz writes:
The problem is that the spam seems to hit this server in waves which lead
to more then 10 times the connection rate as normal. Almost all of the
connections are blocked by the dns blacklist feature, but the connections
are somehow not dropped at once. This leads to entries
It's a war of attrition. There's not much that can be done except to keep
scaling up the system to cope with the load. It's not only SMTP, for
example. DNS server operators, for example, often have no choice but
overprovision their bandwidth and CPU to deal with attacks on DNS
servers.
Robert Penz wrote:
It's a war of attrition. There's not much that can be done except to keep
scaling up the system to cope with the load. It's not only SMTP, for
example. DNS server operators, for example, often have no choice but
overprovision their bandwidth and CPU to deal with attacks on
Have you considered using the greylisting module within pythonfilter?
It's low in the resource usage stakes AFAIK, but is very effective at
stopping 90%+ of spam.
I'm using it after the dns black lists and yes it helps. But the real time
blacklists get the most spam, as it is my first line of
Robert Penz writes:
It's a war of attrition. There's not much that can be done except to keep
scaling up the system to cope with the load. It's not only SMTP, for
example. DNS server operators, for example, often have no choice but
overprovision their bandwidth and CPU to deal with