-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Kshatriya schrieb: > On Tue, 14 Aug 2007, ram wrote: > >> The page says the primary MX should not be accepting connections at all. >> Has anyone else tried this , will this cause delay in my mail > > It almost doesn't work anymore. Better try adaptive greylisting, with > some whitelists so you don't notice too much of delays. > > K. > fake mx do work, but dont expect to much, as most of the bots learned to come again to defend greylisting , they also learned fake mx. you will have a delay with fake mx but its very small.
In my case i was bombed with connects and fake mx reduced them about 10 percent , i think these are very old spam bot variants who still agressing against my very old three letter domain. I would say fake mx are nice to have , but its not a must have in antispam these days, I included reject_unknown_reverse_client_hostname in my postfix ,this, it seems is very efficient , in my case,i noticed to block spam mail in early client stage. Also fail2ban does a good job with dictionary attacks, for sure you should have all other recommended antispam settings like reject_unknown_sender_domain etc including greylisting, policy_weight, spf, dkim in your mail server. - -- Mit freundlichen Gruessen Best Regards Robert Schetterer Germany/Bavaria/Munich -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFGwa/jfGH2AvR16oERAsbJAJ9iRo0H+YesZN1+fjMXu3iqpL1wFQCdHlUZ 82eAcB03SfJP4j7xuh9NbiU= =mMcc -----END PGP SIGNATURE-----