LuKreme wrote:
On 16-Aug-2009, at 16:55, MySQL Student wrote:
So perhaps instead of adding another RBL, maybe some admins need to
consider adding in some HELO checking / rejection.
Can you explain a bit more here? What are you checking for, that the
host is valid?
<http://www.mail-archive.com/postfix-us...@postfix.org/msg15167.html>
That gives me a 46% rejection rate just on HELO/EHLO and a 47% rejection
rate on unknown users.
I see similar figures and would also recommend using HELO/EHLO
restrictions. I see around a third of spam hit HELO/EHLO restrictions, a
third hits commonly forged non-existent recipient addresses and a third
hits zen.spamhaus.org (checks and rejections performed in that order).
Although a dns lookup to zen.spamhaus.org probably isn't that expensive,
I'm sure they appreciate reducing the load by two thirds by
pre-filtering as much obvious spam as possible.
Question - in Postfix do "user unknown" rejections still incur a dns RBL
lookup, or does the rejection occur before reject_rbl_client?
Overall only a very small proportion of spam ever reaches SA - typically
<1% of rejected mail.
