On Tue, Dec 13, 2011 at 3:00 PM, Michael Scheidell <michael.scheid...@secnap.com> wrote:
> [..] Blocking the ip address by firewall > will save bandwidth and cpu cycles. Firewalling will have the same effect as returning no answer - it will cause retries and thus will roughly triple the amount of queries received (although they will effectively be discarded at a different stage, firewall vs nameserver). This effect was also reported in https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6048#c23 > google's attention, will it? and you still get the bandwidth and cpu cycles > from the largest abusers. For the few cases where it is being used, it reduced the load by an order of a magnitude (eg netline.net.uk going from > 12 mio queries/24 hours to below 1 mio - still way too high, but definitely an improvement). -- Matthias