On 8/19/2013 7:31 AM, John Hardin wrote:
On Sun, 18 Aug 2013, Len Conrad wrote:
Came up with a cool trick that seems to be working well after
running for several months.
I do the same by harvesting the IPs that fail SMTP AUTH a number of
times, and then if more than a number of IPs in a ClassC, I block the
entire ClassC.
I do the same with postscreen/pregreet IPs and ClassC.
Have you considered TCP Tarpitting instead of just blocking them?
Blocking them doesn't actually *punish* them. Getting their MTAs
*stuck* for hours or days does.
I doubt their MTA stay stuck for long. But I do take in their whole
message. And I don't let them know they are blocked so I'm just wasting
their bandwidth. But it's added about 1/4 of a million IPs to my blacklist.
--
Marc Perkel - Sales/Support
supp...@junkemailfilter.com
http://www.junkemailfilter.com
Junk Email Filter dot com
415-992-3400