Re: [spamdyke-users] OT: Spambot attack
On Thu, May 08, 2008 at 07:34:43PM -0500, [EMAIL PROTECTED] wrote: As clever as the automatic RBL system is, I would recommend against it until you can figure out why this is happening. If this is due to backscatter, you could end up blacklisting (otherwise) legitimate mail servers. Also, with the kind of load you're getting, I don't think adding rblsmtpd would be an improvement -- adding DNS lookups would just increase the time needed to accept an incoming connection. In this case, rblsmtpd would only do one lookup, on a local DNS server. It's not self-evident, at least to me, which of these two is faster: 1. start rblsmtpd and have it perform a local DNS lookup. If NXDOMAIN, start spamdyke as normal. 2. start spamdyke, which does a number of remote DNS lookups regardless of whether the sender or the recipient are blacklisted (doesn't it?). Of course, adding the IPs to spamdyke's ip blacklist is also an option, but with 70k addresses, I'm guessing lookups will take spamdyke longer than rbldns, which uses a cdb. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: Floggings will continue until morale improves. ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
[spamdyke-users] Graylisting - how effective it really is?
Hi, I wonder if anyone tried to analyze his logs to find out how effective gray listing is. I'd probably prefer to allow all incoming mails (maybe with exceptions) and even disable DENIED_IP_IN_CC_RDNS blockers as it yet causes too much collateral damages I can accept, even 99% of the mails DENIED_IP_IN_CC_RDNS deny is spam, then I got still 1% remaining - and this ususally causes some problems, but I yet like to deny mass-flood-senders. Something which graylisting still shall fight with. So - graylisting - how effective it really is for you? Regards, -- Daddy, what Formatting drive C: means?... Marcinhttp://wfmh.org.pl/carlos/ ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Graylisting - how effective it really is?
On Fri, May 09, 2008 at 02:24:47PM +0200, Marcin Orlowski wrote: Hi, I wonder if anyone tried to analyze his logs to find out how effective gray listing is. I'd probably prefer to allow all incoming mails (maybe with exceptions) and even disable DENIED_IP_IN_CC_RDNS blockers as it yet causes too much collateral damages I can accept, even 99% of the mails DENIED_IP_IN_CC_RDNS deny is spam, then I got still 1% remaining - and this ususally causes some problems, but I yet like to deny mass-flood-senders. Something which graylisting still shall fight with. So - graylisting - how effective it really is for you? I don't use spamdyke's graylisting; when I started using spamdyke, I already had a similar, albeit less powerful solution based on tcpsvd and some scripting. It only takes the IP of the client into account, not the sender or the recipient address. Based on some munin graphs, it appears that about 1/3 of all connecting IPs are blocked by even this primitive graylist. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: A single fact can spoil a good argument. ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Graylisting - how effective it really is?
When i first installed spamdyke, I used only greylisting. No other blocks with it. Prior to spamdyke: 40-60 spams a day (my personal account) Post spamdyke: 2 in 6+ months. Now of course your millage may vary based on how you use your account, server setup, etc. But for me on a personal note, it was VERY VERY effective. DNK On Fri, May 9, 2008 at 5:37 AM, Andras Korn [EMAIL PROTECTED] wrote: On Fri, May 09, 2008 at 02:24:47PM +0200, Marcin Orlowski wrote: Hi, I wonder if anyone tried to analyze his logs to find out how effective gray listing is. I'd probably prefer to allow all incoming mails (maybe with exceptions) and even disable DENIED_IP_IN_CC_RDNS blockers as it yet causes too much collateral damages I can accept, even 99% of the mails DENIED_IP_IN_CC_RDNS deny is spam, then I got still 1% remaining - and this ususally causes some problems, but I yet like to deny mass-flood-senders. Something which graylisting still shall fight with. So - graylisting - how effective it really is for you? I don't use spamdyke's graylisting; when I started using spamdyke, I already had a similar, albeit less powerful solution based on tcpsvd and some scripting. It only takes the IP of the client into account, not the sender or the recipient address. Based on some munin graphs, it appears that about 1/3 of all connecting IPs are blocked by even this primitive graylist. Andras -- Andras Korn korn at chardonnay.math.bme.hu http://chardonnay.math.bme.hu/~korn/ QOTD: A single fact can spoil a good argument. ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Graylisting - how effective it really, is?
On 5/9/2008 [EMAIL PROTECTED] wrote: So - graylisting - how effective it really is for you? The only spam blocking I use presently is spamdyke with graylisting. Pre-spamdyke I was getting 1000 spams/day into my personal mailbox. Since installing spamdyke with graylisting I get 3-4 spams/day. Bucky ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Graylisting - how effective it really, is?
Two days ago I deleted 68,134 spam with spamdyke (without gray listing) and I received about 15-20 spam to my inbox. Today I have spamdyke with graylisting and we have deleted nearly 80,000 spam and I have received 0 spam so far. :) Dallas Crandall Backup's Plus Computer Services 208-841-5519 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of BC Sent: Friday, May 09, 2008 11:09 AM To: spamdyke-users@spamdyke.org Subject: Re: [spamdyke-users] Graylisting - how effective it really, is? On 5/9/2008 [EMAIL PROTECTED] wrote: So - graylisting - how effective it really is for you? The only spam blocking I use presently is spamdyke with graylisting. Pre-spamdyke I was getting 1000 spams/day into my personal mailbox. Since installing spamdyke with graylisting I get 3-4 spams/day. Bucky ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
