On 22 June 2010 20:36, Erik Norgaard <norga...@locolomo.org> wrote: > On 21/06/10 20.06, pete wright wrote: > >> On Jun 21, 2010, at 10:28 AM, Jean-Paul Natola wrote: >>> >>>> I'm particuclary trying to implement some type of rate control as we >>>> are getting hammered by spam. >>>> >>> >> I'd humbly suggest pf + spamd if you are concerned specifically about >> stopping spam, both are supported by freebsd and i have had great >> success using these tools to combat spam. >> > > spamd does not stop spam. It is intented to increase the cost of sending > spam at little cost to your server by keeping the spammer busy trying. > > If you're concerned with blocking spam from a limited set of known sources, > then you can create block lists in your firewall. If you know that you will > not receive legitimate mails from certain countries, you can block their > assigned IP ranges. > > If you're trying to block large number of unknown sources, then I suggest > subscribing to spamhaus' lists and configure your server to adhere strictly > to the protocols. > > You may wish to subscribe to lists of dynamic ip-ranges. These are often > considered spam sources hosting a large number of bot-nets However, you may > also block mail from legitimate servers run by people who like to run their > own home server - such as FreeBSD users. > > There is only limited benefit of some kind of rate control and I believe > that such controls must be implemented in your mail server. Implementing > rate control mail also delay legitimate mail, and depending on how you do > it, spammers may even cause a DOS against your server. > > Anyway, to avoid spammers eating up server resources, check your server > config: > > 1. ensure that the spam decision is reached as fast as possible > 2. consider early whitelisting of the most common legitimate mail sources > 3. DNS block lists should be last as they add additional delay, possibly > you can configure a local dns cache to shorten delay > > BR, Erik > -- > Erik Nørgaard > Ph: +34.666334818/+34.915211157 http://www.locolomo.org > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscr...@freebsd.org" >
true spamd doesnt block spam it rates it. However these ratings on host can be used to build an ip list which can be applied to a pf table. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"