----- Original Message ----- From: "Len Conrad" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, June 21, 2004 12:22 Subject: Re: [Spam - 18]Re: [IMail Forum] Dictionary Attacks and MX Records
> > >I hadn't thought of that. It sounds like a neat idea, and one that doesn't > >require a repugnant amount of processing. > > hard to get more efficient than rejecting after RCPT TO: Except that we're getting over a million of these rejectiosn per day, and at least once a day they are so great that the server starts to get unresponsive for up to ten or fifteen minutes. > > >How long would you grey list an > >address for rejections? > > I'm using 5 minutes :) > > > If they try to pump more than half a dozen messages > >through? > > greylisting is not per IP. Greylist items are the triplet of > > ip + [EMAIL PROTECTED] + [EMAIL PROTECTED] > > So an ip sending 15 msgs all with forged, different senders is 15 rejects. > > > This sounds like it might be the solution, but I'm curious as to > >how you do it. > > google for greylist. afaik, Imail and Imail add-ons don't/can't do > greylisting efficiently, if at all. > > And you don't want to waste your mailbox server resources (and bandwidth) > sucking in all that crap only to reject it. Accepting entire msgs bodies > then rejecting has been silly for a long time. With current volumes, it's > insane, even suicidal for some Imail servers that just can't keep up. Well, we've got a 3ghz machine running our mail server now, and even it seems to labor when things get ugly. -- A. Clausen [EMAIL PROTECTED] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
