Hi, I have checked the archives and searched online but not quite found what I'm about to ask, and yet can't believe I'm the first one to ask this question. I have several domains and look after equipment (including mail systems) for several clients. All have their own primary and backup mail systems - some Postfix, some Exchange, some Symantec Mail Security. All clients have two or three valid MX records. We see a lot of spam targeting high-pref MX records. Some domains have a highest-pref MX record for a host that doesn't exist, meaning some of this spam tries to connect to a host that doesn't exist, and wastes a little of their time. I'm wondering if a common spamd tarpit across all domains and clients - judicious use of "-b" and "-4" and "-s" options should do the trick - sitting at this highest-pref MX might give me some information on email addresses that get targeted for spam, and tie up the spamming hosts for a period of time, and also (perhaps slightly) reduce spam that gets targeted at valid mail systems. It should also have the advantage of requiring no change - other than one DNS record - for each client. I have taken a vanilla 4.1-RELEASE i386 box, set sendmail_flags=NO and spamd_flags="-p 25 -b -4 -s 2", but I'm not seeing the behaviour I would expect (primarily the '-s' option I'm getting immediate reponse from spamd). Ideally I want a setup that does not accept mail for local delivery, requires no ongoing configuration changes, but just takes its time with connections and then returns a "45x try again later" message.
If this question has been asked before (or is documented elsewhere) please point me in that direction, and please feel free to suggest improvements (or flaws) with this idea, and why I might be seeing the immediate response rather than the one-character-every-three- seconds behaviour. Thanks, Kevin -- Bad web design can hurt your business! Click to hire a professional http://tagline.hushmail.com/fc/CAaCXv1RYWfdyDg4DWC1FPzUZ9B5N7bk/
