It's worth considering that a normal ping is around 60-odd bytes, so this is equivalent network load to being ping'd once a second.
...and anyone with a internet link will see continuous scans because of viruses that will likely be similar in bandwidth usage. Consequently, in this instance isn't using any more downstream than you would loose from normal internet 'noise', and the upstream is kind of equivalent to pinging out. I run a dozen pings a second 24x7 just to monitor/diagnose for network faults. Dom - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Dom De Vitto Tel. 07855 805 271 http://www.devitto.com mailto:[EMAIL PROTECTED] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Where do you want to go today? Same as every day.... Windows Update. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Daniel Hartmeier Sent: Tuesday, March 09, 2004 12:50 AM To: Jay Moore Cc: Christopher D. Lewis; [EMAIL PROTECTED] Subject: Re: spamd vs extremely determined spammer On Mon, Mar 08, 2004 at 06:19:08PM -0600, Jay Moore wrote: > Thanks for your encouragement. Maybe I'm reading the pfTop output > incorrectly, but doesn't it say that _my_ resource cost on this > transaction was 335K packets and 13 MBytes of bandwidth? If so, I > wouldn't call this "no effect" on my resources. Obviously, it costs you as much bandwidth as it costs the sender, as any packet the peer sends, you receive and vice versa. But you don't waste as much CPU cycles, disk space and memory as the peer does. You might have delayed the entire queue of the sender by two days, who knows ;) 13MB in 48 hours (that's just 78 bytes per second) is considered a tiny stream by most people. If, for some reason, this means significant cost for you, don't run spamd. Just blocking the port with RST is cheaper. Daniel
