I have had other experiences with spammers. I suspect there is different 
spammers out there that spam in different ways.
I once got a very irritating spammer that send a lot of spam, that was 
completely identical, had a identical color in the header and it was really 
obvious this spammer was the same person/company even if he spammed about lots 
of different subjects, everything from auto insurance to pills to earn money. 
Then I blocked his domain (blablabla.tld) in my postfix config, and had it set 
to reject.

Just a day after, he "started" spamming from a new domain, that was very 
similiar to the first. I knew it was the same person/company of the color.
I kept on blocking, and the spammer kept on changing.

Then I changed to DISCARD before blocking his new domain. Bam, that spam gone. 
I got a very few one with the same color in the header (before it was a few 
mails per hour), but eventually, it vanished. My log however, listed a lot of 

So I suspect that was a spammer that have got some sort of "verified list" (eg, 
those high price adress lists that are known to be valid) and spammed a few, 
propably in the area of hundreds of mails, and had good handling for 
bans/blocklists/ and propably for greylisting too, to keep their head under the 

So its just a tradeoff. Spam mails are today pretty small just to not trigger 
"huge-mail-alerts" so they consume minimal with bandwith and CPU cycles, but 
causes far much more "damage" in time spent for the user deleting the crap from 
the inbox.

But I agree, that if you get those "regular" spammers that doesn't pay 
attention to RFCs at all, then its better rejecting it.

-----Ursprungligt meddelande-----
Från: Jim Reid [mailto:j...@rfc1035.com] 
Skickat: den 21 september 2016 03:36
Till: Sebastian Nielsen <sebast...@sebbe.eu>
Kopia: Postfix Users <postfix-users@postfix.org>
Ämne: Re: TLD blocking revisited

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to