I am currently using rblsmtpd to block spammers on the RBL. I may add ORBS as
well. Think I'll wait, gather some stats on how much is being blocked by RBL,
and then compare with RBL+ORBS.
Anyway, let's say, for arguments sake, that I am receiving boatloads of spam
from east asian IPs in the 200+ range (anyone else getting flodded from over
there?) and I want to block them. Assuming I can trust the domain name in the
headers, I can add it to badmailfrom, but that only blocks _that_ domain, and
not even subdomains of that domain. Or I could add the network address of the
sending IP to my /etc/tcp.smtp with a :deny. But my boss wants to be sure that
a) we are blocking mail from these spammers but b) we can still recieve mail
from the postmaster in that domain. I currently have a very large list of
domains in badmailfrom and network numbers in tcp.smtp. Is there some better
way around this? I realise there is not really any easy way around spam but ...
--
Mark Drummond
Department of Computing Services
UNIX System Administrator
