>By its self, this plug-in seemed to eliminate the largest chunk of remaining >spam when I added it in. It also reduced the load on the server by saving >the following plugins the effort of more tests.
I used to do the equivalent for qmail, i.e. temporarily rejecting incoming TCP connections from hosts with no reverse DNS. Once I stopped doing it, I noticed a lot of the connections were really just innocent sites out there trying to deliver bounces (of joe jobs mostly), so allowing them to do it again caused a temporary upsurge in incoming activity followed by an overall *reduction* in incoming connection attempts. I recommend using checks like reverse-DNS, "paranoid" forward lookups, SPF, and so on, only on incoming *messages* after other, localized checks have failed to produce a definitive answer to the question "should I accept this email" one way or another. (Localized checks include any that don't require DNS lookups or other forms of contacting external hosts for information such as IDENT, DNSBLs, or RHSBLs. They might include local versions of such data bases, built out of local decisions about what constitutes unwanted incoming email, or locally applied tests such as virus or spam scanning.) At the moment, my qmail-smtpd setup doesn't do any reverse-DNS, IDENT, or paranoid lookups at all. And, surprisingly, the tiny bit of localized checking it *does* do has reduced my incoming spam and vermin to a (comparative) trickle. And by deferring external lookups until they're truly needed, one can more-quickly process incoming bounces even from valid hosts. I get tons of bounces (again, of joe jobs) from aol.com, and since turning off rDNS, IDENT, and paranoid lookups (in tcpserver), they are dealt with much more quickly, which makes both my system and AOL's happier. -- James Craig Burley Software Craftsperson <http://www.jcb-sc.com>
