At 3:47 PM -0600 2/20/02, Jerry Pasker imposed structure on a stream of electrons, yielding: >(Long posting ahead...)
many snips ahead... [...] >An idea for the spamtrap (and this could be used in Communigate Pro, >too) would be to have it add the host that was spamtrapped to the >Temp Banned list, but for something longer than 1200 seconds. 86400 >seconds comes to mind as a good number. I see spamtrap hosts >usually sending one spam, being rejected as a spamtrap, then >opening up another connection later to send the email. On Feb 17th, >my SIMS server had 165 spamtrap rejections. ALL OF THEM were for >Spamtrap addresses (or aliases) only. The hosts that were rejected >just came right back and spewed spam later (usually under 5 secconds >later). Not a single spam sent to a real address was stopped do to >spamtraps. I like it. I'd love to see a tunable TempBan time and broader application. I might like this: Hit 5 bad addresses: 3600 sec. Hit a spamtrap: 14400 sec. 3 or more 500 responses on a session: 86400 sec. The last could deal with the idiot spammers who ignore 5xx responses to the DATA command, and proceed to send the message anyway. >I'm not sure if the flowgo.com domain is problamatic spam or not, >but I see that domain in my logs all day long being TempBanned, and >tripping spamtraps. If it *WAS* a legit spammer, I would only >assume than it'd be listed in an RBL. Still, I've never had a >single complaint about blocked email from this domain.... They are a full-open no-limits spam operation. Your complaint may be the last straw if you send it to their upstream: [EMAIL PROTECTED] Or maybe not. AboveNet isn't as tough as they used to be. [...] >I've always run a secondary mail exchanger for my domains, but I'm >wondering if it's really all that necessary since any respectable >sending host will retry later, and I might just come out ahead in >less spam. Try this: my.domain MX 5 primary.mail.server my.domain MX 10 secondary.mx.server my.domain MX 20 another.name.for.primary.mail.server Spammers have learned that backup MX's accept more spam. Making your primary a 'tertiary' server as well gets them to try it first instead of the real backup. That said, the need for a secondary is less these days. It makes sense when the routing mesh between you and the world is tenuous and sparse. It makes sense to put an MX in the nearest well-connected network if you are based in China or Botswana and frequently see 'I can get HERE but not THERE' symptoms. It is of limited utility to most .us and .eu locales. -- Bill Cole [EMAIL PROTECTED] ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
