On Thu, Oct 09, 2003 at 01:19:00PM -0400, Vivek Khera wrote: > > While it is possible to reject at SMTP time, it is unlikely to get you > off of most spam sources, since they don't care about bounces or > having clean lists. Also, by the time you do this, you've already > wasted your bandwidth to receive the message for scanning. All you > save is having to queue the message before dropping it. > > Another issue is that if you get a significant volume of mail arrive > at once, you will crush your mail server since it has to process all > that mail "live". Ie, it cannot queue up the mail and scan at its own > liesure while controlling system load. > > What I do is use some strict SMTP-time checks on commonly forged > domains (aol.com, hotmail.com, etc.) and a handful of low-collateral > damage DNSBLs to reduce the amount of crap that gets in to the > filtering step.
Anybody here have any experience with the MTA-level checks found at http://www.securitysage.com/files.html ?? This stuff is Postfix-specific, and includes a bunch of patterns for various checks which purport to catch a lot of spam. The files may be updated daily. While it's true you're using incoming network bandwidth accepting some part of the email, it's possible that you save some CPU bandwidth, as the scanning is apt to be relatively lightweight. Also, Postfix is pretty good at load-shedding, which should limit CPU bandwidth absorbed. If anybody's tried them, I'm interested in knowning whether they're effective, to what extent they're prone to false postives and how much, if at all, they lower the burden of spam which is subsequently detected by SA. -- ----------------------------------------------------------------- Dan Wilder <[EMAIL PROTECTED]> Technical Manager SSC, Inc. P.O. Box 55549 Phone: 206-782-8808 Seattle, WA 98155-0549 ICQ UIN 216717075 ----------------------------------------------------------------- ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk