On Thu, Jan 20, 2005 at 01:47:12PM -0500, Matt wrote: > Ahh ha! Got it.. it seems to be domains that either the name servers > are not responding.. or the domain doesn't exist yet.. for instance: > > debug: DNS MX records found: 0 > > Is there anyway to get around this? It seems to hang and do this > twice for long enough to delay the system... any thoughts?
Two things. You can change the timeout in spamassassin's configs, but some spammers did something which made the situation worse. They created lots of subdomains and redirected all mail for them to MTAs of (what we saw) 'saveinternet.net' They defined correct DNS entries and MX Records, but then filtered completely all IP-Traffic to /dev/null. So *every* try to *really* access them goes into timeouts and bogs down the mailserver. I Assume they do it to get rid of MTAs which try to confirm their sender addresses. So IF you get mail from such spammers you either get slowed down by the timeouting confirmation-tests, or you get your queues 'bloated' by bounces. The only thing we could do, was to create a fake DNS-Table in our local DNS-Server (locally for the MTA-Host) and let the MTA believe the whole Domain is completely empty. So the MTA assumes there is nobody to reach and drops the Mail instantaneously. (20% less load on the MTA since then) Yours Stucki -- Christoph von Stuckrad * * |nickname |<[EMAIL PROTECTED]>\ Freie Universitaet Berlin |/_*|'stucki' |Tel(days):+49 30 838-75 459| Fachbereich Mathematik, EDV|\ *|if online|Tel(else):+49 30 77 39 6600| Arnimallee 2-6/14195 Berlin* * |on IRCnet|Fax(alle):+49 30 838-75454/
