Am 26.03.2016 um 05:56 schrieb Bill Cole:
That implies that you are probably underutilizing spam-control measures in your MTA. I manage a diverse set of mail systems running multiple MTAs and in all cases the most effective anti-spam measure against ALL spam is delaying the initial greeting banner, which is a mandatory option for a MTA to be fit for use exposed to the modern Internet. Later in the message you say you use Exim, which I believe has such a feature, but I am not sure of that. The ideal delay to use is a matter of debate because apparently the subtleties of how the delay is done matters, but 5 seconds is usually a reasonable delay to catch most spambots and you don't start to really impair valid mail due to delays until you go above 15s
5 is too short - for completly broken but non-spam-clients it's anyways too long (there is a idiot company in austria selling sender verification software to their customers which does pre-greeting after 0.3 seconds and then pretend the sender don't exist)
in jannuary 2015 we had a week or so with 250000 attenpts per day and by raise the value to RBL rejects dropped down by 80% and changed to "HANGUP"
[root@mail-gw:~]$ grep -c "HANGUP after" maillog 223033 [root@mail-gw:~]$ grep -c "HANGUP after 9" maillog 982 [root@mail-gw:~]$ grep -c "HANGUP after 10" maillog 13167 [root@mail-gw:~]$ grep -c "HANGUP after 11" maillog 54190
signature.asc
Description: OpenPGP digital signature
