Sure Alan, Below is my entire glst.conf The main Tweaks were related to the large MTA pools - yahoo, hotmail, etc. I ended up rounding everything to /24 bit with some exception to larger networks (see Bigpond and Optus Australian ISPs) I also excluded a whole heap of networks for familiar or trusted MTAs - for mailing lists primarily. I also reduced the block time (timeo) to 7 minutes, because 60 minutes was too long and most spammers were not retrying anyway, so 1 minute or 60 minutes was about the same. I just analysed my historical logs for IP addresses and trends; then after glst implementation, I watched the glst filter rejections and saw the IPs and trends and adjusted the mnet and xnet parameters. After some complaints I reduced the timeo. This process took an hour or so each day for a few days . I also use in server.tab "SMTP-MaxErrors" "3" So that if I get dictionary attacked, then that door is closed too. And the other key ingredient in server.tab "CustMapsList" "list.dsbl.org.:0,relays.ordb.org.:0,sbl.spamhaus.org:0,bl.spamcop.net:0" I haven't checked recently if all the lists are active, but I've had no reason to. I get _very_ little spam with this setup. Rob :-) <glst.conf> rejmsg=451 4.7.1 Please try again later generr=0 rejerr=3 timeo=420 exptimeo=3110400 lametimeo=28800 # Round all networks to match on ranges of 256 (last octet=*) mnet=0.0.0.0,0.0.0.0,255.255.255.0 # BigPond - go for match on first 2 octects only mnet=144.140.82.0,255.255.255.0,255.255.0.0 mnet=144.140.83.0,255.255.255.0,255.255.0.0 mnet=144.140.92.0,255.255.255.0,255.255.0.0 mnet=144.140.93.0,255.255.255.0,255.255.0.0 # Optus - go for match on first 2 octects only mnet=211.29.132.0,255.255.255.0,255.255.0.0 mnet=211.29.133.0,255.255.255.0,255.255.0.0 # Hotmail mnet=65.52.0.0,255.255.255.0,255.252.0.0 mnet=64.4.0.0,255.255.255.0,255.255.192.0 # Yahoo mail mnet=68.142.200.0,255.255.252.0,255.255.252.0 # mailguard.com.au mnet=70.84.0.0,255.255.0.0,255.252.0.0 mnet=66.235.184.61,255.255.255.255,255.255.255.0 # Exclude the following networks # Local xnet=127.0.0.1,255.255.255.255 xnet=10.0.0.0,255.0.0.0 xnet=172.16.0.0,255.240.0.0 xnet=192.168.0.0,255.255.0.0 # IMC xnet=203.202.100.224,255.255.255.224 xnet=203.202.8.0,255.255.255.0 xnet=203.41.11.128,255.255.255.192 # @lists.techtarget.com xnet=65.214.43.171,255.255.255.255 xnet=65.214.43.172,255.255.255.255 xnet=65.214.43.174,255.255.255.255 # @list.novell.com xnet=130.57.1.68,255.255.255.255 # @australiancu.com net=203.58.62.33,255.255.255.255 # @cav.asn.au xnet=210.0.98.129,255.255.255.255 # @list.cramsession.com xnet=63.146.189.86,255.255.255.255 # @newsletters.online.com (cNet) xnet=206.16.1.130,255.255.255.255 xnet=206.16.1.131,255.255.255.255 xnet=206.16.1.161,255.255.255.255 xnet=206.16.1.162,255.255.255.255 xnet=206.16.1.190,255.255.255.255 xnet=206.16.1.191,255.255.255.255 # @nww.hdsmail.com xnet=66.37.227.193,255.255.255.255 # @qff.qantas.net.au xnet=210.9.188.147,255.255.255.255 # @groups.yahoo.com xnet=66.94.237.0,255.255.255.0 xnet=66.218.66.0,255.255.255.0 xnet=209.73.160.0,255.255.255.0 xnet=216.155.201.0,255.255.255.0 # @myfamily.com xnet=66.43.22.191,255.255.255.255 xnet=66.43.22.192,255.255.255.255 # @xmr3.com xnet=205.183.255.0,255.255.255.0 # @newsletters.online.com xnet=206.16.1.131,255.255.255.255 # @ebay.com xnet=66.135.215.0,255.255.255.0
</glst.conf> _____ From: Alan D. Snyder [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 14, 2006 11:18 AM To: Rob Arends Subject: glst changes? Rob - what changes did you make to glst? care to share 'em? Thanks, Alan - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
