On Tuesday 18 Apr 2006 17:57, Marc Perkel wrote:
I'm basically trying to use every trick out there. Here's a detailed explation of everything I'm doing:
Interesting.
I'm processing about 1.2 million email attempts per day and passing 50,000 good messages on. And most all of it with a single computer that's a Dual Core Athlon 3800 with 4 gigs of ram.
But I'm always looking for new tricks.
We are slightly smaller.
I also use the spamhaus block list.
I've focused almost entirely on trying to reject at SMTP connection time on criteria other than content of email (with the exception of known bad file attachment types (.scr etc)).
I don't see the goal as stopping all viruses, or all spam, but deploying a system to make email liveable again, without burdening the users with additional folders etc. In many cases we are forwarding email on again.
Historically the greylisting was almost perfect, but it is easily defeated and that has started occurring recently.
http://www.debian-administration.org/articles/168
Would love to see so serious analysis of "HELO" based blocking. Whilst I tend to think it is a bad idea, if there are criteria I can exploit in identifying things that aren't genuine mail servers -- it fits the strategy.