[Cialug] damn spammers
Dave Weis
djweis at internetsolver.com
Wed Nov 7 10:21:38 CST 2007
Tom Pohl wrote:
> I used to have load issues until I started dropping SMTP connections up
> front based upon spamhaus' blocklists. I've found that the PBL (Policy
> Block List) rejects really well for the bot networks running from
> residential broadband users. Lots of ISPs are listing their residential
> users in the list. I've found that I'm rejecting about 50% of incoming
> SMTP connections immediately easing the load because it won't allow the
> sender to send a message (my average for the past 24 hours in 10 min avg
> Allow: 6656.0 Deny: 6353.0). The biggest drawback is that it blocks the
> sender even before any SMTP AUTH attempts, so you need to use an
> alternate port for users who need to relay mail through the server if
> they're coming from an dynamic ip range listed in the PBL.
We are using the zen.spamhaus.org list that combines pbl, xbl, and sbl
into one list. It's working very well on our other servers. This
particular one doesn't even get to the point where the lookup is done
because the fake addresses are dropped earlier.
More information about the Cialug
mailing list