[TriLUG] spam attack help?
dave at logicalgeek.com
Wed Apr 2 10:58:30 EDT 2008
Greylisting, while not perfect, has reduced my spamassasin workload by
98%. It kills the winders zombies like a headshot from a 12 gauge.
Cristóbal Palmer wrote:
> Hi folks. Anybody seen a huge spike in spam volume in the last few
> days? I'm responsible for mail at ibiblio and since yesterday
> afternoon our mail log has been growing at a rate of 1MB every 17
> seconds or so. So... what do you suggest to help reduce load? I'd like
> to reject more at SMTP time to keep spamassassin from having to chug
> through any more than it needs to.
> Current restrictions include (but are not limited to):
> smtpd_helo_restrictions =
> smtpd_sender_restrictions =
> we don't currently use any RBLs at SMTP time for philosophical
> reasons... maybe principal should go out the window when under attack?
> Maybe we should be doing greylisting? I use greylisting on other
> systems, but we've been avoiding it on this machine for several
> I'd appreciate feedback offlist and on.
More information about the TriLUG