Matt Zimmerman wrote: > Adrian 'Dagurashibanipal' von Bidder wrote: > > > A big part of the spam can be trivially blocked at the point where > > it enters the Debian servers, using DNSRBLs and other sensible > > restrictions. When it enters my mailer, it can not be trivially > > blocked as it comes from murphy.debian.org which is a mail server I > > want to accept mail from. > > A lot of legitimate mail can be trivially blocked this way, as well, > which is why it doesn't make sense to drop it on the server side.
My solution to this problem is to temporary reject the message but also keep a cookie identifing it. If the message is still being retried after a certain amount of time (e.g. 24 hours) then it is allowed. This technique has been very effective for me. A lot of spam is sent directly and is not retried. Open relays are often fixed before the time is reached. Spammers that connect directly cannot keep retrying for a long time. They need to hit and run otherwise the IP address they are using will be blackholed. Neil
