On 10/22/2013 10:27 PM, Robin wrote: > On 10/22/2013 3:22 PM, Noel Butler wrote: >> But I agree with you on the rest, since of those 500K IP's Marc claims >> to have I'd bet that 99% are hijacked innocent pc's/servers, and of >> them, >75% would likely be a one time usage. > > This accords with our own statistics. While it IS tempting to treat > every IP# that "spams" or hits you with a port-scan as something worthy > of blackholing, the reality is that the vast majority of the attempts > are from "innocent" victim hosts. > > Now, there's little doubt that MOST of these are not legitimate MTA > endpoints, and so "shouldn't" be issuing email directly to your MX > hosts. SPF + OpenDKIM are great...
The OP is discussing possibly blocking *IMAP* connections, not SMTP. -- Stan
