Hi > For some months now we have used a HELO ACL to delay by > 35 seconds all connections with suspicious looking HELOs.
Looks a little long for me. > This is very effective at reducing the amount of spam that > our servers receive, while not preventing "real" > email getting through, because much of the current spamming > software seems to drop the connection during the delay period. That's not what I am seeing. However, a lot of spammers don't wait for the servers hello. So I have 5s delay AND synchroization enforced and I see a lot of > 554 SMTP synchronization error And those (propable spammer) connections are then dropped *on my side*. > As our mail volumes get higher, however, I am beginning to be > concerned about the load that all these delayed connections > will place on our servers. At the moment it does not appear > to be an issue, but I am looking for advice on whether or not > it is likely to become a problem. I would not think this is such a big problem as long as you allow pipelining. (Delay then only occurs for the first mail.) That may interfer with greylisting though. Regards, Steffen
smime.p7s
Description: S/MIME cryptographic signature
-- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
