Marc Haber wrote: > On Fri, 10 Nov 2006 22:12:25 +0800, W B Hacker <[EMAIL PROTECTED]> > wrote: >> But specifically NOT allowing pipelining (and enforcing sync) tosses off a >> whole >> 'nuther class of spambots. > > I have always thought that these were caught before PIPELINING was > advertised? Is it adviseable to switch off PIPELINING on the gateway? >
Well it is advertised with the banner, (or not) and selectable early-on, so.... A year ago, I'd have said 'heck YES' - as NOT advertising pipelining was logging quite a few arrivals where they just charged ahead and got hteir ashes tossed. Ironically including one bona-fide MSN server that was misconfigured for about a day (rest of their pool was OK). Today, I'd say 'can't hurt'. For the small/medium operator - where legit arrivals are not all that heavy, it imposes no significant end-to-end time penalty, and may help keep the RAM cleaner. An IPS with heavier concentrations of arrivals might feel differently. But 'bots have largely gotten better programmed, as I now see only a few cases per week where this has been triggered, despite a major increase in total arrivals. We do relax the rules once we recognize an auth'd client or 'family' MTA. YMMV, Bill -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
