> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of mouss > Sent: Monday, October 13, 2008 4:34 PM > To: postfix-users@postfix.org > Subject: Re: Finally blocking some spam > > Joey a écrit : > >> -----Original Message----- > >> From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] > >> On Behalf Of Zbigniew Szalbot > >> Sent: Monday, October 13, 2008 12:06 PM > >> To: Postfix users > >> Subject: Re: Finally blocking some spam > >> > >>> I am still using spamhaus at the RBL level wouldn't that be the same? > >>> I am trying to reduce overhead by getting it at the point of connection > > at > >>> the firewall level. > >> We run a large subscription service. It happens that our server is > >> located in Poland. Thanks to your policy, your users won't be able to > >> receive what they want if they want it. I just can't comment on the > >> brilliance of such a solution. > >> > > > > Hi Zbigniew, > > > > If a client tells us of their problem getting email from anyone we are happy > > to whitelist any IP's they validate, but we have none at this point. > > > > In all likely hood we won't have anyone who should receive legitimate email > > from Poland ( no disrespect to anyone ). > > > > On another note " brilliance of such a solution" is in the eye of the > > beholder. > > > > You feel like we are doing you a disservice unintentionally because we may > > be blocking your IP, but in reality the other people in Poland who are > > exploiting the internet are to blame. :( > > > If I trust my today logs, my postfix rejected 6 times more clients in > the US than in Poland. (a little more US/PL yesterday, 20 times more > US/PL the day before!). You said? > > > > > > [snip]
I agree with you and that may be the case for us as well in respect to US spam. I can only tell you that in 4 days we have blocked at the firewall level ( on only 1 server ) 161,166 connections from Poland 1,184,747 connections from Turkey 418,162 connections from Russia 53,656 connections from Czech 1,613,636 connections from Asia 129,428 connections from UK Just for reference on one of the other servers 2,193,894 connections from Turkey. I don't think anyone can argue that these numbers are not the pattern of NORMAL servers, or of legit email. We maybe support 400-500 users total! No way 1 Million legit messages are coming in from Turkey today, this week or even this month. YES I am clumping some potentially legit people into that number, no question. Without me spending a ton of money, or resources I would be open to suggestions understanding that I already use more RBL's than most people, I have many rules like reverse DNS, SPF, FQDN etc and am loosing the battle. I have RBL's who want to charge me if I make too many queries ( thats fair ) and we don't have the money to pay for them. If there were more lists like http://www.okean.com/ I would use those without fear of FP's and without offense to the majority of people providing legitimate services out there who are just like us. I didn't mean to share the info and start a flame... but I am happy to listen to ideas and even try them out. As you can see I am pretty animate about getting stats in justifying what I do, and what I implement insuring it's worth it and it works. Believe me I don't want 10 phone calls a day to try and track why someone isn't getting their email from Japan or anywhere else. My ears are open and ready for suggestions! Joey
