-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Joey さんは書きました:
~ SNIP! | | Any suggestions you have to help me reduce the load on the servers, | and the junk in the mailbox are welcome, and I can assure you I | will try just about anything as you can see by my blanketed IP | method which for reference has reduced spam by over 75%, and yes | blocked a few legit users. | | Joey | | I've read more of the messages subsequent to the one I replied to. I see that you have been pretty frustrated by the problem. I honestly can't see how you can do better with what you have. So perhaps it would help to do something different. Farming out your MX to a MX service with spam filtering will reduce the load on your servers. It isn't cheap, though. But is it saves you time and transfers the spam blocking duty to the service. This may be the best solution as it saves you time, traffic load and aggro. Fail2ban can be used with a blocklist by adding rules that block IP's when a blocklist returns a spam result. A dedicated firewall will take the load off your MX servers. If the IP is the target and not your domain, which does not seem to be the case, a VPS or dedicated server set up as your MX will help. In the case of dedicated servers, it's again not cheap. If your domain is the target I would be curious as to why. What makes it so attractive? Or is it a DOS, harrassment, or what? Did someone offend some spammer somehow? Perhaps the blocking method triggered a more concentrated effort on their part? Do you block connections by resetting them or by dropping them? Sending reset only results in more persistent connection attempts. Dropping connections tends to cause hosts to give up trying after a short time. If they are concentrating on you because of your blocking policy, it may help to let some connections succeed and deliver the known spam to the bit bucket instead of users. Spammers don't care whether or not you read their spam--it's the delivery that counts and pays for them. I suspect that spammers may be concentrating on your domain because you are blocking so much. If you allow most connections and drop the spammers using various rules from blocklists, SPF, DKIM and so on, the number of connections attempts will probably decrease. If you can't handle the tens of thousands of connections per hour, hire an MX service for a while until the traffic goes down, which it hopefully will. I can see no way of totally eliminating spam traffic, except at the source, with a Special Force. :) It's not going to be possible to 100% eliminate spam and only spam any other way. == ~ jd -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFI+2XXhpL3F+HeDrIRAtUXAJ9L5KOcCntiI/rc3D3Wi1Ma5bELeQCfepFN uUMtLz9bDiWmm61xj554m6A= =WKkY -----END PGP SIGNATURE-----
