pf at alt-ctrl-del.org put forth on 4/10/2011 10:33 PM: > My thought on auto combating this is to use a CIDR list to kick these > networks (and only these networks) over to a greylist policy that delays > these emails for 4+ hours. By then, most of the bad IPs would be listed > in one or more RBL and be blocked. > > So, has anyone else already done something like this?
Why bother with this complex greylisting setup? Simply hammer the big blocks with a CIDR entry and whitelist individual IPs in the range from which you need legit mail. If such IPs are used to send both snowshoe spam and ham, that's a human shield tactic, and deserves permanent blocking, FOREVER. If anyone complains, lay the full skinny on them as to why. I.e. lay the blame at the proper feet, and direct complaints at the guilty. Life is too short to waste _your_ valuable time playing whack-a-mole with spammers, isn't it? We don't live in a totally "collateral damage free" world. People must get used to this. -- Stan
