I have had other experiences with spammers. I suspect there is different spammers out there that spam in different ways. I once got a very irritating spammer that send a lot of spam, that was completely identical, had a identical color in the header and it was really obvious this spammer was the same person/company even if he spammed about lots of different subjects, everything from auto insurance to pills to earn money. Then I blocked his domain (blablabla.tld) in my postfix config, and had it set to reject.
Just a day after, he "started" spamming from a new domain, that was very similiar to the first. I knew it was the same person/company of the color. I kept on blocking, and the spammer kept on changing. Then I changed to DISCARD before blocking his new domain. Bam, that spam gone. I got a very few one with the same color in the header (before it was a few mails per hour), but eventually, it vanished. My log however, listed a lot of discards. So I suspect that was a spammer that have got some sort of "verified list" (eg, those high price adress lists that are known to be valid) and spammed a few, propably in the area of hundreds of mails, and had good handling for bans/blocklists/ and propably for greylisting too, to keep their head under the radar. So its just a tradeoff. Spam mails are today pretty small just to not trigger "huge-mail-alerts" so they consume minimal with bandwith and CPU cycles, but causes far much more "damage" in time spent for the user deleting the crap from the inbox. But I agree, that if you get those "regular" spammers that doesn't pay attention to RFCs at all, then its better rejecting it. -----Ursprungligt meddelande----- Från: Jim Reid [mailto:j...@rfc1035.com] Skickat: den 21 september 2016 03:36 Till: Sebastian Nielsen <sebast...@sebbe.eu> Kopia: Postfix Users <postfix-users@postfix.org> Ämne: Re: TLD blocking revisited
smime.p7s
Description: S/MIME Cryptographic Signature
