On 12 Jan 2019, at 15:58, Nick Howitt wrote:
On 12/01/2019 16:42, @lbutlr wrote:
On 12 Jan 2019, at 07:52, Nick Howitt <n...@howitts.co.uk> wrote:
Unfortunately I don't have access to the MX Backup service. It is
provided by my DNS provider.
Honestly, you should not have an MX server outside of your control.
If your server is routinely down for several days, then you shouldn't
be running your own server.
OK. Let's assume I don't have an MX Backup. Then all 30k+ attempted
spam deliveries would have come straight to me.
Not necessarily. There are spammers who use backup MXs intentionally to
scam their own customers, since they can show "successful" deliveries
without regard to what ultimately happens to the messages. There is also
the possibility that this is an intentional backscatter-flood attack on
the putative senders, using your backup MXs to bounce a flood of junk at
them.
They would all have failed, initially because of unknown recipient,
then, when I added them to the access list, because of an denied
sender. What is the most efficient way of blocking these messages? Can
they be blocked earlier than smtpd_sender_restrictions?
Maybe.
If you use postscreen's pre-greeting data detection and a suitable set
of DNSBLs it is likely (if this is mostly spambots, which seems likely)
that you can keep a large fraction of them from ever talking to a real
smtpd
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Available For Hire: https://linkedin.com/in/billcole
