<[EMAIL PROTECTED]> writes:
> By the time the packet hits badmail from you've already done a lot of work
> to just reject the connection.
>
> Filter it as soon as possible. BEFORE it get to you SMTP port.... so you
> don't have to spawn an ident child, then a qmail-smtpd then reject the
> packet. I'm not sure of exactly how far up the chain you would go to
> finally get to the badmailfrom file..... but it has to be slower than
> ipfwadm.
However, rejecting the mail explicitly rather than appearing to be
dead is often better.
If you reject the mail, perhaps a postmaster somewhere else on some
open relay mail server will get a full mailbox instead. That's the
quickest way to get an open relay shut down.
--Michael
