I'm looking for a solution to improve my mail service. Even tough I use RBL to block spam sources, which leads to more than 90% of incoming connections being refused, the problem is that the 5 RBL servers take too long. As you can see in this graph: http://img15.imageshack.us/img15/6602/smtpadday.png it reaches critical levels. In my first approach I used iptables to block new connections from RBL's reject addresses for 24 hours but then I found it to be highly CPU consuming.
Now I'm thinking to implement my own RBL server and add to its database all the addresses rejected by the external RBL servers. I'm assuming that if the first RBL server refuses a connection, none of the following RBL servers are even checked. Is this assumption right ? Thanks in advance.
