On Friday, March 18, 2005, 2:13:23 PM, jdow jdow wrote:
From: "Yang Xiao" <[EMAIL PROTECTED]>
Hi all, I've been noticing it lately that almost 90% of emails come in through our secondary MX host are spams, I just want to know if there's an explanation for this, my guess is that the spammers spam the secondary MX host intentionally for some reason I can't understand, maybe hoping the secondary host will configured with less care?
Wow, it's been awhile since this floated through the list the last time.
The theory among the spammers is that the secondary and tertirary MX machines are less well protected. "They're backups, afterall. They're not used every day."
Most canny anti-spammers are aware of this and may actually have the secondaries nailed down a little tighter than the primaries.
We're applying more RBLs to our backup server than our primary MXer.
What was the trick for making a mail server delay or reject
responses the first time an IP connects? I've heard this is very
effective against spamware/zombies, etc. We're using Postfix, so
this is definitely off topic.
Jeff C.
I think you're thinking of Greylisting.
It'll reject mail from a certain triple (sender/receiver/ip) the first time it comes in, record it in some form (database/filesystem/etc) and apply certain time delays so if the mail from the same triple comes back after a specified timeout, it'll be accepted.
alan
