I agree with what Grant said. Also, I wonder how much greylisting would help, and if you were already doing that. The data I posted is for a machine that already does greylisting in general, with varying times depending on inclusion in various RBLs and local data.
I find that delaying connections from unknown places even 2 minutes helps a lot.
signature.asc
Description: PGP signature
