Anyway, IMHO with SYN throttle you would only be rate-limiting the zombies, I would rather they stopped sending spam completely..
What I don't understand is how making them use the ISP server stops them from spamming any more than rate-limiting direct port 25 connections. Why do the packets need to be reassembled in an MTA and stored and forwarded? What does that step buy you?
