How did you setup your spamtrap address with postfix.. Do you have them delivered after they are scanned by spamassassin or do you scan them and send them on from there? If you bypass SA, how are you doing that?
If you don't mind, what tarpit settings are you using? I am using the following: smtp_error_sleep_time = 3s smtp_soft_error_limit = 1 smtp_hard_error_limit = 15 smtp_junk_command_limit = 50 smtp_recipient_overshoot_limit = 500 smtp_recipient_limit = 300 Thanks! -Brent -----Original Message----- From: Jerry Durand [mailto:[EMAIL PROTECTED] Sent: Friday, June 15, 2007 12:32 PM To: users@spamassassin.apache.org Subject: Re: Innovative Host Blacklisting Idea On Jun 15, 2007, at 9:06 AM, [EMAIL PROTECTED] wrote: > A simpler approach might be to blacklist senders that try multiple > non-existent recipients, regardless of mx priority > In Postfix I tarpit after the first bad recipient and eventually disconnect. That's cut things down quite a bit. > BTW: at one time I was quite happy with some pre-filtering on my > private mail (which is fetchmail ultimately feeding to SA) until I > found that SA would no longer recognize some spam in the bayes > section. So, if capacity permits, it might be a good idea to feed (a > random sampling of) pre-filtered spam to sa-learn I have a few spamtrap addresses that feed directly to sa-learn. Seems to work pretty well. Now to deal with the companies that send out billing, etc. through a third party that uses the original company's return address but third- party servers. I even had to explain SPF to an anti-virus company, not sure it they got it.
