[COLUG] another anti-spam link
Rob Funk
rfunk at funknet.net
Thu Nov 29 08:46:49 EST 2007
Duane wrote:
> Let me get this right, you advocate the use of RBLs, but not something
> that works in a similar fashion? :)
I like RBLs, but only RBLs that list actual spammers (and have a mechanism
for getting off the list when you've mended your ways), not RBLs that
list dynamic addresses. Basically I'm very much an
innocent-until-proven-guilty kind of guy.
> Which if I understand correctly adds a tar pit option to postgrey, and
> if they hold the connection open for x seconds/minutes (defaults to 65)
> it accepts the mail rather then delaying it, but also delays it if they
> drop out before the tar pit timeout.
I've never been a fan of tarpits since they tie up my machine's resources
in creating the tarpit. But waiting a minute or so might be reasonable.
> Actually he has a pretty graph on his site, at 65 seconds tar pitting
> with postgrey he claims (july '07) 93% of spam was stopped, but at 121
> seconds it stopped what looks like 100%.
I wouldn't go two minutes; that's getting into dangerous territory with
legitimate SMTP clients and, in the worst, case bad interaction with
slowdowns caused by your own server load.
RFC 2821 recommends client-side timeouts of at least 2-10 minutes
(depending on SMTP stage), and server-side timeouts of at least 5
minutes. http://rfc-ignorant.org/rfcs/rfc2821.php#section4.5.3.2
So a client may start to have problems, at least at the DATA stage, if
your server makes them wait two minutes.
--
==============================| "A microscope locked in on one point
Rob Funk <rfunk at funknet.net> |Never sees what kind of room that it's in"
http://www.funknet.net/rfunk | -- Chris Mars, "Stuck in Rewind"
More information about the colug432
mailing list