cour...@lists.sourceforge.net wrote:
Well, I finally figured out why tarpitting isn't deterring
the SPAMmers
hitting my server. Every request appears to come from a different
IP. Over 3000 just today. This is why we need Greylisting in
courier. We need the equivalent of postgrey, which according
to it's home page:
"When a request for delivery of a mail is received by Postfix
via SMTP, the triplet CLIENT_IP / SENDER / RECIPIENT is
built. If it is the first time that this triplet is seen, or
if the triplet was first seen, less than 5 minutes ago, then
the mail gets rejected with a temporary error.
Hopefully spammers or viruses will not try again later, as it
is however required per RFC."
This has gotten bad to the point of making courier unusable -
the spammers are hitting up to the MAX connections, and no
courier feature slows them down. My users can't send mail,
because any new threads I make available are taken up by the spammers.
Any thoughts?
Thx!
-steve j
It is the same with using blocklist, or most other tricks do deter spammers
using a 5xx at the smtp-conversation. They'll just use another relay (IP),
though it seems they keep it to a maximum of about 5. Things like
Greylisting or Cialout / Callout would help, or at least lighten the load on
filters like SpamAssassin at the expense of more connects, DNS-lookups, etc.
Kind Regards,
Sander Holthaus
12 messages in net.sourceforge.lists.courier-usersRE: [courier-users] SPAMmers using mu...
