[nycbug-talk] spamd
George Georgalis
george
Fri May 20 19:15:37 EDT 2005
On Fri, May 20, 2005 at 11:54:07AM -0400, michael wrote:
>On Fri, 20 May 2005 11:05:29 -0400
>Ray <nycbug at cyth.net> wrote:
>
>> I use spamd exclusively and get about ten spam a day now. Before
>> that I got several hundred. If I used any other filtering methods
>> I could probably remove those ten as well, but it's come to a point
>> where it just doesn't bother me anymore. Simplicity is best.
>
>yea, I wasn't clear. I meant OpenBSD spamd (trap, pit, etc) as a
>replacement for all the other stuff I was doing. The above testimony
>was what I was looking for.
>
>My concerns are: Is spamd alone enough? By design, spamd delays email
>from first time senders. Is that acceptable to users in a coporate
>environment? Obviously, I would set up a white list of known senders
>to begin with.
I'm not to a point where I can try spamd yet, but I'm going to try it in
front of my existing (IP blacklist and content during SMTP) systems. I
think the grey list time is configurable, and given the graph of
disconnect times in the slide:
http://tiva.galis.org/tmp/img_4112.jpg
If you only grey list an IP for 75 seconds, most of the spammers will
permanently give up. So the real question is, how long before the
new ham shows up again? Qmail comes back to temporary failures with
exponential delays, so the first reconnects are not long at all. I don't
know how postfix or sendmail schedule their re-attempts.
But that's the rub. Do you really want to delay new senders, 2 or 60
minutes to reduce your spam load?
// George
--
George Georgalis, systems architect, administrator Linux BSD IXOYE
http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org
More information about the talk
mailing list