Child pages
  • OtherTricks

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: converted to 1.6 markup


No Format  10 20

Wiki MarkupDetail can be found at \[ _tarbaby Project Tarbaby\]


Instead of a 2nd fake MX you can use greylisting, which returns a temporary "Come Back Later" error for users currently not known. It has the advantage of helping you on the primary MX directly, and rejects about 60% of the connections here. This is because spammers only try to send once, and if there is an error, they drop it. Real mail servers retry later.


No Format
# Sleep 5 seconds for each opening session
smtpd_client_restriction = sleep 5, <other restrictions> 

Policy Daemons


Some MTAs such as postfix 2.1 and later can delegate a spam/ham decision to a policy server at any stage, i.e. before DATA or after. Before DATA, i.e. at RCPT TO stage has advances in such, that multirecipient mail remains intact and that it is possible to let the user decide whether or not to use the policy daemon. One example with greylisting, throttling, etc pp would be policyd: another example, which acts like a mini-SpamAssassin but before the content has been received (i.e. at RCPT TO stage) would be policyd-weight: \[\]. Both can drastically reduce your bandwidth and CPU-Cycles and other MTA resources.

Whois Records

There already exists a plugin to create rules based on country of origin, but this can be a rather blunt tool. contains a (freely available) CSV file mapping netblocks to owner/country. This makes it easy to, for example, match all dialup users from a particular country, all IP blocks belonging to a particular country etc. You can then either score these with Spamassassin, or add them to your firewall.

See Also


\[wiki:ExperimentalTheoretical Experimental and Theoretical\] ideas for getting rid of spam.