North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Large Mail Provider Throttling
Edward Gray wrote:
You might want toTo protect ourselves from delayed mail, we have implemented several system wide rules to block Autoreplies and Undeliverable messages from being sent to the large providers. Unfortunately, this has resulted in many complaints from customers (since it's all or nothing). We have so far, left these rules enabled 24x7 since, the system already becomes degraded by the time we realize an event is occurring.
* Use a mailserver that can reject rather than bounce email (that is, a mailserver where the smtpd process has a view of the userdb)
* Use a "current spam source" blocklist like cbl.abuseat.org, as well as a good open proxy blocklist like opm.blitzed.org
* Set up spamassasin to trash rather than later bounce email that does get through your filters, and has a high enough spam score.
* Do some HELO filtering (HELO hotmail.com from an IP with rDNS that doesn't say hotmail? HELO your.own.ip or HELO your.own.domain from an untrusted IP that you don't relay for / that someone hasn't authenticated from? REJECT) :)
* I'd add that a simple header check to reject (or preferably, discard) any mail with the string ".mr.outblaze.com" in any Received: header will get rid of a lot of spam for you.
There are a few other things, but these will be off topic here. Please feel free to mail me offlist.
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations