Large Mail Provider Throttling
Suresh Ramasubramanian
suresh at outblaze.com
Fri Jan 23 02:15:16 UTC 2004
Edward Gray wrote:
> To protect ourselves from delayed mail, we have implemented several
> system wide rules to block Autoreplies and Undeliverable messages from
> being sent to the large providers. Unfortunately, this has resulted in
> many complaints from customers (since it's all or nothing). We have so
> far, left these rules enabled 24x7 since, the system already becomes
> degraded by the time we realize an event is occurring.
You might want to
* Use a mailserver that can reject rather than bounce email (that is, a
mailserver where the smtpd process has a view of the userdb)
* Use a "current spam source" blocklist like cbl.abuseat.org, as well as
a good open proxy blocklist like opm.blitzed.org
* Set up spamassasin to trash rather than later bounce email that does
get through your filters, and has a high enough spam score.
* Do some HELO filtering (HELO hotmail.com from an IP with rDNS that
doesn't say hotmail? HELO your.own.ip or HELO your.own.domain from an
untrusted IP that you don't relay for / that someone hasn't
authenticated from? REJECT) :)
* I'd add that a simple header check to reject (or preferably, discard)
any mail with the string ".mr.outblaze.com" in any Received: header will
get rid of a lot of spam for you.
There are a few other things, but these will be off topic here. Please
feel free to mail me offlist.
srs
--
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations
More information about the NANOG
mailing list