[ Date Index ][
Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]
Luke wrote: > > Well, there is one thing that's worse - sending such emails to Charles > Booher, the man for whom the phrase "spam rage" was invented. We had a case of spam rage today, although in this case it was limited to the user sending us a complaint several dozen times over. I suspect either he used the email address for something public, or it was harvested from our mail servers by guess work. Loaded up the spews list 1 into the mail server for test purposes, and before the kernel wimped out in distaste at the large ipchains, we dropped from 66 concurrent mail connections to 7. The limited amout of logging suggests we lost a lot of spam, hard to say if we delayed much real mail (we were only testing). Certainly suggests the vast majority of mail server activity is just handling spam, and it's side effects, genuine mail is so meagre in comparison. >From a technical perspective the current mail load isn't causing serious problems, but it leaves a bad taste in the mouth. Whilst it is only a small part of the load, the spammers in 69.6/16 are a big part of the false negatives from spam assassin, and I'm tempted to stick with blacklisting chunks in this range for email despite blocking IP addresses going against my usual feelings on the topics. Now if I could get a good test for a compromised Windows box to plug ito sendmail I coud kill 90% of the rest of the spam. But even the rule don't accept email from boxes listening on port 5000 or port 707 would incorrectly reject stuff from the Internet Chess servers potentially.
Attachment:
pgp00011.pgp
Description: PGP signature