[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Thought I'd try out NoListing on one of my email servers today, (the one that handles my own drogon.net email!) so setup a new IP address and used a firewall rule to make sure all email connections to it would be rejected. Decided to log it too.
So in the past 6 hours, there have been 5872 connections to the IP address from 1323 unique IP address. Of these unique IP addresses, just over 100 made a 2nd attempt to connect into the mail server that was the lower priority MX record. (Which then does Greylisting and Spam Assassin in that order).
I suspect that if a spammer gets through the NoListing, it'll get through the GreyListing too, but in any case, GreyListing (& SA) require CPU & disk resources while NoListing doesn't.
So-far so good, and I'm applying it to all my customers who I hold DNS zone files for, who already use my GreyListing systems.
Looking at the list of unique IP addresses (sorted) - it's easy to see blocks of them from the same ISP...
It's going to be a bit of a disaster when the spammers cotton onto NoListing and Greylisting, but GL has held out for a few years now.. Lets hope it holds up for a few more...
Gordon -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html