- Previous message: Erwan David: "Re: Force Auth by domain"
- Maybe in reply to: Len Conrad: "posfix SAV tarpitted"
- Next in thread: Len Conrad: "RE: posfix SAV tarpitted"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Sheldon T. Hall (no email)
Date: Sat Oct 01 2005 - 14:46:12 EDT
Quoth Len Conrad ...
> One of my clients IMGate/postfix boxes, which does inbound-only MX
> work, has been tarpitted by numerous IPs in these Class Cs:
>
> The Class C are:
>
> 204.9.240
> 204.9.241
> 204.9.242
> 204.9.243
> 204.9.244
> 204.9.245
> 204.9.246
> 204.9.247
>
> which are also found here:
>
> http://www.spamhaus.org/sbl/sbl.lasso?query=SBL21043
>
> afaics, when postfix smtp SAV calls those IPs, the smtp session is
> held by the other end indefinitely, some kind of heart-beat that
> keeps postfix smtp from timing out.
If you put SAV very late in your restrictions, after the RBLs and whatnot,
you will have much less of a problem.
SAV is a very expensive check, more so than RBLs, and much more so than any
local check. I have found that making the local checks, then the RBLs, then
greylisting (if you use it), then SAV makes for a pretty smooth process.
Most spam won't even get to the greylisting stage, much less SAV.
I also whitelist anyone to whom any of my users sends anything, and let
whitelisted senders skip greylisting and SAV.
YMMV, of course.
-Shel
|
|
|