I think the only answer is a good multilayered approach. Use a couple of
good RBLs. Then make sure you are doing all the checks on headers etc. Then
into spamassassin. The next step is to use fail2ban, so that any particular
IP can only be used by them a couple of times before being blocked at the
firewall. This has limited usefulness tbh, because they are not using their
own machines. What I have done is to research addresses and found that
there are certain ISPs that keep appearing in spam but not ham. I then log
and block them.
It is a bit time intensive the last steps, As always, it's a trade-off
On 16 February 2014 20:52, ed <ed-bitfolk@???> wrote:
> On Sun, Feb 16, 2014 at 03:13:44PM +0000, Gavin Westwood wrote:
> > [...]
> > Can any one provide some hints for IPTables rules or Exim config to rate
> > limit my SMTP ports without interfering too much with normal mail
> > operations? Alternatively, any suggestions to help Spamassassin process
> > quicker/better?
> > [...]
>
> Not for SpamAssassin, but have you thought about using one of the RBLs?
> Then you'd block potential junk before you start spending CPU time on
> bayes filtering.
>
> Alternatively, you could try greylising, 4xx the sending mail server IP
> for thirty minutes on the first mail seen from it, then allow it. Often
> this helps as most exploited spam sources don't queue.
>
> --
> Best regards,
> Ed http://www.s5h.net/
>
>
> _______________________________________________
> users mailing list
> users@???
> https://lists.bitfolk.com/mailman/listinfo/users
>
--
Keith Williams
Keith's Place
www.keiths-place.co.uk
Tailor Made English
www.tmenglish.org
West Norfolk RSPCA
www.westnorfolkrspca.org.uk
