Re: [EXIM] Exim wishlist: tar-baby / RBL / SPAM

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMTom at <-
.MTom at ->
Delete this message
Reply to this message
Author: Kuyper Hoffman
Date:  
To: exim-users
CC: tom
Subject: Re: [EXIM] Exim wishlist: tar-baby / RBL / SPAM
> > Our machine frequently takes fairly hard hits, admittedly not all of
> > that is Spam, and any protection would help.
>
> Like what? I have a mail server with a 17MB rejectlog for yesterday!
> Thats a hard hit.

Yup, ours is 22MB (nah-nah nah-nah nah-naaaah :-) with 4MB since 1am

> There is tuning you can do to minimize problems. The "reserve" stuff is
> good, to limit what external sites can do.

To that end my next step is to build a number of MX hosts around my
POP server so that the outlying machines do the slow and laborious
work of accepting mail from distant sites, then they can do a
thundering LAN delivery to the POP server.

> You should also limit maximum
> message size, and the maximum number of recipients per message.

Max Messages size was a very contentious issue. We have limted it
to 5MB to allow up to 2 1.44MB stiffies worth of MIME or UUENCODEd
attachments. Beyond that people must just use FTP.

When recipients_max_reject is set (and recipients_max is set to some
small number) what would the typical action of the remote mailer be?
Would it _immediately_ reconnect to deliver the next batch or would
it (if it were say, Exim) back off for a period of time first, as if
it had had a "connection refused"?

> > Anyone else have any thoughts?
>
> Yes, a dbm based system with two databases, "from", and "to". Upon
> receiving a valid SMTP "rcpt to", a counter in the "from" database is
> incremented for the sender address, and a counter in the "to" database is
> incremented for the recipient address.
>
> This means the "from" database will contain the number different
> addresses a sender has sent to, and the "to" database will contain the
> number of different messages a recipient has received.
>
> If the counters in either database exceed a certain limit, return a
> temporary error. Use a nice high limit that only a DoS would hit (5000
> should be fine for most sites).
>
> Simply delete the "from" and "to" databases once a day to reset the
> counters. 

I think we're all keen to hear what poor Philip has to say about all
these alleged new features? :-)
-- 
/ Kuyper Hoffman            / Vox:+27.21.658.8718 O/H GMT+0200 /
\ Kuyper@???        \ 
/___________________________/ FAX:+27.21.683.4695 24h FAX      /
\ SysAdmin Manager  UUNET Internet Africa         PO Box 44633 \
/ http://kave.iafrica.com/kuyper   Claremont 7735 South Africa /
\______________________________________________________________\


--
*** Exim information can be found at http://www.exim.org/ ***


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [EXIM] Exim wishlist: tar-baby / RBL / SPAMRe: [EXIM] Exim wishlist: tar-baby / RBL / SPAM->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)