Very quick summary...
We basically depend on the reject rules to lose spam. We do not block
particular hosts (other than for short periods in particular circumstances
- and those have either been misconfigured US box throwing gigabytes of
mail at us, or a customer of ours who sent a mass-mailing after a warning
and so I blocked their complete network). I also don't like forcing an
extra reverse DNS lookup per incoming connections.
I have an @@ format file - ie aol.com : ^\d{8}$:nextaddr
However I make a fair bit of use of the >tag syntax to apply a set of
basic rules to almost everybody. I do db lookups for everything as a
matter of policy... it would be interesting to see if that ends up costing
me more for some things....
We use the RBL for warnings.
We have a set of filter rules which pick up on number of recipients (one
rule for most people, another for the null sender with a lower limit),
however there is also an exceptions list for people we know legitmately
send large messages. We also pick up on a few message header magics for
spam detection. The filter *never* drops anything. If it triggers it
freezes the messages and someone has to deal with it.
Obviously different sites have different working practices and
requirements....
Nigel.
Nigel.
--
[ Nigel.Metheringham@??? - Systems Software Engineer ]
[ Tel : +44 113 251 6012 Fax : +44 113 234 6065 ]
[ Real life is but a pale imitation of a Dilbert strip ]
--
*** Exim information can be found at
http://www.exim.org/ ***
