Autor: Marc Perkel Data: A: exim-users Assumpte: [exim] SPAM and BACKUP SERVERS - The Tricks I'm Using
I've noticed that a lot of spammers try to send spam to the highest MX
record thinking that it has the least amount of spam protection. In my
case the opposite is true. Here's a trick I use that I'll share with
everyone.
There's a lot of spam I reject at SMTP time because it's clearly spam.
Then - there's a lot of email I come real close to rejecting at SMTP
time because they are blacklisted somewhere - but the blacklist has too
many false positives to just reject them. So I add a warning header and
let the bayesian filter chew on it.
But - on the BACKUP SERVER - on the lesser accurate blacklists I return
DEFER - making them go away. My reasoning is this. If the main server is
up - almost 100% of all traffic to the backup server is spam. If the
main server goes down then the backup server will accept real email and
defer questionable email. If the questionable email is real then it will
eventually be delivered to the primary mail server. So no real mail is
lost. Just some questionable mail might be delayed for a while.
But - on the up side. Spammers who are listed in the looser lists who
are trying only the backup servers get defered and don't retry. So this
email doesn't have to be processed.
So far this is working pretty well. I invite comments.