Author: Tony Godshall Date: To: exim-users Subject: Re: [exim] slowing spammers with iptables -m recent
According to Marc Sherman, > Lasse Birnbaum Jensen wrote: > >
> > Either you forward many messages, or your server is an open relay.
> > Normaly the "Unroutable address" only comes when the server til
> > forwarding/sending.
>
> That's not at all true. He's rejecting bogus addresses from spammers in
> the RCPT ACL, like any properly default-configured exim server will.
>
> $ zgrep "Unrouteable address" /var/log/exim4/mainlog* | wc -l
> 645
For many years my domain (hosted elsewhere) just accepted
messages to made-up addresses and I treated them as spamtrap
and fed them to the bayesian filter as spam. I only started
rejecting bad addrs after I started hosting my own domain.
It works well (thanks Exim authors! thanks Debian maintainer!).
What I'm looking to do now is prioritize legit SMTP traffic
(few or no bad-dest) over likely-spam smtp (one or more
bad-dest) and block absolutely-spam smtp (multiple concurrent
identities from same IP address). And if spammers or
spammer-zombies get held up from moving on to the next victim,
that's an added bonus.