Not sure what my religion has to do with anything. I'm changing the
subject line hoping to get back to technical rather than religion and
politics.
I am using DynaStop and it has made a huge decrease in the amount of
spam that is getting through, it has reduced server load levels
significantly, and had no complaints about false positives.
But - it has to do with the way I'm using it.
What I am doing that works so well is on my lowest MX I do a defer if
there's a match either dynamic or failed revers lookup. In my second MX
I do rate limiting of 2 messages per 10 minute period doing a defer if
the limit is exceeded.
The reason this words is that in spite of what Bill claims, spammers
don't retry like real email does. So the spammers move on to easier
targets and bypass me. The rate limiting helps on the second MX record.
So if there were a real server who was wrongly forced to my second MX
then their email will still get through and if it got rate limited it
would stull make it eventually. And if Irun into problems I can
whitelist those really misconfigured systems.
In conclusion - IT WORKS! Use it. But use it as I have described.
.ifdef LOWEST_MX
defer set acl_m7 = ${run{/etc/exim/dynastop/DynaStop
$sender_host_address}}
condition = ${if > {$runrc}{0}{yes}{no}}
log_message = Dynamic IP address: $sender_host_address [$runrc]
.endif
####################
warn message = X-Dynamic-IP: $sender_host_address $sender_helo_name
set acl_c9 = $runrc
set acl_m7 = ${run{/etc/exim/dynastop/DynaStop $sender_host_address}}
condition = ${if > {$runrc}{0}{yes}{no}}
log_message = Dynamic IP address: $sender_host_address [$runrc]
<$sender_helo_name>
defer log_message = DEFER - Dynamic IP and Rate Limit Exceeded -
$sender_host_address [$runrc] Sender rate $sender_rate / $sender_rate_period
condition = ${if > {$acl_c9}{0}{yes}{no}}
ratelimit = 2 / 10m
