Hi
> For some months now we have used a HELO ACL to delay by
> 35 seconds all connections with suspicious looking HELOs.
Looks a little long for me.
> This is very effective at reducing the amount of spam that
> our servers receive, while not preventing "real"
> email getting through, because much of the current spamming
> software seems to drop the connection during the delay period.
That's not what I am seeing.
However, a lot of spammers don't wait for the servers hello.
So I have 5s delay AND synchroization enforced and I see a lot of > 554 SMTP synchronization error And those (propable spammer) connections are then dropped *on my side*.
> As our mail volumes get higher, however, I am beginning to be
> concerned about the load that all these delayed connections
> will place on our servers. At the moment it does not appear
> to be an issue, but I am looking for advice on whether or not
> it is likely to become a problem.
I would not think this is such a big problem as long as you allow
pipelining.
(Delay then only occurs for the first mail.)
