|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Andras Galos (galosa
netinform.hu)
Date: Tue Feb 12 2008 - 17:20:32 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi,
I recently setup a fake secondary MX record for a domain to reduce the
spam load on the primary. It works well, many spam clients connects to
it first, then time out, since port 25 is firewalled out on it. It works
with spamming clients, they do not try again. And it works with legit
mailers too, because they try the primary MX first, then, in case of
greylisting they step forward to the secondary, where they timeout. Next
time they try the primary again, and they'll succedd if the greylisting
period has elapsed.
Now I try to implement a setup, where the fake secondary MX drops every
client except messages for several spamtrap recipients.
No problem to set up Postfix on the fake secondary to reject all mail
except the spamtrap messages. But I think this can confuse some legit
MTA-s, if they get a 4xx from the secondary. If they get a response from
the secondary, they may try to send the message to it again instead of
the primary. Additionally they may show this error message to the
sender, which could confuse the senders too.
So, I'm searching for a solution, an access reject action, that Postfix
could drop the connection without any SMTP error message.
Something like 421, where "The reply code "421" causes Postfix to
disconnect immediately". But this is after the SMTP error only, which is
not the one I'm searching for.
For example, a new 499 code would be useful, which could cause Postfix
to immediately drop the connection without sending any SMTP reply.
With this possibility I could filter the spamtrap mail from the incoming
spam flow for reporting or other handling, while other mail would remain
unsuccessful, without any error message, showing the legit client MTAs
that this MX is not operational, it's better to try the primary next time.
Then a recipient_access table could look like this:
spamtrap1dom.ain OK
spamtrap2dom.ain OK
dom.ain 499 Any text here
Now using the fake secondary MX I lost 70-80% of the spam the spamtraps
receive, which is a pain for me, not to use this huge amount of spam
against spamming.
So, I'm still searching for a good implementation on the fake MX to
badly reject everything except spamtrap mail.
Is there any way to implement this?
Best regards,
Andras Galos
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]