bypassing greylisting for road-warriors?

Dan Mahoney, System Admin danm@prime.gushi.org
Wed Sep 20 16:39:45 UTC 2006


On Wed, 20 Sep 2006, Sam Leffler wrote:

> Dan Mahoney, System Admin wrote:
>> On Tue, 19 Sep 2006, Sam Leffler wrote:
>>
>> Something I've been meaning to do for a while is get docs put together
>> on how to run a separate MSP daemon with separate rules:
>>
>> 1) It would not shut down under periodic high load like the main MTA
>> process does.
>>
>> 2) It would not need all the milters involved (although could share
>> sockets with those it does use).
>>
>> That's how I'd handle it, anyway.  Your roaming (and even non-roaming)
>> users shouldn't be using port 25.
>
> This might be a reasonable compromise.  I already use 587 since most
> ISP's block port 25.  Not sure how many spammers come in on port 25;
> guess I can check my logs.

Uh, all of them. :)

What you're checking is how many USERS come in on port 25 (annoyingly, 
the port wouldn't be listed in your log file -- the only real way is 
disable SMTP auth on that daemon and see who complains).  Your main 
problem is that there's a small subset of legacy clients that CANNOT 
change their SMTP ports (I ran into this problem with Sybase's email 
replication YEARS AGO).  But most any client these days should support 
both configurable port and SMTP auth.

-Dan


--

"We need another cat.  This one's retarded."

-Cali, March 8, 2003 (3:43 AM)

--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Site:  http://www.gushi.org
---------------------------




More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.