[Leaplist] SPAMCOP.net

[Chris]

Jason Boxman wrote:

>On Sunday 30 March 2008 12:22, John Simpson wrote:
><snip>
>  
>
>>for those who may be curious, i do use blacklists on my own server.
>>the lists i use are, in the following order:
>>
>>	zen.spamhaus.org
>>	dnsbl.njabl.org
>>	dnsbl.sorbs.net
>>	bl.spamcop.net
>>
>>i have found this combination to be VERY effective at reducing
>>incoming spam... and because the server is configured to use a 4xx
>>(i.e. "soft fail" error code) when refusing the messages, legitimate
>>machines like phil's will try again after a few minutes/hours, and the
>>message will be accepted after the blacklist removes the IP. (and all
>>of these lists are good about removing IPs quickly, once they know the
>>IP was listed by mistake.)
>>    
>>
>
>I do something like that, return a 4xx to any server with an IP on some of 
>those BLs, and it's been working fairly well.  (In January a bunch of 
>spammers were actually retrying, so I was getting tons of spam anyway; that 
>seems to have mostly stopped since February.)
>
>  
>
I've been fronting with an OpenBSD firewall (which uses
the PF packet filter) and I've just enabled the builtin
spamd function. spamd has a "tarpit feature" that I just
love - when it recieves a blacklisted connection, it
replies back that it's a poor dumb slow server that
can only handle one byte at a time - and it takes about
a second to respond to each byte. Then, to add insult
to injury, if they stay connected for the whole email,
they get back a 4xx code - try again.

Pure poison for spammers, and virtually zero overhead
for me. I think everyone should run tarpitted firewalls -
even if they don't (maybe especially if they don't) have
an email server. Just leave port 25 dangling seductively
out of the doorway and wait for customers.

Cheers,

Chris