From mboxrd@z Thu Jan  1 00:00:00 1970
From: dave@horsfall.org (Dave Horsfall)
Date: Thu, 21 Sep 2017 10:55:31 +1000 (EST)
Subject: [TUHS] Who is running their own mail server and what do you run?
In-Reply-To: <5156de95-caf9-f7e2-6e85-37d957e406bd@tnetconsulting.net>
References: <20170920162502.GN25650@mcvoy.com>
 <201709201639.v8KGdGhC024387@darkstar.fourwinds.com>
 <83CD6BB4-9617-47F9-A87E-55C447D5F1CC@bitblocks.com>
 <alpine.DEB.2.11.1709210903320.3189@sirius.opentrend.net>
 <alpine.BSF.2.21.1709210957040.89458@aneurin.horsfall.org>
 <5156de95-caf9-f7e2-6e85-37d957e406bd@tnetconsulting.net>
Message-ID: <alpine.BSF.2.21.1709211044510.89458@aneurin.horsfall.org>

On Wed, 20 Sep 2017, Grant Taylor wrote:

> I thought I had heard reports that tar pitting, for the purpose of 
> slowing spammers down, didn't achieve much.

Dunno, as I've never used it, but there are some clever tricks that can be 
used to enforce RFC-compliancy (a lot of spamware is written by idiots who 
don't understand the finer points of SMTP):

     Enforce proper DNS configuration e.g. must resolve etc, and must
     actually exist.

     Make 'em wait a few seconds before sending your own banner, and drop
     the connection if they send beforehand.

     Set up an enormous greeting banner (many long lines); there is nothing
     in the RFC that says it has to be a single short line.

These simple measures alone cut out most of the crap; the rest are handled 
by various DNSBLs and my private access list.

-- 
Dave Horsfall DTM (VK2KFU)  "Those who don't understand security will suffer."