[linux-elitists] Current client-side anti-spam best practices

Matthew Sayler sayler@thewalrus.org
Wed Sep 27 12:26:37 PDT 2006


On Wed, Sep 27, 2006 at 12:01:37PM -0700, Don Marti wrote:
> 3. Use netfilter to drop some incoming port 25
>    packets, with a probability proportional to the
>    "spamminess" of the sender.  Like greylisting,
>    but two levels down in the burrito.

Are existing packet filering systems smart enough to examine the packets 
and implement any of the following:

1) P(drop) starts out at a medium value (1/5?) and reset to this value
every time you get a RCPT TO
2) P(drop) decays as more DATA is recieved

Is there any benefit to NAK'ing the packets as opposed to just dropping
them?

As you allude to in 1, it would be even cooler if you could initialize
P(drop) on a perhost/persubnet value.

Matt



More information about the linux-elitists mailing list