[conspire] Perimeter vs. host-edge security (wqs: MIMO wireless cards cheap at Fry's)
Don Marti
dmarti at zgp.org
Tue Dec 13 10:26:17 PST 2005
begin Rick Moen quotation of Tue, Dec 13, 2005 at 05:14:32AM -0800:
> I call this "truly nasty" in part because it's a two-edged sword: It
> slows down and hampers the spammers by tying up their resources, but
> each socket of theirs that you keep open as long as possible on their
> end, is also a socket you're keeping open as long as possible on _your_
> end. You probably have better things to do with your MTA than telling
> thousands of spam processes "Please hold." My MTA therefore doesn't
> ever attempt that particular trick.
The main problem I see with this one is that I've
already turned down the number of incoming SMTP
connections I'm willing to accept, to account for the
spam-filtering software that gets run for each one.
100 Postfix smtpd processeses: fine. 100 smtpds plus
100 spamc processes plus a busy spamd: not fine.
And since I can't really tell if one of my relatively
few smtpd processes is going to be just ticking
along teergrubing or clobbering the server with
regular expressions, I have to assume the latter,
and not teergrube.
--
Don Marti
http://zgp.org/~dmarti/
dmarti at zgp.org
More information about the conspire
mailing list