>> >>
>> >>
>> >> I'm trying out a new idea for blacklisting hosts. I have
>> >> several email
>> >> servers for processing spam. These servers service my lowered
>> >> numbered
>> >>
>> >
>> > As others said, not a good idea.
>> >
>> > Don't bother BL isting them, if they hit your dummy mx record, they die,
>> > don't retry, and have in effect blacklisted themselves.
>> >
>> >

>>
>> What I see happening is that they are hitting MX randomly. So some times
>> they hit a good server and sometimes they hit the trap. Once they have
>> hit the trap several times then they are blacklisted in my hostkarma
>> blacklist and if they hit a real server they are rejected at connect time.
>>
>> On my servers less than 1% of all email attempts make it as far as spam
>> assassin. This reduces it further.
>>
>>

A simpler approach might be to blacklist senders that try multiple non-existent recipients,
regardless of mx priority

BTW: at one time I was quite happy with some pre-filtering on my private mail (which is
fetchmail ultimately feeding to SA) until I found that SA would no longer recognize some
spam in the bayes section. So, if capacity permits, it might be a good idea to feed (a random
sampling of) pre-filtered spam to sa-learn

Wolfgang