-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Kshatriya schrieb:
> On Tue, 14 Aug 2007, ram wrote:
>
>> The page says the primary MX should not be accepting connections at all.
>> Has anyone else tried this , will this cause delay in my mail

>
> It almost doesn't work anymore. Better try adaptive greylisting, with
> some whitelists so you don't notice too much of delays.
>
> K.
>

fake mx do work, but dont expect to much, as most of the
bots learned to come again to defend greylisting , they also
learned fake mx.
you will have a delay with fake mx but its very small.

In my case i was bombed with connects and fake mx
reduced them about 10 percent , i think these are very old spam bot
variants who still agressing against my very old three letter domain.

I would say fake mx are nice to have , but its not a must have in
antispam these days,

I included reject_unknown_reverse_client_hostname
in my postfix ,this, it seems is very efficient , in my case,i noticed
to block spam mail in early client stage.
Also fail2ban does a good job with dictionary attacks,
for sure you should have all other recommended
antispam settings like reject_unknown_sender_domain etc
including greylisting, policy_weight, spf, dkim
in your mail server.

- --
Mit freundlichen Gruessen
Best Regards

Robert Schetterer

Germany/Bavaria/Munich
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFGwa/jfGH2AvR16oERAsbJAJ9iRo0H+YesZN1+fjMXu3iqpL1wFQCdH lUZ
82eAcB03SfJP4j7xuh9NbiU=
=mMcc
-----END PGP SIGNATURE-----