I've began to sent 550 5.1.1 (mailbox unavailable) instead of 550 5.7.1 (policy reason) to spammers via postfix and observed a _massive_ decrease of further incomming spam. (~ 70% less spam for at least the few days since i began)
Anyone tried this?
Postscreen/Postfix isn't able to send this code if handling DNSBL, but i modified my policyguard to handle DNSBL and to do so.
To avoid side effects i have now a random counter: Send 5.1.1 only in the night or sundays and only to 25% of the spam.
Side note: You would excpect a drop after answering at least one 5.1.1 DSN to the product of number of spammer times number of mailboxes on your system, but instead the observable effect was a instant drop of incoming spam, as if they avoid your whole mx server for any domain and there are much less spammers than the number of different client_names suggests.
I will publish the policyguard release soon, but this forum is often very quiet, so i'm searching for feedback from others.
Edit:
Although some shady newsletter senders claim in their documentation that they automatically analyze DSN 5.1.1, the massive drop appears to be due simply to the shutdown of a large spam network on the morning of June 19.
host-pointer, devalser, timlord, kaufen.coupons and other domains are gone.
Anyone tried this?
Postscreen/Postfix isn't able to send this code if handling DNSBL, but i modified my policyguard to handle DNSBL and to do so.
To avoid side effects i have now a random counter: Send 5.1.1 only in the night or sundays and only to 25% of the spam.
Side note: You would excpect a drop after answering at least one 5.1.1 DSN to the product of number of spammer times number of mailboxes on your system, but instead the observable effect was a instant drop of incoming spam, as if they avoid your whole mx server for any domain and there are much less spammers than the number of different client_names suggests.
I will publish the policyguard release soon, but this forum is often very quiet, so i'm searching for feedback from others.
Edit:
Although some shady newsletter senders claim in their documentation that they automatically analyze DSN 5.1.1, the massive drop appears to be due simply to the shutdown of a large spam network on the morning of June 19.
host-pointer, devalser, timlord, kaufen.coupons and other domains are gone.
Last edited:
