mirror of
https://github.com/mjl-/mox.git
synced 2025-06-28 20:18:16 +03:00
9419ee15dd
similar to greylisting, but not quite the same: with greylisting you would always reject the first delivery attempt with a temporary failure. with the hope that spammers won't retry their deliveries. the spams i've been receiving seem to be quite consistent though. and we would keep rejecting them anyway. we slow down the spammy connections to waste some of the resources of a spammer. this may slow their campaigns down a bit, leaving a bit more time to take measures. we do the same with connections that have their 3rd authentication failure, typically password guess attempts. when we accept a message by a first-time sender, we sleep for 15 seconds before actually delivering them. known-good senders don't have to wait. if the message turns out to be a spammer, at least we've consumed one of their connections, and they cannot deliver at too high a rate to us because of the max open connection limit.