24 Jun
2008
24 Jun
'08
1:37 p.m.
Source IP blocking makes up a large portion of today's spam arrest approach, so we shouldn't discount the CPU benefits of that approach too quickly.
I'm not sure where today's technology is in regards for caching the first 1 to 10kB of a session....once enough information is garnered to block, issue TCP RSETs. If it's good, free the contents of the cache.
What's your interest in mopping up spam in the middle of the network? Usually spam is viewed as a leaf-node problem (much to the chagrin of receivers, actually). Regards, Ken -- Ken Simpson CEO MailChannels - Reliable Email Delivery http://mailchannels.com 604 685 7488 tel