Greetings. While its a pretty brute force approach, one method I’m trying is to curtail the source of email. In otherwords, if smtp traffic comes from an unknown source it gets directed to a sendmail server that intentionally rejects the email message (550 with a informational message/url). If the email message comes from a “known” source (friend/family’s ISP) it gets routed to my main sendmail server which allows most email after checking for the obvious (non resolvable domains, blacklisted domains etc) using an access lists. I’ve cut down on Spam (including this account which I use solely for NANOG) to about 0. Granted the amount of valid email that can get rejected is high, but since I log the bounces on the drop server I can look for obvious rejects from good/expected email servers. Not by any means a solution to/for a large even medium size provider, but for a small home based setup it works well. Details at http://www.sumless.net/nsh.html Cheers, -Joe Blanchard