Sendmail, /etc/mail/access, and spam "best practices"

From: George Mitchell <george+freebsd_at_m5p.com>
Date: Thu, 27 Apr 2023 00:32:12 UTC
In the hope that a significant number of readers of this message are in
charge of email administration, may I ask for guidance on how aggressive
you tend to be on using sendmail's /etc/mail/access feature to block
email access to substantial portions of address space?  I don't want to
name any specific entities (corporate or political) as possible targets,
but numerous owners of IPv4 /24 blocks, and some /16 blocks and even a
few /12 blocks generate an inordinate percentage of the spam messages
I have to handle.  Right now, I will generally add the specific source
of any single spam message to /etc/mail/access, and if I see even only
two addresses in the same /24 block, I feel no compunction about
blocking the whole /24.  Obviously blocking a /16 or a /12 is much more
problematic.  Thank goodness for abuseat.org, with whose help I daily
reject hundreds of messages, and still multiple others still go through.

My /etc/mail/access is close to 20,000 entries at this point, though,
and it sure is tempting to block some of those /16s, though.  -- George