June Spam wave

I've been observing a new email spam wave hitting my servers in the last couple of weeks...Munin graph for monthly rejected emailsWay above the normal "background radiation levels" for my server... 99% of them are poorly configured, and usually fail during "does the sender domain actually exist in DNS" stage... Not to mention DKIM/DMARC/SPF, etc... Some of these come in from a wide range of IP addresses, and so far mtpolicyd does not seem to have a way to ban an entire AS, so I wrote a small script to do just that.as_ban_policy_serviceSimple Postfix policy server banning clients by their Autonomous System numberI've added it as a policy server into smtpd_helo_restrictions so if some especially spammy network materializes and manages to get through the trivial check - I just nuke the entire AS. It's caching AS responses from Team Cymru AS Lookup service and also does IP-in-CIDR lookup right in sqlite thanks to an extension (no IPv6 though).Before I would see the bunch of offending…