[prev in list] [next in list] [prev in thread] [next in thread] 

List:       opensuse
Subject:    Re: [opensuse] Can spam be defeated?
From:       Sandy Drobic <suse-linux-e () japantest ! homelinux ! com>
Date:       2006-12-20 21:48:05
Message-ID: 4589AF95.2060402 () japantest ! homelinux ! com
[Download RAW message or body]

Joachim Kieferle wrote:
> Steven T. Hatton wrote:
>> It just keeps getting worse.  I really don't want to change my email 
>> address, but it's all over the Internet, and the spammers are killing 
>> my inbox.  I don't want to spend a lot of time on this issue, I just 
>> want to be able to block these idiots.  I'm running a postfix mail 
>> server.  Is there an easy was to thwart spam?  I use the filters built 
>> into KMail, but they seem almost worthless.
>>   
> Hi Steven,
> 
> adding
> 
> smtpd_recipient_restrictions =  [ ......],
>                                reject_rhsbl_client 
> blackhole.securitysage.com,
>                                reject_rhsbl_sender 
> blackhole.securitysage.com,
>                                reject_rbl_client relays.ordb.org,
>                                reject_rbl_client blackholes.easynet.nl,
>                                reject_rbl_client cbl.abuseat.org,
>                                reject_rbl_client 
> proxies.blackholes.wirehub.net,
>                                reject_rbl_client bl.spamcop.net,
>                                reject_rbl_client sbl.spamhaus.org,
>                                reject_rbl_client opm.blitzed.org,
>                                reject_rbl_client dnsbl.njabl.org,
>                                reject_rbl_client list.dsbl.org,
>                                reject_rbl_client multihop.dsbl.org

relays.ordb.org has shut down a few days ago.
cbl.abuseat.org    \
opm.blitzed.org     > all three are included in zen. spamhaus.org
sbl.spamhaus.org   /

bl.spamcop.net is rather heavyhanded. While it will block a lot of 
spamzombies, indiscriminate use will almost guarantees that you will 
reject servers you want to receive mail from.

> 
> 
> to the "main.cf" on the mailserver already reduced the amount of spam by 
> approx. 50% on our server  [....] means that you should leave your 
> current policies like "permit_mynetworks" how it currently is.

With blacklists, helo checks, some basic sanity checks, adress verify you 
can reject about 80% of spam already.

> Postgrey http://isg.ee.ethz.ch/tools/postgrey/ has also been mentioned 
> to reduce the amount of spam quite well. I'll use that on one of the 
> upcoming mailservers, so I don't have any experience with that up to now.

Greylisting works indeed very well against spam but it also introduces 
some delay until most regular senders are known to the server. You might 
also consider policyd-weight, that uses the weighted result of many checks 
to reject/accept mails.

> However both recommendations just work on mailservers directly accepting 
> the mail,

Correct. Otherwise you can only use spamassassin to analyse and tag the mail.

Sandy
-- 
List replies only please!
Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com
-- 
To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse+help@opensuse.org

[prev in list] [next in list] [prev in thread] [next in thread]