Loading ...
Sorry, an error occurred while loading the content.

Re: Losing My SPAM Battle

Expand Messages
  • Gaby vanhegan
    ... Whilst this is a little more OpenBSD specific it worked fine for me: http://flakshack.com/anti-spam/wiki/index.php For the parts where you have to install
    Message 1 of 31 , Apr 1, 2008
    • 0 Attachment

      On 1 Apr 2008, at 08:54, Carlos Williams wrote:
      I am running Postfix 2.3 as a corporate email server. I love running Postfix and don't want to switch to something else however SPAM is getting way out of control on my companies domain. Everyone is complaining about SPAM and I have to find a solution to this.

      ...

      Does anyone have a complete guide or anything they recommend?

      Whilst this is a little more OpenBSD specific it worked fine for me:


      For the parts where you have to install the packages  you can just use yum on CentOS but the configuration may be the same.

      Before all that have you turned on the RBL checks in Postfix, as well as all the other suggested anti-spam measures?  Here's a good starting point:

      /etc/postfix/main.cf:
      ...
      smtpd_recipient_restrictions =    permit_sasl_authenticated,    permit_mynetworks,    reject_non_fqdn_sender,    reject_unlisted_sender,    reject_unauth_destination,    reject_non_fqdn_recipient,    reject_unknown_recipient_domain,    reject_unauth_pipelining,    reject_unknown_sender_domain,    reject_rbl_client zen.spamhaus.org,    reject_rbl_client list.dsbl.org,    reject_rbl_client dul.dnsbl.sorbs.net,
      smtpd_helo_required = yes

      I have found dspam/ClamAV/Amavisd-new to be quite effective.  I also use the OpenBSD dspam tarpit daemon as well.  Very easy to setup, bounces about 75% of the spam straight off.

      Gaby.

      --

      Junkets for bunterish lickspittles since 1998!


    • /dev/rob0
      ... You are of course correct, and there was even a clue in my post: I fixed my issue by forwarding queries to my own remote servers. One of these is through a
      Message 31 of 31 , Apr 4, 2008
      • 0 Attachment
        On Fri April 4 2008 20:02:50 Bill Cole wrote:
        > >Although I don't intentionally use Comcast's nameservers, it's quite
        > >possible that they have transparently proxied DNS traffic.
        >
        > That would be a spectacularly evil thing to do.
        >
        > It seems within the realm of possibility (and far less evil) that
        > Spamhaus has filtered all of Comcast's residential space from being
        > able to query their servers, given the prevalence of zombies in that
        > space.

        You are of course correct, and there was even a clue in my post: I
        fixed my issue by forwarding queries to my own remote servers. One of
        these is through a VPN, but the others are reached using port 53, and
        all are tested, answering my queries from there.

        I am, however, familiar with at least one ISP that redirects DNS
        traffic to its own servers: HughesNet home satellite. I bet it was a
        matter of incompetence rather than malice; it's difficult to make a
        laggy satellite connection work like ADSL or cable.
        --
        Offlist mail to this address is discarded unless
        "/dev/rob0" or "not-spam" is in Subject: header
      Your message has been successfully submitted and would be delivered to recipients shortly.