Loading ...
Sorry, an error occurred while loading the content.

Re: Losing My SPAM Battle

Expand Messages
  • mouss
    ... If you are motivated and you have the time and skills, you can learn quickly. but if this is not your cup of tea, you should not spend too much time on it.
    Message 1 of 31 , Apr 1, 2008
    • 0 Attachment
      Carlos Williams wrote:
      > Thanks Ezra...I guess there is just an overwhelming amount of ways one can
      > go about setting this up and that is where I get confused.
      >
      > Right now Postfix and Dovecot are the only guys really working even though
      > everything else noted above is installed. It appears that I still don't yet
      > understand Amavisd-new's role in all of this. It appears that most recommend
      > I use Amavisd-new but my question is if there is an order or operation to
      > any of this? I mean I obviously have a test domain and test email server
      > running now. I can send and receive email from inside and outside perfect
      > with Postfix and Dovecot so basically email works 100%. So is the next thing
      > I should configure Amavisd-new or Spamassassin or does it not matter at all?
      >
      > I did order The Book of Postfix as well as another "Linux Email" I found on
      > Amazon.com.
      >
      > Trying not to sound like a broken record or take anyones advice for granted
      > but I feel I am at the best basic configuration right now and have backed
      > everything up. Now I just need to pick a plan and find out what order to
      > move on.
      >
      >


      If you are motivated and you have the time and skills, you can learn
      quickly. but if this is not your cup of tea, you should not spend too
      much time on it. if you are not convinced that you will reach the
      target, move to another one. there should be fun for everyone.

      First of all, you should learn not to top post. google will you tell you
      what this means. in short, put your replies after the text you reply to.
      top posting is not appreciated on most public lists. using bottom
      posting will help you look "better" on such lists. Please don't debate
      this (discussing it is considered a loss of time and energy!).

      Regarding spam filtering, you need both postfix and a content filter.
      you should setup amavisd-new with spamassassin NOW. there is no time to
      wait. See
      http://www.ijs.si/software/amavisd/README.postfix.html
      for how to configure amavisd-new (please follow this document and ignore
      any howto you see on the web, unless you know what you are doing).

      at the postfix level, you need to understand the basics. It is not
      reasonable to reproduce the informations found on
      http://www.postfix.org/documentation.html
      here.

      once you have postfix working correctly, then you can start with
      something like this:

      smtpd_recipient_restrictions =
      permit_mynetworks
      permit_sasl_authenticated
      reject_unauth_destination
      reject_invalid_helo_hostname
      reject_unknown_sender_domain
      reject_rbl_client zen.spamhaus.org

      This blocks a lot of junk traffic without real risks of false positives.
      Other checks are available in the documentation. some are more or less
      safe depending on your site. ask here if you have a particular question
      regarding such checks.

      Feel free to ask specific questions here, but do follow
      http://www.postfix.org/DEBUG_README.html#mail
      make your questions as precise as possible. general questions get
      general answers.
    • /dev/rob0
      ... You are of course correct, and there was even a clue in my post: I fixed my issue by forwarding queries to my own remote servers. One of these is through a
      Message 31 of 31 , Apr 4, 2008
      • 0 Attachment
        On Fri April 4 2008 20:02:50 Bill Cole wrote:
        > >Although I don't intentionally use Comcast's nameservers, it's quite
        > >possible that they have transparently proxied DNS traffic.
        >
        > That would be a spectacularly evil thing to do.
        >
        > It seems within the realm of possibility (and far less evil) that
        > Spamhaus has filtered all of Comcast's residential space from being
        > able to query their servers, given the prevalence of zombies in that
        > space.

        You are of course correct, and there was even a clue in my post: I
        fixed my issue by forwarding queries to my own remote servers. One of
        these is through a VPN, but the others are reached using port 53, and
        all are tested, answering my queries from there.

        I am, however, familiar with at least one ISP that redirects DNS
        traffic to its own servers: HughesNet home satellite. I bet it was a
        matter of incompetence rather than malice; it's difficult to make a
        laggy satellite connection work like ADSL or cable.
        --
        Offlist mail to this address is discarded unless
        "/dev/rob0" or "not-spam" is in Subject: header
      Your message has been successfully submitted and would be delivered to recipients shortly.