Ryan Turnbull wrote:
> I'm just rebuilding one of our old servers here and I see that the
> previous administrator was using the header_check, mime_header_check,
> and access regex files from SecuritySage. I tried to go the security
> sage site and it appears to be down, and most posts I have seen out
> there support that assumption. Anyways, my question for Postfix users
> is, is there another site/company that is providing those files
> updated? Should I be abandoning this old method for RBLDNS? If there
> are any suggestions or sites to point me in the right direction for
> lists of valid RBLs or someone/company that is producing those regex
> check files, it would be appreciated.
My opinion is you're fighting a losing battle trying to reject
spam using header_checks. Rather use RBLs, RHSRBLs, and some
common rules to prevent bots. How far you go with these
depends on your tolerance for false positives, but you should
be able to get most stuff without constantly updating rules.
Check recent archives for discussions of rbls and rhsbls to use.
You can add greylisting and SpamAssassin to catch the rest.