Loading ...
Sorry, an error occurred while loading the content.

Re: Do not forward spam

Expand Messages
  • DTNX Postmaster
    ... Which is exactly what the various suggestions were about. About rejecting incoming connections based on the connection profile and the envelope, before a
    Message 1 of 36 , Sep 20, 2013
    • 0 Attachment
      On Sep 20, 2013, at 22:03, azurIt <azurit@...> wrote:

      >> You are creating this problem yourself. No spam filtering is 100%
      >> without false positives, but properly configured before-queue defenses
      >> generally cut out ~90% of the garbage you get from bots and zombies. Or
      >> more, depending on how tight of a ship you can afford to run. It also
      >> presents a traceable error path to any senders that may be caught with
      >> their pants down because of configuration issues, compromised systems
      >> and what have you.
      >
      > We are, of course, not accepting every garbage:
      > smtpd_sender_restrictions =
      > reject_non_fqdn_sender
      > reject_unknown_sender_domain
      >
      > I just meant that we are not rejecting e-mails based on spam filters.

      Which is exactly what the various suggestions were about. About
      rejecting incoming connections based on the connection profile and the
      envelope, before a message is queued. In other words, no one is
      suggesting rejecting a message based on its content, we are suggesting
      that you can cut down the amount of spam you need to make a store or
      forward decision on tremendously, by raising the bar on what you accept
      in the first place.

      The very first reply you got, from Robert Schetterer, already made the
      distinction between rejection and filtering, by the way.

      And if the 'smtpd_sender_restrictions' you list above is your idea of
      not accepting garbage, there is quite a bit of room for improvement.

      >> This means that anything that actually reaches the stage where you
      >> decide whether to store or forward is about 10% of what you are
      >> accepting now, and much less likely to cause trouble with forwarding.
      >>
      >> If you must do your own thing, figure out how to use the quarantine
      >> features of your chosen content filtering software, and do forwarding
      >> from there based on rules you specify. Or dig into the Postfix
      >> documentation and figure out how you might achieve what you are after
      >> without backscattering, or discarding mail.
      >
      > We are not backscatters, our systems are configured correctly.

      Nowhere am I suggesting that you are. I am noting it as a risk that one
      needs to be aware of.

      Did you notice your original question was answered there, by the way?
      It is one of several answers you got before you sent this message.

      > One note to all fans of 'spam filters rejecting' here: Did you even notice that NO ONE of big e-mail providers are rejecting messages based on standard spam filter techniques? Google, Yahoo, Microsoft, AT&T, ... No one is doing it, most of them have developed their own filtering systems and you must be really big spammer to be blocked permanently. The best of them is Google, just try their filters and you will see (even blocking which was used to us was targeted only to particular messages).

      Ahh, now you reveal that you are not being blocked, but that they are
      rejecting some (but not all!) messages based on their local rules. In
      other words, your original problem description is incomplete at best,
      and hints at a different class of problem; being blocked by Gmail. You
      should therefore not be surprised that the suggestions and answers you
      get focus on that much bigger problem of no messages being accepted at
      all.

      And please, you don't think you are the only one here who deals with
      forwarding to the big gorillas in the game, do you?

      To get the most value from this list and others like it, assume that
      most of the problems you run into have already been solved in various
      ways, for a wide variety of setups and scenarios. Perhaps your own
      solution is not the best option. Perhaps your view of the problem is
      incomplete, or perhaps you are misunderstanding the problem completely.

      And just in case that the issues you are having do present a novel
      problem, always be as descriptive as possible. That you are doing
      forwards with 'virtual_alias_maps' at the moment should really have
      been part of your original post, for example. Better questions tend to
      get much better answers, with less noise for everyone.

      Mvg,
      Joni
    • FliedRice
      I have 10 years of sending emails, (because I have e-card sites), and due to the volume I get a lot of incoming spam. I would like to suggest to you that you
      Message 36 of 36 , Sep 28, 2013
      • 0 Attachment
        I have 10 years of sending emails, (because I have e-card sites), and due to
        the volume
        I get a lot of incoming spam. I would like to suggest to you that you are
        not going to stop
        all spam, 100% all the time, no matter what you do. And Though I understand
        your desire to
        to accept all the emails at your server, that leaves you with a bit of a
        backwards conundrum.

        I think you would do well to pay attention to this... At one level you could
        be playing with
        fire by forwarding all these emails. Each ISP has their own filter systems
        in place, and some
        of them integrate services such as SpamHaus or Spamcop. *I have seen emails
        rejected because
        of blacklisted IP addresses and/or blacklisted domain names in the emails.
        So if you forward
        emails that contain blacklisted IP's or domains you are likely to run into
        some difficulty.* For
        that reason alone I would personally attempt to block more known incoming
        spam using DNSBL's,
        especially using the two I have just mentioned. Amongst others, I personally
        use:
        reject_rbl_client sbl.spamhaus.org, reject_rbl_client xbl.spamhaus.org,
        reject_rbl_client bl.spamcop.net

        If emails are rejected by the clients above, it's generally going to be for
        a good reason, though
        not 100% foolproof, it's a pretty safe bet to use them, and certainly more
        accurate than spam
        filters. In doing so, you will knock down wasted emails, system resources,
        and time. But you may
        also help prevent yourself from getting RED flagged for having blacklisted
        IP's and domain names in
        your outgoing emails.

        Beyond that, shy of manually approving all the other incoming emails before
        forwarding, I would suggest that you consider other options. *AOL has a
        "approved senders list" for it's users*, the users input what email
        addresses they will accept email from, "whitelisting", and the rest is
        rejected. You could do something similiar, even if you simply trash the
        emails that are not on the whitelists. You probably could set it up so that
        any email address in any users contact list simply be added to the
        whitelisting.



        -----
        Free English
        & Spanish
        Ecards for Birthdays, Christmas , holidays, Valentines , Love , & just because!
        --
        View this message in context: http://postfix.1071664.n5.nabble.com/Do-not-forward-spam-tp61620p61794.html
        Sent from the Postfix Users mailing list archive at Nabble.com.
      Your message has been successfully submitted and would be delivered to recipients shortly.