Re: Do not forward spam
- On Sep 20, 2013, at 22:03, azurIt <azurit@...> wrote:
>> You are creating this problem yourself. No spam filtering is 100%Which is exactly what the various suggestions were about. About
>> without false positives, but properly configured before-queue defenses
>> generally cut out ~90% of the garbage you get from bots and zombies. Or
>> more, depending on how tight of a ship you can afford to run. It also
>> presents a traceable error path to any senders that may be caught with
>> their pants down because of configuration issues, compromised systems
>> and what have you.
> We are, of course, not accepting every garbage:
> smtpd_sender_restrictions =
> I just meant that we are not rejecting e-mails based on spam filters.
rejecting incoming connections based on the connection profile and the
envelope, before a message is queued. In other words, no one is
suggesting rejecting a message based on its content, we are suggesting
that you can cut down the amount of spam you need to make a store or
forward decision on tremendously, by raising the bar on what you accept
in the first place.
The very first reply you got, from Robert Schetterer, already made the
distinction between rejection and filtering, by the way.
And if the 'smtpd_sender_restrictions' you list above is your idea of
not accepting garbage, there is quite a bit of room for improvement.
>> This means that anything that actually reaches the stage where youNowhere am I suggesting that you are. I am noting it as a risk that one
>> decide whether to store or forward is about 10% of what you are
>> accepting now, and much less likely to cause trouble with forwarding.
>> If you must do your own thing, figure out how to use the quarantine
>> features of your chosen content filtering software, and do forwarding
>> from there based on rules you specify. Or dig into the Postfix
>> documentation and figure out how you might achieve what you are after
>> without backscattering, or discarding mail.
> We are not backscatters, our systems are configured correctly.
needs to be aware of.
Did you notice your original question was answered there, by the way?
It is one of several answers you got before you sent this message.
> One note to all fans of 'spam filters rejecting' here: Did you even notice that NO ONE of big e-mail providers are rejecting messages based on standard spam filter techniques? Google, Yahoo, Microsoft, AT&T, ... No one is doing it, most of them have developed their own filtering systems and you must be really big spammer to be blocked permanently. The best of them is Google, just try their filters and you will see (even blocking which was used to us was targeted only to particular messages).Ahh, now you reveal that you are not being blocked, but that they are
rejecting some (but not all!) messages based on their local rules. In
other words, your original problem description is incomplete at best,
and hints at a different class of problem; being blocked by Gmail. You
should therefore not be surprised that the suggestions and answers you
get focus on that much bigger problem of no messages being accepted at
And please, you don't think you are the only one here who deals with
forwarding to the big gorillas in the game, do you?
To get the most value from this list and others like it, assume that
most of the problems you run into have already been solved in various
ways, for a wide variety of setups and scenarios. Perhaps your own
solution is not the best option. Perhaps your view of the problem is
incomplete, or perhaps you are misunderstanding the problem completely.
And just in case that the issues you are having do present a novel
problem, always be as descriptive as possible. That you are doing
forwards with 'virtual_alias_maps' at the moment should really have
been part of your original post, for example. Better questions tend to
get much better answers, with less noise for everyone.
- I have 10 years of sending emails, (because I have e-card sites), and due to
I get a lot of incoming spam. I would like to suggest to you that you are
not going to stop
all spam, 100% all the time, no matter what you do. And Though I understand
your desire to
to accept all the emails at your server, that leaves you with a bit of a
I think you would do well to pay attention to this... At one level you could
be playing with
fire by forwarding all these emails. Each ISP has their own filter systems
in place, and some
of them integrate services such as SpamHaus or Spamcop. *I have seen emails
of blacklisted IP addresses and/or blacklisted domain names in the emails.
So if you forward
emails that contain blacklisted IP's or domains you are likely to run into
some difficulty.* For
that reason alone I would personally attempt to block more known incoming
spam using DNSBL's,
especially using the two I have just mentioned. Amongst others, I personally
reject_rbl_client sbl.spamhaus.org, reject_rbl_client xbl.spamhaus.org,
If emails are rejected by the clients above, it's generally going to be for
a good reason, though
not 100% foolproof, it's a pretty safe bet to use them, and certainly more
accurate than spam
filters. In doing so, you will knock down wasted emails, system resources,
and time. But you may
also help prevent yourself from getting RED flagged for having blacklisted
IP's and domain names in
your outgoing emails.
Beyond that, shy of manually approving all the other incoming emails before
forwarding, I would suggest that you consider other options. *AOL has a
"approved senders list" for it's users*, the users input what email
addresses they will accept email from, "whitelisting", and the rest is
rejected. You could do something similiar, even if you simply trash the
emails that are not on the whitelists. You probably could set it up so that
any email address in any users contact list simply be added to the
Ecards for Birthdays, Christmas , holidays, Valentines , Love , & just because!
View this message in context: http://postfix.1071664.n5.nabble.com/Do-not-forward-spam-tp61620p61794.html
Sent from the Postfix Users mailing list archive at Nabble.com.