Spam on the Rise. Any new tips?
Bazooka Joe
fastfish at gmail.com
Tue Sep 5 19:29:27 UTC 2006
I had same problem my solution was...
(in order of incomming email)
1. milter-greylist set @ 2 min wait
2. blacklist sbl-xbl.spamhaus.org (only one I would use to reject on)
3. SA - use latest version. Use all SARE rules if load permits and
pyzor, dcc.... Items 1 and 2 knocked out enough spam that I was able
to add more rules to SA w/ out any load increase. I use
spamass-milter and it is set to reject at a score of 3 or higher.
Manage SA w/ sa-learn for spam/ham and watch logs for FP's. I stare
at my maillog using tail -f for hours, reminds me of that scene in the
Matrix. It goes by fast but after an hour or so all you see is
blonde, brunette, redhead sending email..... okay bad joke.
I am completely blocking spam. But it comes at a cost. Greylist
delays mail for a min of 2 min and a max of who knows (depends on
sending server). My users have complained that they arn't getting mail
but they eventually get it. The BL rejects so the sender will
notified that their email was rejected so they can call fax fix their
ip, whatever. Same goes for SA if score over 3 it gets rejected. If
FP, sender must deal w/. Other problems, mail generated from my
webserver has been getting rejected. To fix have been adding correct
header info that SA complains about or white listing the domain.
I admit I may have overreacted in my spam fight. But, I have found out
what it took to completely* stop spam. Now that I have won the fight I
am thinking of backing it off a bit.
*Not quite "competely" - I might get one spam a week out of the 50 or
so that are sent to my acct a day.
On 9/5/06, alan <alan at clueserver.org> wrote:
> On Tue, 5 Sep 2006, Thom Paine wrote:
>
> > I've been noticing that the config I had been using for aboutthe past
> > year is slowly becoming less effective against spam.
> >
> > I'm currently using half a dozen or so bl's along with spam assassin.
> >
> > I'm sure other people are either keeping up, or finding ways to keep
> > spam at bay.
> >
> > Anyone have any suggestions?
> >
> > I read about turning on a two minute wait time on your mail server and
> > was wondering if that helps.
> >
> > I can post parts of my sendmail.cf file if that would be helpful.
>
> Greylisting has worked pretty well for me. Cut about 90% of my spam load.
>
> I had to cut out most of my blocklists due to valid domains that had been
> "poisoned" by someone. (They took domains they did not like and claimed
> they were spammers. Most of them domains hosting Linux mailing lists.)
>
> --
> "Oh, Joel Miller, you've just found the marble in the oatmeal. You're a
> lucky, lucky, lucky little boy. 'Cause you know why? You get to drink
> from... the FIRE HOOOOOSE!"
> - The Stanley Spudoski guide to mailing list administration
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>
More information about the fedora-list
mailing list