Anti-spam filters

John Summerfield debian at herakles.homelinux.org
Sat Dec 15 06:04:13 UTC 2007 

Martin Marques wrote:
> John Summerfield escribió:
>>
>> In postfix we are very picky about who we listen to, your IP must 
>> resolve, your helo name must resolve, your IP address must not me 
>> mentioned in any blocklist we use (spamhaus is the best). Those rules 
>> alone block at least half the spam.
> 
> My postfix those all the resolve sender MTA, but I'm totally against 
> dnsbl as, for example, my ISP often gets in some of them.

Your choice. This justifies mine:
Messages rejected using Anti-Spam site 649 Time(s)

We decline that mail, the sender knows about it. We don't have a lot of 
email accounts,that's directed to fewer than ten email accounts.

The host names associated with those emails are listed in the log 
summary, and I regularly cast my eye over it. They seem to be ADSL 
users, cable users, users with dynamic IP addresses. The come from 
domains in Israel, Poland, Switzerland, Germany, Russia, Canada, UK, 
France, Brasil, Greece, United Arab Emirates.

We're a very small school, our interests are our immediate community and 
we deal with Western Australian & Australian government agencies.

Probably, if the people who really own those computers configured their 
email clients to relay via their IAP's mail service, they'd have no 
problem reaching us.


> 
>> Also, nobody I handle mail for speaks Chinese, Korean, Russian, 
>> Spanish or Portugese or expects mail from places where any of those is 
>> the primary language. Therefore, when I'm checking my logs and see an 
>> attempt to break in using ssh, or send spam I have no hesitation in 
>> blocking the entire network as revealed by whois. Mostly, it's a /24 
>> network, but there are one or two /13s.
> 
> I would prefer to get 1 or 2 spams (which I don't get with my actual 
> configuration) then lose mail due to very stricy mail policies.

There's another 600-700 dropped because of protocol errors.

There's another 100 or so can't get ehlo/helo right.  Their host names 
look much like those in the block lists we use.

If you are one who tries to send to us and you fail for any of those 
reasons, we reject the mail while you're still in smtp conversation. If 
your email is well-configured, you will get the proper notice.

After that, we accept the mail, and if it smells bad, it gets filed as 
spam. I personally have had two acceptable senders make it to my spam 
folder, my stockbroker, and microsoft when I needed to download something.

I get a few spams each day that don't get filtered out or rejected. I 
deal with those in pine.

I don't believe we lose any legitimate email. We have rejected a couple 
of sites who couldn't configure their mail service to comply with the 
relevant RFCs (we do adhere, and we expect you to too).




-- 

Cheers
John

-- spambait
1aaaaaaa at coco.merseine.nu  Z1aaaaaaa at coco.merseine.nu
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

You cannot reply off-list:-)

More information about the fedora-list mailing list