Anti-spam filters

John Summerfield debian at herakles.homelinux.org
Fri Dec 14 23:02:43 UTC 2007 

Aaron Konstam wrote:
> On Fri, 2007-12-14 at 18:25 -0300, Martin Marques wrote:
>> I'm moving some mail addresses from one server to another, and I was
>> thinking about changing my anti-spam system.
>>
>> Today, I'm still using bogofilter for my personal account, but it would
>> be nice to have a multi-user anti-spam system which can have per-user DB.
>>
>> I was thinking about dspam, but I see that there are no rpm, at least in
>> yum and with some google searching (not to much, maybe I should look a
>> little more).
>>
>> Now, what other options do I have?
>>
> spamassassin + a procmail that calls it to filter your stream will do
> that. Each user has his own .procmailrc file.
> --

At work I run postfix, spamassassin and then procmail and cyrus-imap. 
Google for how-tos.

There is no per-user procmailrc, all I use procmail for is to crudely 
detect mail with dubious attachments and file them in the user's 
windwoes folder, stuff marked up by spamassassin goes to their spam 
folder and the rest to inbox.

In postfix we are very picky about who we listen to, your IP must 
resolve, your helo name must resolve, your IP address must not me 
mentioned in any blocklist we use (spamhaus is the best). Those rules 
alone block at least half the spam.

At home, it's different. Again, I use picky postfix and the blocklists. 
My frontline mail server no longer accepts mail to 
herakles.homelinux.org. Instead. mail from Red Hat's servers and select 
other locations is relayed via DNAT to an internal mail server. I don't 
get spam to my herakles addresses.

Also, nobody I handle mail for speaks Chinese, Korean, Russian, Spanish 
or Portugese or expects mail from places where any of those is the 
primary language. Therefore, when I'm checking my logs and see an 
attempt to break in using ssh, or send spam I have no hesitation in 
blocking the entire network as revealed by whois. Mostly, it's a /24 
network, but there are one or two /13s.

I've not done it yet, but I plan to also block the network source of 
email directed to my spambait addresses.



-- 

Cheers
John

-- spambait
1aaaaaaa at coco.merseine.nu  Z1aaaaaaa at coco.merseine.nu
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

You cannot reply off-list:-)

More information about the fedora-list mailing list