Mailinglist Archive: opensuse (4610 mails)

< Previous Next >
Re: [opensuse] Can spam be defeated?
  • From: Sandy Drobic <suse-linux-e@xxxxxxxxxxxxxxxxxxxxxxx>
  • Date: Wed, 20 Dec 2006 22:48:05 +0100
  • Message-id: <4589AF95.2060402@xxxxxxxxxxxxxxxxxxxxxxx>
Joachim Kieferle wrote:
Steven T. Hatton wrote:
It just keeps getting worse. I really don't want to change my email address, but it's all over the Internet, and the spammers are killing my inbox. I don't want to spend a lot of time on this issue, I just want to be able to block these idiots. I'm running a postfix mail server. Is there an easy was to thwart spam? I use the filters built into KMail, but they seem almost worthless.
Hi Steven,

adding

smtpd_recipient_restrictions = [ ......],
reject_rhsbl_client blackhole.securitysage.com,
reject_rhsbl_sender blackhole.securitysage.com,
reject_rbl_client relays.ordb.org,
reject_rbl_client blackholes.easynet.nl,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client proxies.blackholes.wirehub.net,
reject_rbl_client bl.spamcop.net,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client opm.blitzed.org,
reject_rbl_client dnsbl.njabl.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client multihop.dsbl.org

relays.ordb.org has shut down a few days ago.
cbl.abuseat.org \
opm.blitzed.org > all three are included in zen. spamhaus.org
sbl.spamhaus.org /

bl.spamcop.net is rather heavyhanded. While it will block a lot of spamzombies, indiscriminate use will almost guarantees that you will reject servers you want to receive mail from.



to the "main.cf" on the mailserver already reduced the amount of spam by approx. 50% on our server [....] means that you should leave your current policies like "permit_mynetworks" how it currently is.

With blacklists, helo checks, some basic sanity checks, adress verify you can reject about 80% of spam already.

Postgrey http://isg.ee.ethz.ch/tools/postgrey/ has also been mentioned to reduce the amount of spam quite well. I'll use that on one of the upcoming mailservers, so I don't have any experience with that up to now.

Greylisting works indeed very well against spam but it also introduces some delay until most regular senders are known to the server. You might also consider policyd-weight, that uses the weighted result of many checks to reject/accept mails.

However both recommendations just work on mailservers directly accepting the mail,

Correct. Otherwise you can only use spamassassin to analyse and tag the mail.

Sandy
--
List replies only please!
Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >