From: /dev/rob0 (rob0gmx.co.uk)
Date: Mon Jul 24 2006 - 18:13:35 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Monday 24 July 2006 17:49, Joey wrote:
> People have mentioned grey listing, and we are currently working on
> that based previous information from the list, but is there anything
> else I can do besides that to improve our situation?

You didn't mention HELO checks. Spambots commonly use your IP address
or domain name in their HELO greeting. It's safe and easy to block
those, after "permit_mynetworks, permit_sasl_authenticated". That
single restrictions blocks about 25% of all my SMTP connections.

Otherwise you're doing about as well as can you can do, and in fact
you're having a few false positives with Spamcop and RFC-ignorant. If
you are willing to live with that level of aggressiveness, I would
suggest reject_unknown_client (reject_unknown_client_hostname in
Postfix 2.3+.)

Spamhaus.org recommends[1] URIBL filtering. You can try that by means
of a post-queue content_filter (such as amavisd_new with SpamAssassin)
or a milter in 2.3.

> Also even though it's not right to reject messages with a blank from
> from=<>, I think I want to go ahead and reject those to see if the
> majority of those end up being legit, or trash, can you tell me how
> to accomplish this?

You're right, it's wrong, and it could get you listed on the very
RFC-ignorant list you're using. :)

postconf.5.html#smtpd_null_access_lookup_key and access.5.html ("man 5
access") have the details if you insist on doing it anyway.

Followup would be more appropriate on SPAM-L as opposed to here.

[1] http://www.spamhaus.org/effective_filtering.html
--
    Offlist mail to this address is discarded unless
    "/dev/rob0" or "not-spam" is in Subject: header

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]