Re: Anti-spam filters

Aaron Konstam wrote:
On Fri, 2007-12-14 at 18:25 -0300, Martin Marques wrote:
I'm moving some mail addresses from one server to another, and I was
thinking about changing my anti-spam system.

Today, I'm still using bogofilter for my personal account, but it would
be nice to have a multi-user anti-spam system which can have per-user DB.

I was thinking about dspam, but I see that there are no rpm, at least in
yum and with some google searching (not to much, maybe I should look a
little more).

Now, what other options do I have?

spamassassin + a procmail that calls it to filter your stream will do
that. Each user has his own .procmailrc file.
--

At work I run postfix, spamassassin and then procmail and cyrus-imap. Google for how-tos.

There is no per-user procmailrc, all I use procmail for is to crudely detect mail with dubious attachments and file them in the user's windwoes folder, stuff marked up by spamassassin goes to their spam folder and the rest to inbox.

In postfix we are very picky about who we listen to, your IP must resolve, your helo name must resolve, your IP address must not me mentioned in any blocklist we use (spamhaus is the best). Those rules alone block at least half the spam.

At home, it's different. Again, I use picky postfix and the blocklists. My frontline mail server no longer accepts mail to herakles.homelinux.org. Instead. mail from Red Hat's servers and select other locations is relayed via DNAT to an internal mail server. I don't get spam to my herakles addresses.

Also, nobody I handle mail for speaks Chinese, Korean, Russian, Spanish or Portugese or expects mail from places where any of those is the primary language. Therefore, when I'm checking my logs and see an attempt to break in using ssh, or send spam I have no hesitation in blocking the entire network as revealed by whois. Mostly, it's a /24 network, but there are one or two /13s.

I've not done it yet, but I plan to also block the network source of email directed to my spambait addresses.



--

Cheers
John

-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxx Z1aaaaaaa@xxxxxxxxxxxxxxxx
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

You cannot reply off-list:-)

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Relevant Pages

  • Re: blueyonder decide who can email you
    ... > There are lots of ways by which spammers can sneak spam through nodes ... > of problem for the network access provider which it uses. ... mail server, but given that I teach this stuff... ...
    (uk.telecom.broadband)
  • Mail server relaying spam, but how?
    ... Many weeks ago I noticed that I my mail server was dealing with about ... the machine sending me all the spam was ... not his mail server, but his router. ... Since his actual mail server lives within his network, ...
    (freebsd-questions)
  • Re: Event 4007 Warnings
    ... Users who are outside your network should be ... and which are using your mail server as a spam relay. ...
    (microsoft.public.inetserver.iis.smtp_nntp)
  • Re: Report this spam to: groups-abuse@google.com
    ... If the spammers derived $0 in spam related ... A slight understanding that usenet is pretty much ... Google groups is simply a node on the usenet network, ... 1581 ROM from early Commodore disk drives. ...
    (sci.electronics.misc)
  • Re: content filtering
    ... opinion on experience that's limited to dealing with domestic US ... Considering that the large majority of spam originates from the US, ... Now all you need is some method of identifying the sender. ... 550 code would come to the attention of the mail server admin who could ...
    (microsoft.public.exchange.admin)