Re: advice on anti-spam tools
- From: Gary Kline <kline@xxxxxxxxxxxxxxx>
- Date: Tue, 3 Apr 2007 20:24:32 -0700
On Mon, Apr 02, 2007 at 11:49:19PM -0500, Dan Nelson wrote:
In the last episode (Apr 03), Angelin Lalev said:
My e-mail server is running the latest spamassassin with all of the
blacklist enabled and etc. but I still receive over 20 spam messages
a day ("image" spam mostly).
The situation with other users may be worse. That's why I was
thinking about some tool that
1. store incoming email
2. send request to the sender of the message, requiring to go to some
address and enter the numbers (letters) from image
3. if the puzzle is solved in time (week or so) deliver the message,
otherwise delete it.
Chances are you would just be annoying innocent people with backscatter
email due to the forged addresses of most spam.
You say you're running the latest spamassassin, but are you downloading
updated rulesets? All of the image/stock spam I get is caught by
spamassassin rules. Make sure you're running sa-update on a regular
basis and restarting spamd when an update is applied. Putting
/usr/local/bin/sa-update && /usr/local/etc/rc.d/sa-spamd.sh restart
in a nightly cron job should suffice, I think. I have also found
greylisting to be very effective. greylisting penalizes "unknown" smtp
sources by tempfailing the first message seen from them for 5 minutes.
Spammers usually don't spend resources queueing messages, so you never
see them again. Real mail servers retry the message, which gets
delivered. Subsequent messages from the same server come through
without delay because the source is "known". I use
ports/mail/milter-greylist , which lets you adjust the greylist period
and the whitelist timeout, and also can synch its database between
multiple servers if you're running in a clustered setup.
I've been experimenting with greylisting for months. Not
sure the regular mail filter installs or not, but the devel
version installed just now perfectly.
Is there any tutorial on this or should I just re-read the man
pages and other docs a few more times! From llooking at the
config file in /usr/local/etc/mail, the "retry" seems to default
to a #commented-out 1h. Sorry, but I have trouble parsing
this kind of grammar:
<quote>
# How long a client has to wait before we accept
# the messages it retries to send. Here, 1 hour.
# May be overridden by the "-w greylist_delay" command line argument.
#greylist 1h
</quote>
If you, Dan, or anyone else on-list could clue me in, I would
be much obliged. (Once--and only once--I think I had greylisting
working, but I screwed up my sendmail {or whatever} and yanked
everything. After many hours, mail workedd, but I didn't
re-install greylisting. It *did* cut down the SPAM
considerably. It's time to retry.
thanks much,
gary
--
Dan Nelson
dnelson@xxxxxxxxxxxxxxx
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"
--
Gary Kline kline@xxxxxxxxxxx www.thought.org Public Service Unix
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: advice on anti-spam tools
- From: Dan Nelson
- Re: advice on anti-spam tools
- References:
- advice on anti-spam tools
- From: Angelin Lalev
- Re: advice on anti-spam tools
- From: Dan Nelson
- advice on anti-spam tools
- Prev by Date: Re: trouble with HT
- Next by Date: Re: problems installing perl-5.8.8
- Previous by thread: Re: advice on anti-spam tools
- Next by thread: Re: advice on anti-spam tools
- Index(es):
Relevant Pages
|
|
