anti-spam advice

Goal: avoid seeing spam (see note at bottom) without wrongly rejecting
non-spam messages.

Setting Symbiont-Checks-Deliverability to FALSE stops probably 80% of
spam. However, the remaining 20% is too much.

I experimented with routing my incoming email through a system running
SpamAssassin, tagging messages with score > x and rejecting those with
score > y. However, I couldn't set y low enough to reject all spam
without rejecting legitimate messages. That meant that the messages
addressed to non-existent users were initially accepted by the system
running SpamAssassin, so when I rejected them with respect to that
system, that system generated bounces as required by the RFCs. So, I
stopped doing this to avoid generating backscatter spam.

I am thus back to accepting all email directly and want to cut back the
spam which still gets through the Symbiont-Checks-Deliverability check.

I don't want to drop connections from dynamic IP addresses because a) I
do occasionally receive legitimate email from those and b) while this
will stop a lot of spam, it does require everyone to send email through
a "trusted server" when, technically, it could be sent directly. In a
sense, this is bowing down to the spammers.

I am at TCPIP 5.4 with VMS 7.3-2 on ALPHA. I might upgrade soon,
especially if there is more anti-spam capability with a higher version
of TCPIP.

What is the highest version of TCPIP for VMS 7.3-2? What is the highest
version of TCPIP for the highest version of VMS? Can I upgrade directly
to that from my current configuration?

What non-default entries in SMTP.CONFIG are most effective in rejecting
spam?

What RBLs to people recommend (see note above about NOT rejecting email
ONLY because it is from a dynamic IP address)?

It would be nice if folks could post working versions of SMTP.CONFIg,
preferably with comments.

Some folks might say that not seeing spam helps me, but does nothing to
fight spam. The problem here is that my resources are limited and,
considering that 99% of spam comes from 100 people or whatever, if there
were any effective means of reporting it such that the people got
arrested or whatever, then we would be seeing much less spam. As far as
reporting it so that filters can be updated etc, anyone who wants to do
that can easily receive enough spam himself.

.

Relevant Pages

  • Re: UOL Anti spam is back, again...
    ... smtp server. ... you gain conformity with RFC's by rejecting it whereas ... obviously rejecting when using fetchmail is a pointless option. ... waste a second of time greylisting it, scanning it for attachments, spam ...
    (Fedora)
  • Re: Is this some type of hacking or exploit attempt?
    ... my firewall, within between 15 minutes and sometimes a couple of hours ... It looks like you are rejecting mail when the connecting IP address ... the spam is spam rather than making the spam stop, ... if they are essentially nothing more than a front for spammers. ...
    (comp.mail.sendmail)
  • Re: Is this some type of hacking or exploit attempt?
    ... my firewall, within between 15 minutes and sometimes a couple of hours ... It looks like you are rejecting mail when the connecting IP address ... the spam is spam rather than making the spam stop, ... if they are essentially nothing more than a front for spammers. ...
    (comp.mail.sendmail)
  • Re: Spam Filter
    ... you look in the special file. ... Rejecting the message in the SMTP ... A lot of spam is sent ...
    (Fedora)
  • Re: [SLE] Postfix UCE, rbl, cidr and ehlo
    ... In the end, you will be rejecting every body, because there are spammers ... out of 218 spam messages that were sent to my server only 8 got through and 210 were rejected. ... I have only been informed of one false positive and that was due to sender header re-writing that was misconfigured. ...
    (SuSE)