Dylan Griffiths wrote:
> One thing I've noticed that spammers like to use are invalid date
> headers, either way in the future or the past, or just random, to get
> into your inbox. One nice thing I've done is setup some regexes in the
> headercheck file of Postfix to reject email if it's not within a month
> or so of now (stopping all those stupid 2038 emails). I'd like it if I
> could automate this, though, so I wouldn't have to periodically update
> my filters.
> Between date rejection, greylisting, other sanity checks on the
> header, and heavy RBL/SBL settings, I've managed to cut my incoming spam
> message count from 1000/week to about 56 a week (which are roughly
> 99.99% found by DSPAM, as I get on the order of one false negative every
> 3 months).
> Ideas?
I don't use grey-listing, but if you're a postfix user I've found that:
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks, reject_unauth_destination
work nicely. Ignore the sasl unless you use SASL. I also went to:
smtpd_helo_restrictions = permit_mynetworks, reject_unknown_hostname,
reject_non_fqdn_hostname, reject_invalid_hostname
But that caused too many problems with the home and vpn users. But it
was _very_ effective.
Aside from that, spamassassin + amavis works nicely for filtered spam.
It still goes through the mail server, but doesn't go to the end user.
Cheers,
lance
-- Lance Levsen, Catprint Computing Tel: (306) 493-2249 Cell: (306) 230-8783 Blog: http://www.catprint.ca/blog/ SaskBlogs: http://www.catprint.ca/saskblogs/
This archive was generated by hypermail 2.1.8 : Fri Sep 08 2006 - 23:26:38 CST