Josh Cason a écrit : > I have two problems. I built a new postfix e-mail system that worked > great for about 1 year. Then I started getting spam that comes into our > system as one msg and is then routed out to mutiple e-mail addresses > like aol.com.
so you forward mail to aol and the like? please give more details about this (why do you need to forward mail...). > I have since update my postfix config file to block even > more spam and in some cases it worked. Example: I limited the amount of > mutiple e-mail receipents. What you say here doesn't play in your favour. you won't fight spam by limiting the number of recipients in a transaction. > But nothing have done changed this problem. Please - explain your situation (why do you forward, when, ... etc) - why did you get blacklisted, which lists were you on, ... if you find yourself on silly lists like apews, ... then we really don't care (and you should not). ... now, if you forward mail, then you'd better have a good filter. you should start with zen.spamhaus.org (which includes sbl-xbl and cbl.abuseat.org). but that's not enough... > The end results is we have messages blocked up in our e-mail queue (from > being undelivered) and if there is say 5 incomming messages. Then we are > probably get blacklisted someplace due to like 100+ to go out. Now my > attempts have showed some results in over all spam. The first time it > happened I got black listed in 20-30 different lists / providers. Now > with all the rules. I'm down to maybe one blacklist when this happens. > Yet the problem still exists (about weekly with or without being added > to a blacklist). I ran all the open relay test > with program that are legal and for eduational purpose only. They all > come back failed. Unable to send NOT open relay. The next problem is I'm > getting the to/from same users on our system. I found a page on how to > deal with this. Real world example. But I'm unable to find the page to > put the rules back in. I think it went under header checks. If you can > point in the right direction. That would be great. Enclosed is my > postfix config file. I xxx the ip numbers out. I use mysql, dovecot, > postfix (virtual with mutiple domains), postfixadmin, pop-before-stmp, > and mailscanner (this ofcourse works with clamav and spamassasian). I > did read about some kind of access list saying x...@xxx.xxx is okay for a > mysql field. But when I checked my mysql table. This is not in the list. > So I can't match it to any other field. I would assume that mysql under > virtual is enough to say hey if you don't match x...@xxx.xxx then don't > do anything. > > [snip]
