Re: postfix doubling emails and spam!

Fri, 29 Oct 2010 13:18:00 -0700 

On 10/29/2010 09:39 PM, Al Zick wrote:



Currently, I just use procmail to interface with the spam filters. 


Procmail is expensive to run.

If you use amavisd-new with SA, it will control those processes outside 
of mailbox delivery.



I would really like to put a bunch of rules into procmail too, for 
example: if is sees the word viagra anywhere in the email, it is spam, 
there is no reason to go any further with it.


That would be trivial with a body_check (although they are generally slow).


I'm also quite positive that spamassassin can do ANY kind of full-text 
scan, on any conditions.




Is there anything else that could cause a soft_bounce?



Don't accept mail you cannot deliver.
That's Rule #1 of spam prevention.


What exactly is a backscatter problem?



Ehm. Backscatter is accepting mail from forged senders that bounces. You 
send the bounce back to the forged address.




If I do have a backscatter problem, what should the settings be?


Don't accept mail you cannot deliver.
Run strict sender verification if you want to avoid backscatter.


I have several websites that I own that are in the top 1,000,000 sites 
based on traffic according to Alexa and although this server only 
hosts the email for like 30 some domains. I seem to get more than my 
fair share of spam. Right now, it is still manageable, but soon I will 
need a very high end dedicated mail server, if I don't change 
something. Personally, I feel my config is wrong and that is why I am 
asking some questions.





You are not using any HELO restrictions. That is generally not a good 
idea, as my HELO checks catch more spam than all other restrictions 
combined.
Also, system performance (or the lack thereof) is greatly influenced by 
the ordering of your spam checking - do the most expensive tests last, 
and as little as possible.


I use sane HELO and sender/recipient checks, and a single RBL - zen.
Anything that passes that far goes to amavisd-new with SA and clamav.
SA finds maybe one message in 20 or 30 to be spam.

I usually don't worry about it after that, but you can run the 
daily-updated rules-du-jour ruleset in SA.



I was also looking at something else and it looks like Postfix was 
built without pcre. Will I be able to use header checks without this?



You can still use regexp if that is compiled in, but the man page says 
it is slower than pcre.



--
J.























					Reply via email to