Hi,
On Jan 12, 2012, at 3:57 AM, Egoitz Aurrekoetxea Aurre wrote:
On Thu, 12 Jan 2012, Stan Hoeppner wrote:
On 1/11/2012 11:15 PM, Al Zick wrote:
Hi,
For a while we ran Qmail. Qmail would accept all emails regardless,
creating a very serious backscatter problem. Of course, switching to
Postfix with it configured to only accept emails for our recipients
fixed this problem.
Qmail can be properly patched for checking a valid rcpt list in a
cdb database avoiding this problem. Just as a detail... and yes
without breaking smtp-auth.
This is something that I didn't know. Maybe I will take a look at the
patch, although I am pretty happy with Postfix.
Still we seem to be losing the war with spam. I
whitelisted any server that has a .forward set to mine. Any email
from a
server that is whitelisted gets delivered. This is unacceptable,
so I
started using procmail with some rules so that email from servers
that
are whitelisted just get delivered without any filtering. Could
someone
recommend some low resource way of rejecting more spam. I am
considering
policyd.
http://www.postfix.org/docs.html
See section "UCE/Virus"
This page is very helpful!
I suppose there's no the situation... but if you have a mail
scanning machine in front of a mailbox storage machine (where
mailboxes are) and the mailbox machine has an smtpd instance
accesible from the Internet it should not be accepting
unathenticated mail not comming from the mail scanning machine.
If I don't whitelist these servers, then if it bounces an email that
has been sent because of a .forward, then the server with
the .forward tries to redeliver the email for something like 5 days
to my server. Is there another solution to this? I don't have control
over the other servers that are whitelisted.
Apart from this if you use some trustable RBL, perhaps greylisting
and you update Spamassassin rules regularly... you should be pretty
fine..
I am not using spamassassin, or greylisting, and I just removed the
RBL's because of waaaaaay too many false positives. Right now most of
my filtering is being done with a set of rules for procmail and with
bogofilter, although I am considering using policyd and dovecot with
sieve plugin.
Policyd (or graylisting) should mean more email is rejected (like it
should be) and a filtering during dovecot should mean that
whitelisted servers still get their email filtered.
I would imagine there is a better way, I just don't know it. However,
I am open to suggestions.
Thanks,
Al
--
Stan
