Asai:
> Greetings,
>
> We have a real spam problem for some users, and this seems to be really
> tough spam to block. I have postscreen set up which blocks a lot of
> spam, of the spam that does get through, Spamassassin catches about 200
> spams a day, but we have about a dozen users that get 20 - 30 spams a
> day, so I ask if anyone can give me some advice about my configs here.
> This is what I have had thus far, postscreen's deep protocol tests have
> been turned on a turned off at different times due to troubleshooting a
> particular user's iPhone connection, and they are off at this time:
iPhones (and other mail clients) should connect to the submission
service (port 587 without postscreen), never to port 25.
I don't think that 20-30 residual spam messages are excessive, but
if you are willing to get involved with a game of whack-a-mole,
then you can try to find out if the spam has a common element.
For example, some spam operators use the same DNS or MX server
domain or IP address for their temporary envelope sender domains,
so they can easily be blocked with check_sender_ns_access or
check_sender_mx_access.
This takes some dedication. The alternative is to use a commercial
mail filtering service that sees the bigger picture.
Wietse
