Hi,
On 2015-08-20 00:44, Ben Greenfield wrote:
On Aug 19, 2015, at 5:43 PM, Viktor Dukhovni
<postfix-us...@dukhovni.org> wrote:
On Wed, Aug 19, 2015 at 04:14:10PM -0400, Ben Greenfield wrote:
First explain the problem, rather than the solution.
We receive a lot of spam that have very rare top level domains .site,
.link, .website, .eu.
It is wrong to black TLDs, even if initially they appear to mostly
send spam.
It is quick and effective and my thinking was that if a legitimate
domain gets rejected I would add it a specific ACCEPT above the reject
in the custom header check. It may be a bad plan
This seems like a bad plan to me. How do you plan to get notice of a
blocked, but legitimate, domain when you block all of them?
Go through your logs and check every entry? Rely on your users?
Instead, try to improve your content filters.
The spam that is getting through doesn’t have any spam score from
spamassassin I guess I should insure that they aren’t circumventing
the evaluation in someway.
For example there is postscreen which can reduce your spam count
significantly and has the added benefit that its leight-weight infront
of your actual smtpd, thus should reduce your server load, as less mail
would need to be handled by spamassassin...
see: http://www.postfix.org/POSTSCREEN_README.html
Whatever content scoring system is built-in to the Mac-OS/X Mail.app
client, for example, identifies the vast majority of my spam without
blocking any TLDs.
I would like to be doing this on the server before it reaches the
client.
Thank you,
Ben
--
Viktor.
