> On Aug 21, 2015, at 11:34 PM, Viktor Dukhovni <postfix-us...@dukhovni.org> > wrote: > > On Wed, Aug 19, 2015 at 06:44:05PM -0400, Ben Greenfield wrote: > >>>> We receive a lot of spam that have very rare top level domains .site, >>>> .link, .website, .eu. >>> >>> It is wrong to black TLDs, even if initially they appear to mostly >>> send spam. >> >> It is quick and effective and my thinking was that if a legitimate domain >> gets rejected I would add it a specific ACCEPT above the reject in the >> custom header check. It may be a bad plan > > It is largely a bad plan, perhaps you can configure more aggressive > scoring for the spam in question. > >>> Instead, try to improve your content filters. >> >> The spam that is getting through doesn?t have any spam score from >> spamassassin I guess I should insure that they aren't circumventing the >> evaluation in someway. > > Or enable more rules, when the *envelope sender* is in .eu. Do > not block the entire TLD, and apply rules by envelope sender address, > not "Received" headers.
I’m assuming this is referring to my spamassassin rules rather then working on this through postfix do I have that right? Thanks, Ben > >>> Whatever content scoring system is built-in to the Mac-OS/X Mail.app >>> client, for example, identifies the vast majority of my spam without >>> blocking any TLDs. >> >> I would like to be doing this on the server before it reaches the client. > > Sure, I was not suggesting to use Mail.app per-se, rather it was > used as proof-of-concept that decent filtering by content is > possible. > > -- > Viktor.
