 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
Hi all - long time... responses in-line --Tim Rich Braun said: <snip> > (1) Have any of y'all tried to keep stats on the flow of spam? Are my > observations about message flow on-target? I've also been seeing a pretty steady increase of spam and some very creative approaches by spammers at getting through "the gauntlet." > (2) Beyond SpamAssassin, have you tried out any tools which reject spam > before > it reaches your mailbox? I know that I could configure sendmail to reject > mail from sites listed in certain blacklist databases, but before I take > that > step I want to make sure to use the right blacklists and I also want to > keep > better statistics on a per-recipient basis (example, I get mail to > "daemon" > and "amanda", in addition to "richb", at my domain). It used to be that I subscribed to the tag/report philosophy for spam caught by MailScanner/SpamAssassin and had MailScanner doing a lot of the RBL lookups, but as the volume grew, it proved to be onerous at best. I ended up moving a most of the RBL lookups to the front-line which reduced the amount of spam for a while, but the volume seemed to creep back up as the spammers caught on... The recent introduction of a dul and eventually spamcop there helped tremendously. Right now I'm basically using the following config to stop spam: Mail Server (verifies domain exists) then queries RBL's (in order): njabl, dul at sorbs, sbl-xbl.spamhaus, relays.ordb, bl.spamcop.net - mail then passed to: MailScanner - to coordinate the AV and SpamAssassin checks. It also queries the other rbl's to tag anything that made it through the door. Anything SA or MS hits on gets tagged and sent to the users junk folder. Reporting is accomplished via MailScanner-MRTG which gives a nice compact historical view of traffic and I also leverage MailWatch for MailScanner with an SQL back end. Related Links: MailScanner: http://www.mailscanner.info MailWatch for MailScanner: http://mailwatch.sourceforge.net/ mailscanner-mrtg: http://mailscannermrtg.sourceforge.net/
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
