Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Countering spam



TheBlueSage wrote:
> I used to use exim3, and loved being able to add domains and
> 'virtusertable' addresses on the fly. Now I have to reload postfix
> config every time. I also don't like my spam filter setup (spamassassin,
> as I still get over 50 spam a day, using a spam setting of 5.0 . ...
> I was wondering what the latest and greatest solutions out there were,
> as I haven't checked since I put postfix in nearly three years ago!

I have been using exim4+spamassassin for about 2 years and am still very
satisfied with it overall, though spamassassin's effectiveness has gone down
quite a lot.  (Any tool that becomes broadly popular will become the target of
spammers.  They learn the rules for a default spamassassin configuration, pass
their messages through it before sending, and every month more of them get
through.)

So if you want to run your own mail server you have to fine-tune customized
rules in order to stay ahead of the spammers.  I massively customized my
configuration with a lot of exim rules; I reject messages at each step of the
SMTP protocol, and that takes care of 90% of spam attempts--look for
greylisting, it works *very* well.  I feed the remaining 10% into Spamassassin
and have to add a new rule every once in a while.

My only complaint about Spamassassin is that writing new rules is a tedious
command-line driven procedure which requires repeated testing.  New rules can
be risky in a production environment; maybe someone has come up with a more
automated way to craft new rules that don't abruptly cause false-positive or
false-negatives or other problems the way so many of my Spamassassin attempts
at new rules come out.  New releases of spamassassin are too infrequent, alas;
the spammers have many months between each release to develop new attacks. 
Works OK for me because I only have a personal mail server these days.

Exim4 plus mysql is a win, by comparison; my initial deployment took a week or
so and I haven't had to touch it much since.  Note that exim4 is far more
powerful than exim3 when it comes to writing custom configs.

-rich
(posting from Manila)


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.





BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org