I had same problem my solution was... (in order of incomming email) 1. milter-greylist set @ 2 min wait 2. blacklist sbl-xbl.spamhaus.org (only one I would use to reject on) 3. SA - use latest version. Use all SARE rules if load permits and pyzor, dcc.... Items 1 and 2 knocked out enough spam that I was able to add more rules to SA w/ out any load increase. I use spamass-milter and it is set to reject at a score of 3 or higher. Manage SA w/ sa-learn for spam/ham and watch logs for FP's. I stare at my maillog using tail -f for hours, reminds me of that scene in the Matrix. It goes by fast but after an hour or so all you see is blonde, brunette, redhead sending email..... okay bad joke. I am completely blocking spam. But it comes at a cost. Greylist delays mail for a min of 2 min and a max of who knows (depends on sending server). My users have complained that they arn't getting mail but they eventually get it. The BL rejects so the sender will notified that their email was rejected so they can call fax fix their ip, whatever. Same goes for SA if score over 3 it gets rejected. If FP, sender must deal w/. Other problems, mail generated from my webserver has been getting rejected. To fix have been adding correct header info that SA complains about or white listing the domain. I admit I may have overreacted in my spam fight. But, I have found out what it took to completely* stop spam. Now that I have won the fight I am thinking of backing it off a bit. *Not quite "competely" - I might get one spam a week out of the 50 or so that are sent to my acct a day. On 9/5/06, alan <alan@xxxxxxxxxxxxxx> wrote:
On Tue, 5 Sep 2006, Thom Paine wrote: > I've been noticing that the config I had been using for aboutthe past > year is slowly becoming less effective against spam. > > I'm currently using half a dozen or so bl's along with spam assassin. > > I'm sure other people are either keeping up, or finding ways to keep > spam at bay. > > Anyone have any suggestions? > > I read about turning on a two minute wait time on your mail server and > was wondering if that helps. > > I can post parts of my sendmail.cf file if that would be helpful. Greylisting has worked pretty well for me. Cut about 90% of my spam load. I had to cut out most of my blocklists due to valid domains that had been "poisoned" by someone. (They took domains they did not like and claimed they were spammers. Most of them domains hosting Linux mailing lists.) -- "Oh, Joel Miller, you've just found the marble in the oatmeal. You're a lucky, lucky, lucky little boy. 'Cause you know why? You get to drink from... the FIRE HOOOOOSE!" - The Stanley Spudoski guide to mailing list administration -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list