Re: spam avoidance (was Re: cpu speed problem)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Somebody in the thread at some point said:
> On Mon, 2007-07-30 at 11:25 +0100, Andy Green wrote:
>> I found this to be really effective for over a year now:
>>
>>  - greylisting (I use gps + sqlite)
> 
> I'm not enamoured of greylisting, though that might be down to the poor
> implementations of it that've held my mail up for hours, rather than
> greylisting in itself.

The first time you get mail from someone it will hold it up for some
minutes, and then for as long as it takes the other server to retry,
usually some hours.  After that, the sender/server/recipient triplet is
held in a sqlite database whitelist automatically, so there is no delay.

>>  - Spamhaus RBL lookup (IPs that are detected by Spamhaus as sending
>> spam to their fake emails get blacklisted here)
> 
> Do they get false positives added by malicious people?  One of my hosts
> uses a RBL system, but I don't think it's spamhaus.

They don't specify their fake email addresses and don't accept external
recommendations for the blacklist.

>>  - tight rules on postfix:
>>
>>     - insist that the server has reverse DNS
> 
> Not all do, nor do they really have to, even if it's a damn good idea.
> This could be a problem.

As I said I've had over a year to assess what this set of rules performs
like: I had to whitelist only two real servers in that time to work
around the rules.  That's fine by me.  I didn't see any false positives
from the blackhole either, although I guess you wouldn't.

>>     - insist that the recipient user actually exists (end of most
>> virus mails)
> 
> Does it also reject if the message has more than one recipient, and
> they're not all real users?

It rejects the whole mail if any of the recipients are not valid users
on my mailserver.

> I put a bait address into a HTML comment on my website, anything that
> spammed that (along with any other address) got trashed.  No real user
> would have seen the bait, but HTML trawlers would.  I could kill that
> mail with 100% certainty.

That's what the Spamhaus blackhole list is doing, except they publish
their "winners" by a faked up DNS server.

-Andy

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux