At 8:25 PM +0930 7/30/07, Tim wrote: >On Mon, 2007-07-30 at 11:25 +0100, Andy Green wrote: >> I found this to be really effective for over a year now: >> >> - greylisting (I use gps + sqlite) > >I'm not enamoured of greylisting, though that might be down to the poor >implementations of it that've held my mail up for hours, rather than >greylisting in itself. I'm not sure about greylisting either, but AIUI, the usual holdup is from the sending MTA's retry interval, which for sendmail seems to default to 1 hour. An MTA with exponential backoff might well be worse. I mostly notice greylisting with recipients I don't send mail to often. >> - tight rules on postfix: >> >> - insist that the server has reverse DNS > >Not all do, nor do they really have to, even if it's a damn good idea. >This could be a problem. Every server should have rDNS, not just MTAs. RDNS might not map to the server's FQDN. The MTA's FQDN should be real. Currently I'm trying insisting that the hello name resolve in DNS for external connections. I also prohibit relaying through dynamic IPs, by requiring the envelope sender domain for connections whose rDNS looks dynamic resolve to the connect address. That seems to work well, rejecting about 95% of the messages (with no obvious false positives, judging by the subject lines). >> - insist that the recipient user actually exists (end of most >> virus mails) > >Does it also reject if the message has more than one recipient, and >they're not all real users? > >I put a bait address into a HTML comment on my website, anything that >spammed that (along with any other address) got trashed. No real user >would have seen the bait, but HTML trawlers would. I could kill that >mail with 100% certainty. Hmm. AFAIK, sendmail only rejects the recipients that don't exist, and allows the others through. Bait seems like a good idea, and could be easily implemented in the milter I use, but as most incoming spams have only a single recipient I don't think it would help much. -- ____________________________________________________________________ TonyN.:' <mailto:tonynelson@xxxxxxxxxxxxxxxxx> ' <http://www.georgeanelson.com/> -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list