Kolab-users Digest, Vol 46, Issue 15

Simon Pirschel Simon.Pirschel at hug.de
Thu Dec 20 09:09:14 CET 2007 

>> Hi
>>
>> Recently, I saw a lot of post about activating some "postfix antispam" features.
>>
>> I would like to react!
>>
>> The first goal of an email system is to exchange messages between peoples.
>> Anything that prevent messages to pass through must be discuss with care!
>> [...]
>> Only grey and black listing are "dynamic" measures against SPAM that
>> SPAMMER cannot control!
>>
>> Regards
>>   

>>> Nik777 <kolab at babel.homelinux.net> 20.12.2007 02:20 >>>
> I couldn't agree more.
>
> I recently implemented greylisting for one of our email domains, and the 
> results were amazing! Of 11041 emails received in the following 24 
> hours, 40 were actually delivered. The remaining 1101 did not retry!
> 
> I am now looking for a more sophisticated  greylisting implementation 
> which would allow me to recognise some further spamming behaviour in a 
> fully dynamic way.
> 
> For instance, recognising multiple emails from the same IP address to 
> different invalid addresses on our domain.
> 
> In all other areas of my firewall, I also only implement dynamic 
> blocking, so that suspicious behaviour is blocked temporarily, which 
> protects my network, but then the block is removed, so that I don't 
> later block potentially correct traffic.
> 
> Cheers!
> Nik

Checking spam with rbl lists is pretty effective, too. I got several domains which recieve 25000 spam mails per day and more. Because of my rbl list I can block up to 99% of this spam before it gets queued.
Rbl lists are dynamic, very easy to integrate in postfix and cost one dns query per mail and rbl list. 

This is my "smtpd_recipient_restrictions" in postfixs main.cf (non kolab).

smtpd_recipient_restrictions =
        permit_sasl_authenticated
        permit_mynetworks
        reject_unauth_destination
        reject_invalid_hostname
        reject_non_fqdn_sender
        reject_unknown_sender_domain
        reject_non_fqdn_recipient
        reject_unknown_recipient_domain
        reject_rbl_client zen.spamhaus.org
        reject_rbl_client bl.spamcop.net
        reject_rbl_client cbl.abuseat.org
        reject_rbl_client dnsbl.ahbl.org
        reject_rbl_client dialups.mail-abuse.org
        reject_rbl_client dynablock.sorbs.net
        reject_rbl_client relays.mail-abuse.org
        reject_rbl_client list.dsbl.org
        permit


Simon

More information about the users mailing list