Re: using spamassassin in an isp environment ?

To: debian-isp@lists.debian.org
Subject: Re: using spamassassin in an isp environment ?
From: Adrian 'Dagurashibanipal' von Bidder <avbidder@fortytwo.ch>
Date: Wed, 9 Apr 2003 12:59:01 +0200
Message-id: <[🔎] 200304091259.14804@fortytwo.ch>
In-reply-to: <[🔎] 200304091142.54310.tomas@asertel.es>
References: <[🔎] 3E93140C.6000108@suk.net> <[🔎] 200304090948.59664@fortytwo.ch> <[🔎] 200304091142.54310.tomas@asertel.es>

On Wednesday 09 April 2003 11:42, Tomàs Núñez Lirola wrote:
> Hi
> I've thought several times about using DNSRBLs, but I don't know nothing
> about them... Do you recommend them to me? Are they difficult to add to my
> sendmail? Any doc where I can get more info about them?

http://spews.org has a number of links - about spam in general, and also to 
all important DNSRBLs. Most DNSRBLs have a website with instructions how to 
set them up with popular MTAs, IIRC it's just a FEATURE(blah blah, 
rbl_address) or so (I use postfix, so I don't know such things exactly).

Before you use them: carefully read what the policies are on the balcklists 
you'll be using. Understand how a host may end up on a blacklist and how it 
goes off. So you can properly guess how much legitimate mail will be bounced 
for your system. When you have a few hundred users, you're quite certain that 
at least one of your users will expect some mail from addresses you block. 
(the SPEWS list has recently blocked most of yahoo groups, for instance).

I have also set up my abuse@ and postmaster@ address to accept mail from 
everywhere, so people having problems can reach me (under the assumption that 
they or their admin will try my postmaster address.)

As I've said, I had not problems so far, but I don't have a big system here, 
so I'd not expect it.

I haven't made the statistics, but I roughly, rejected spam is
 - 10% rejected because of bad EHLO hostname (I don't require it to be
     correct, only that it is a FQDN and that it resolves)
 - 35% rejected because of bad (unresolvable) MAIL From domain
 - 10% rejected because of protocol errors (spammers use extremely broken
     software, I'm really amazed)
 - 10% rejected because of my private blacklist
 - 35% rejected because of the DNS blacklists

Note that the tests are done in the order they're listed above, so mail 
rejected by the early checks is likely to be in some blacklist, too, but it 
doesn't appear as such in the stats.

cheers
-- vbi

-- 
get my gpg key here: http://fortytwo.ch/gpg/92082481

Attachment: pgpGgJaOTDMqG.pgp
Description: signature

Reply to:

References:
- using spamassassin in an isp environment ?
  - From: Markus Welsch <markus.welsch@suk.net>
- Re: using spamassassin in an isp environment ?
  - From: Adrian 'Dagurashibanipal' von Bidder <avbidder@fortytwo.ch>
- Re: using spamassassin in an isp environment ?
  - From: Tomàs Núñez Lirola <tomas@asertel.es>

Prev by Date: Re: which dns server to use ?
Next by Date: Re: which dns server to use ?
Previous by thread: Re: using spamassassin in an isp environment ?
Next by thread: Problems using Gateway/Routing
Index(es):
- Date
- Thread