[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Fighting spam with "sendmail aliases" in postfix (spampots?)



On Tue, May 25, 2004 at 11:57:36AM +0200, Tom?s N??ez wrote:
> Hi
> I have a mail server with some domains (about 200). I'm taking them from a 
> sendmail and putting them on a postfix-ldap + courier-ldap + amavisd + 
> spamassassin + clamav (thanks to perdition, the pop/imap proxy, I am doing 
> this and nobody notices). Everything goes well, but I have a doubt.
> 
> On the sendmail server I have some "aliases", I mean, some accounts from what 
> I receive mail no matter which domain is sent to (being a domain of this 
> machine). One utility of this was that I received all "postmaster@domain.com" 
> without having to configure anything.
> 
> But another utility was the spam honeypots, or spampots, or whatever you call 
> it, (that is, some addresses I'm sure are going to receive spam), and this 
> served to prove the anti-spam filter. For example, man@domain.com: no one of 
> my customers have this account, so every mail on this mail account is spam. 
> If the mail passed the anti-spam filter, I can feedback spamassassin with it 
> (using sa-learn). 
> I have some others like this: comercial, info, webmaster, etc, etc. What was 
> very good in Sendmail is that this aliases were only active if they were not 
> in the virtual user table, that is, I receive mail to "comercial@domain.com" 
> only if "domain.com" don't have this account.
> 
> This was pretty useful to keep trained bayesian filters in spamasssassin, and 
> I increased efficiency killing spam.
> 
> But now with postfix, to get this working I have 2 possibilities: create 
> accounts and redirect them to me if customer doesn't want it, or put all 
> domains in $mydestinations, and deliver them as local and not as virtual...
> I think creating all accounts is very uncomfortable, but maybe I miss some 
> points on security about $mydestinations...

How about option 3...

Add a wildcard to the bottom of the domain name to catch all the other
rubbish...

@domain.name            spamgoeshere@localhost

This will catch anything that's not already caught by the addresses
before it.

Hope that Helps,
-- 
Brett Parker



Reply to: