Date: Sun, 16 Dec 2007 20:53:32 +0100 From: "Jack Raats" <jack@jarasoft.net> To: "Sten Daniel Soersdal" <netslists@gmail.com>, "freebsd-questions" <freebsd-questions@freebsd.org> Subject: Re: (postfix) SPAM filter? Message-ID: <002a01c8401d$56186e10$0202fea9@jarasoft.net> References: <476086E2.5030402@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Sten and the rest, > We have a need for a relatively painless anti-spam solution that would > reduce the amount of incoming spam (via postfix mail router). The problem > is that i have little knowledge on what this actually means. Googling > reveals a whole "universe" of interesting ways but what should i pursue? > The things that are important to me is: > > * Once it is setup then it would require no additional maintenance. > * Potential spam messages are marked with a special header that can be > filtered on user discretion on their local mail client software. > > Neither performance, scalability, license nor cost is of much importance > to me at this point. I have a different approach. I refuse all connections from ip's which reverse DNS points to costumers of providers. This gives a huge reduction of botnets. Below my helo_checks and client_checks. Ofcourse use it for your own risk! Besides this method I also use rbls's, greylisting, clamsmtpd, clamav, procmail and spamassasin ####################################################################### # helo_checks.pcre ####################################################################### /^[0-9.]+$/ REJECT Please use your ISP's outgoing mail server - HA /^\|/ REJECT Please use your ISP's outgoing mail server - HB /^[\d\.]+$/ REJECT Please use your ISP's outgoing mail server - HC # H1 adsl,dial,dhcp,cable,retail,dynamic in helo /(adsl|dial|dhcp|cable|retail|dynamic)/i REJECT Please use your ISP's outgoing mail server - H1 # H2 customer,static,kabel in helo /(customer|static|kabel)/i REJECT Please use your ISP's outgoing mail server - H2 # H3 12345 # /\d{5}/ REJECT Please use your ISP's outgoing mail server - H3 # H4 123-123-123 /\d{1,3}-\d{1,3}-\d{1,3}/ REJECT Please use your ISP's outgoing mail server - H4 # H5 123.123.123 # /\d{1,3}\.\d{1,3}\.\d{1,3}/ REJECT Please use your ISP's outgoing mail server - H5 ####################################################################### # client_checks.pcre ####################################################################### # C1 adsl,dial,dhcp,cable,retail,dynamic in hostname /(adsl|dial|dhcp|cable|retail|dynamic)/i 554 Please use your ISP's outgoing mail server - C1 # C2 customer,static,kabel in hostname /(customer|static|kabel)/i 554 Please use your ISP's outgoing mail server - C2 # C3 123456 /\d{6}/ 554 Please use your ISP's outgoing mail server - C3 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) - GPGrelay v0.959 iD8DBQFHZYI8Ph5RwW/NzC4RAj1uAJ9saKRz9Q+daCcU7D/plXGRAdXflACfQ3KR DpXkjMrMMITbqdSulZW8aBM= =D4lA -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002a01c8401d$56186e10$0202fea9>