Date: Sun, 16 Dec 2007 20:53:32 +0100 From: "Jack Raats" <jack@jarasoft.net> To: "Sten Daniel Soersdal" <netslists@gmail.com>, "freebsd-questions" <freebsd-questions@freebsd.org> Subject: Re: (postfix) SPAM filter? Message-ID: <002a01c8401d$56186e10$0202fea9@jarasoft.net> References: <476086E2.5030402@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Sten and the rest,
> We have a need for a relatively painless anti-spam solution that would
> reduce the amount of incoming spam (via postfix mail router). The problem
> is that i have little knowledge on what this actually means. Googling
> reveals a whole "universe" of interesting ways but what should i pursue?
> The things that are important to me is:
>
> * Once it is setup then it would require no additional maintenance.
> * Potential spam messages are marked with a special header that can be
> filtered on user discretion on their local mail client software.
>
> Neither performance, scalability, license nor cost is of much importance
> to me at this point.
I have a different approach. I refuse all connections from ip's which
reverse DNS points to costumers of providers.
This gives a huge reduction of botnets.
Below my helo_checks and client_checks. Ofcourse use it for your own risk!
Besides this method I also use rbls's, greylisting, clamsmtpd, clamav,
procmail and spamassasin
#######################################################################
# helo_checks.pcre
#######################################################################
/^[0-9.]+$/ REJECT Please use your ISP's outgoing mail server -
HA
/^\|/ REJECT Please use your ISP's outgoing mail
server - HB
/^[\d\.]+$/ REJECT Please use your ISP's outgoing mail
server - HC
# H1 adsl,dial,dhcp,cable,retail,dynamic in helo
/(adsl|dial|dhcp|cable|retail|dynamic)/i REJECT Please use your ISP's
outgoing mail server - H1
# H2 customer,static,kabel in helo
/(customer|static|kabel)/i REJECT Please use your
ISP's outgoing mail server - H2
# H3 12345
# /\d{5}/ REJECT
Please use your ISP's outgoing mail server - H3
# H4 123-123-123
/\d{1,3}-\d{1,3}-\d{1,3}/ REJECT Please use
your ISP's outgoing mail server - H4
# H5 123.123.123
# /\d{1,3}\.\d{1,3}\.\d{1,3}/ REJECT Please use your
ISP's outgoing mail server - H5
#######################################################################
# client_checks.pcre
#######################################################################
# C1 adsl,dial,dhcp,cable,retail,dynamic in hostname
/(adsl|dial|dhcp|cable|retail|dynamic)/i 554 Please use your ISP's
outgoing mail server - C1
# C2 customer,static,kabel in hostname
/(customer|static|kabel)/i 554 Please use your
ISP's outgoing mail server - C2
# C3 123456
/\d{6}/ 554 Please
use your ISP's outgoing mail server - C3
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32) - GPGrelay v0.959
iD8DBQFHZYI8Ph5RwW/NzC4RAj1uAJ9saKRz9Q+daCcU7D/plXGRAdXflACfQ3KR
DpXkjMrMMITbqdSulZW8aBM=
=D4lA
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002a01c8401d$56186e10$0202fea9>