[TriLUG] postfix spam blocking
Jim Ray
jim at neuse.net
Fri Dec 16 11:04:03 EST 2011
I've tried several products and plan to go back to the one that works
best for us, Barracuda Spam Virus Firewall. It uses a combination of
techniques yet with proper tuning effectively blocks a measured 99% of
spam plus provides end user quarantine. Prepare to break out your
wallet, though, because even though they use open source products under
the hood, they package it together and charge $1200/year in services.
Regards,
Jim Ray, President
2 Davis Drive, PO Box 13169
Research Triangle Park, NC 27709
main: 919-838-1672
cell: 919-606-1772
skype: neusedotnet
email: jim at neuse.net
web: www.NeuseRiverNetworks.com
ONE(tm) Plan to put IT maintenance behind the scenes, after-hours and
out of your way since 1997 with Service Representatives Available
24/7/365
Customer Service/Support: Send email to support at neuse.net or log on to
our web portal http://support.neuse.net
-----Original Message-----
From: trilug-bounces at trilug.org [mailto:trilug-bounces at trilug.org] On
Behalf Of David Black
Sent: Friday, December 16, 2011 8:06 AM
To: Triangle Linux Users Group General Discussion
Subject: Re: [TriLUG] postfix spam blocking
I experimented with client and recipient restrictions a while ago and
found the client restrictions sometimes blocked too early. The
connecting MX didn't get enough of a chance to say much about who it was
and what it wanted, before being disconnected. If the filters were 100%
accurate it'd be different, but the free RBLs, for instance, definitely
aren't.
Better to load up recipient restrictions with a nice set of filters,
able to act on all the info gathered after the HELO. The author of
this page seems to agree:
http://www.akadia.com/services/postfix_uce.html
Also, postgrey works but does delay emails from new sources - the
MTA/to/from triad, and there's the odd MTA that doesn't know how to
correctly retry or takes a very long time to do so. Many services use a
different from address every time, forcing a delay for *every* email. I
used to use it and don't any more, because of the occasional legitimate
email that never arrived and more delays than expected. At least in a
business setting, I've consistently found it's better to let a bit more
spam through and not block legit emails, than have the occasional - and
very important to the CEO - email just disappear. IMHO today people in
general depend too heavily on email.
These days I use spamassassin on the MXs to classify but not block. The
decision to block/not block is done at the local mailbox delivery, and
the end user at least has an opportunity to fish an email out of their
junk folder.
Dave
----- Original Message -----
> When setting up postfix to help curb spam, which is more
> correct/effective when specifically addressing RBLs? OR can this be
> done in both places in main.cf to enhance the protection:
>
> smtpd_recipient_restrictions = reject_rbl_client zen.spamhaus.org
>
> OR
>
> smtpd_client_restrictions = reject_rbl_client zen.spamhaus.org
>
> OR
>
> both?
>
> OSX Server puts the setting in the smtpd_client_restrictions via the
> gui admin, however some other linux related how-to docs say to use
> smtpd_recipient_restrictions.
>
> thanks,
> David
>
> http://www.facebook.com/notollson540
> --
> This message was sent to: David Black <dave at jamsoft.com> To
> unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web :
> http://www.trilug.org/mailman/options/trilug/dave%40jamsoft.com
> TriLUG FAQ :
> http://www.trilug.org/wiki/Frequently_Asked_Questions
>
--
This message was sent to: Jim Ray <jim at neuse.net> To unsubscribe, send a
blank message to trilug-leave at trilug.org from that address.
TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
Unsubscribe or edit options on the web :
http://www.trilug.org/mailman/options/trilug/jim%40neuse.net
TriLUG FAQ :
http://www.trilug.org/wiki/Frequently_Asked_Questions
More information about the TriLUG
mailing list