[PLUG] better spam filtering through google
robinson-west user
plug_1 at robinson-west.com
Sun Apr 13 19:36:45 UTC 2008
I'm using dnsbl.sorbs.net and bl.spamcop.net.
I tried to set up my own blacklist, but what to
populate it with and how is a major problem.
I'm also using sqlgrey, but I notice some down sides.
It seems to quit blocking all mail, I'll have to watch
to see if this is true. Another downside is that it
deals with clients who are trying to access an invalid
recipient. I want them to get blocked before the
sqlgrey test. Allowing anyone who retries to get on
the whitelist isn't what I want, but it seems to be
the default for sqlgrey. I don't think there are very
many spam sources that don't retry anymore. A lot of
spam is getting through sqlgrey,though razor catches
some.
Here is main.cf from one of my postfix relays...
queue_directory = /var/spool/relay_spool
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
default_privs = nobody
canonical_maps=hash:/etc/postfix/canonical,
hash:/etc/postfix/canonical_sophistasis
mydomain=robinson-west.com
myorigin=$mydomain
inet_interfaces = 216.151.30.106, 127.0.0.1
mydestination=
local_recipient_maps=
local_transport= error:local delivery is disabled
virtual_alias_maps=hash:/etc/postfix/virtual
mynetworks=127.0.0.0/8, 216.151.30.104/29
relay_domains = $mydomain, goose.$mydomain, sophistasis.com
parent_domain_matches_subdomains =
debug_peer_list smtpd_access_maps
relay_recipient_maps=hash:/etc/postfix/relay_recipients,
hash:/etc/postfix/sophistasis_relay
transport_maps=hash:/etc/postfix/transport,
hash:/etc/postfix/transport_sophistasis
in_flow_delay = 1s
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_delay_reject = yes
# Should I be doing the following?
smtpd_helo_required=yes
disable_vrfy_command=yes
smtpd_reject_unlisted_sender=yes
header_checks=regexp:/etc/postfix/header_checks
# There are suggestions that a helo should neither be required nor
checked...
smtpd_helo_restrictions= permit_mynetworks,
check_helo_access
hash:/etc/postfix/invalid_helo,
check_helo_access hash:/etc/postfix/access,
permit
smtpd_recipient_restrictions = reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
permit_mynetworks,
reject_unauth_destination,
check_sender_access hash:/etc/postfix/blacklist,
reject_rbl_client spamsrc.robinson-west.com,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.sorbs.net,
check_policy_service unix:private/policy-spf,
check_policy_service inet:127.0.0.1:2501,
permit
policy_time_limit = 60
smtpd_data_restrictions = reject_unauth_pipelining,
permit
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.2.10/samples
readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES
unknown_local_recipient_reject_code = 550
unknown_relay_recipient_reject_code = 550
defer_code = 450
invalid_hostname_reject_code = 501
maps_rbl_reject_code = 554
non_fqdn_reject_code = 504
reject_code = 554
relay_domains_reject_code = 554
unknown_address_reject_code = 450
unknown_client_reject_code = 450
unknown_hostname_reject_code = 450
multi_recipient_bounce_reject_code = 550
html_directory = no
smtp_error_sleep_time=1s
smtp_soft_error_limit=10
smtp_hard_error_limit=20
More information about the PLUG
mailing list