[PLUG] Mail Administration Question

Rich Shepard rshepard at appl-ecosys.com
Mon Apr 6 20:15:53 UTC 2015


On Mon, 6 Apr 2015, Roderick Anderson wrote:

> I saw a 90%+ drop in incoming spam about one day after it was fired up (5+
> years ago). This was for around 200 domains. I have had to whitelist a few
> incoming domains but the stock 'white-list' that comes with the install
> handles the big ones.

Rod,

   I tried postgrey a number of years ago but had enough issues that I
dropped it. I'll give it try again.

   The postfix UCE rules (including header_checks and body_checks) do reject
the majority of incoming spam. For a while there was a daily flood of
Cyrillic spam. Adding a header_check for koi-8 killed 'em all. Or, it was
the Cyrillic vowels in body_checks that did the job. Either way, haven't
seen a one since then.

   Spam and phishing attempts are like grapes: they come in clusters. After a
while, one message goes away and they try a new one. Some have such mangled
spellings in an attempt to evade spam filters that the message is obscured.
That's funny.

Thanks,

Rich




More information about the PLUG mailing list