Comments on How To Block Spam Before It Enters The Server (Postfix)
How To Block Spam Before It Enters The Server (Postfix) The last few weeks have seen a dramatic increase in spam (once again). Estimates say that spam makes now up for 80 - 90% of all emails, and many mail servers have difficulties in managing the additional load caused by the latest spam, and spam filters such as SpamAssassin do not recognize large parts of that spam as they did before. Fortunately, we can block a big amount of that spam at the MTA level, for example by using blacklists, running tests on the sender and recipient domains, etc. An additional benefit of doing this is that it lowers the load on the mail servers because the (resource-hungry) spamfilters have to look at less emails.
14 Comment(s)
Comments
please, do not use non exist and old databases.
first, do not use relays.ordb.org. this service is down since 18 dec 2006. next, composite rbl database sbl-xbl.spamhaus.org is superseded by zen.spamhaus.org.
then i have quick check other proposed rbl databases if exists A dns record for them. unfortunately, only bl.spamcop.net, dnsbl.sorbs.net, cbl.abuseat.org and ix.dnsbl.manitu.net exists.
ix.dnsbl.manitu.net doesnt work for me :?
Jun 7 17:05:48 server2 postfix/smtpd[23305]: warning: 195.32.73.212.ix.dnsbl.manitu.net: RBL lookup error: Host or domain name not found. Name service error for name=195.32.73.212.ix.dnsbl.manitu.net type=A: Host not found, try again
Jun 7 17:05:56 server2 postfix/smtpd[23522]: warning: 74.8.55.212.ix.dnsbl.manitu.net: RBL lookup error: Host or domain name not found. Name service error for name=74.8.55.212.ix.dnsbl.manitu.net type=A: Host not found, try again
Jun 7 17:07:31 server2 postfix/smtpd[23522]: warning: 175.92.249.66.ix.dnsbl.manitu.net: RBL lookup error: Host or domain name not found. Name service error for name=175.92.249.66.ix.dnsbl.manitu.net type=A: Host not found, try again
The above warnings are normal for the ix.dnsbl.manitu.net list. They mean that the sender IP is not blacklisted.
Thanks for the info :)
rejecting senders with the above method is problematic, cause the reject decission is based on the first match of a single test, you should consider to implement:
http://www.policyd-weight.org/
policyd-weight is calculating a score, based on different tests (HELO, MX, DNSBL, RHSBL) and only if the resulting score is passing a certain value the sender is rejected.
also policyd-weight is implementing a caching mechanism for the blacklist lookups
The following line should be removed from the above main.cf:
reject_rbl_client list.dsbl.org
list.dsbl.org is no longer available.
For more info, see this web page:
http://dsbl.org/
Otherwise, the above guide has worked well for me.
Thanks,
Gary
Spam Filter Blacklist is a site which I came across lists the Words, IP address, Email Id's, and Domains most commonly used by the spammers. These contents help us a lot before we can filter the emails for spam.
Thank you so very much! IT WORKS!!!!! No need to buy these expensive spam-filters. I have indeed reduced my overall spam by as much as 90% WOW!!!!!!!!!
Thank you Thank you Thank you
These settings work great, but occasionally an ill configured legit server mail gets bounced away. Is there a way to simple accept all messages and mark a spam header so the client filter it out?
I had dialup.rbl.kropka.net in my reject-lists as well, do not use it as it started rejecting ALL E-Mail a couple days ago!
Great information about Email Spam protection. Its really help us so please keep it up continue.......
Appreciate your great help. What is the difference between default 550 and 554 please? I had #unknown_local_recipient_reject_code = 550 already on but i added yours with 554.
Also are there any RBL servers that are redundant or not in use? I am bit confused of zen and sbl-x of spamcop.
Is there any way to verify if they work.
how to use my own blacklist ? Eg IP ranges block all russioan senders ?
Please put date article and comments.