Changes to the mailinglist setup

Joerg Jaspert joerg at debian.org
Sat Oct 21 23:36:06 UTC 2006 

On 10814 March 1977, John Goerzen wrote:

> If you have time, I'd be very interested in the specific filter setup
> you're using, and also how postfix has helped out.  I switched from
> Postfix to Exim4 awhile back to help with the spam situation, so maybe
> there's something I'm not aware of.

Well, we changed to postfix because 3/4 of the SPI admins can work with
postfix, while only 2/4 can work with exim4, so thats the main reason
for the switch.


That this new setup now catches more spam seems to be a side effect
reported by a listmaster who needed to do way less moderation after the
change than he needed to do before, with the few closed lists we had
then.  I personally don't understand much of exim, so cant really judge
the setup we had, I only know we had a shitload of spam on the lists
(and complains from board members about it), and if one looks in the
archives for lists that have been open until today, like board, you see
that at the date the MTAs switched the spam goes back to nearly 0.....


Now, my setup - well. It has sender verify, greylisting[1], virus and
spamscans[2], reject with some rbl lists[3] and then have different
accept/reject lists at different stages of the smtp protocol where we
can also intercept. There is also a regexp list for body and for header
checks. And then the usual "non-fqdn recipient/sender/hostname, etc"
stuff.

To not have the backup MX be an open hole for our mailsetup that one
knows about all addresses that are valid for the domains it "backs
up". Thats done by a simple perl script that updates its address list
every 15 minutes. Based on that the backup MX has the same checks, ie
also spam, virus, etc. To avoid double filtering if a mail gets in via
the backup MX it uses a tls connection to the primary MX, with a known
certificate which gets it to bypass all other checks on the primary.


It may not be the most perfect setup of the world but its working very
well.


[1] with automated whitelisting after you got 5 mails sent in
[2] not done during smtp time. We accept mail but kill silently if it
    has a spamassassin score above 10 or is a virus
[3] [bogusmx|dsn].rfc-ignorant.org, blackhole.securityusage.com,
    sbl-xbl.spamhaus.org, relays.ordb.org, opm.blitzed.org,
    list.dsbl.org, ie. the more sane ones

-- 
bye Joerg
 dvdbackup (0.1.1-7) unstable; urgency=medium
 . 
   * The wiki-wacky-oaxtepec release
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 250 bytes
Desc: not available
Url : http://lists.spi-inc.org/pipermail/spi-general/attachments/20061022/b59917a5/attachment.pgp

More information about the Spi-general mailing list