Anti Spam Landscape
squitoey at gmail.com
Tue Jul 17 22:25:25 MDT 2007
I do a few different things. I started having a lot of troubles with
my mail server when it started getting spammed pretty bad. I have
Postfix using Amavis to push the email through ClamAV and SpamAssasin.
My server was brought to it's knees. It was running at 98-99%
processor load and it would take hours for email to go through. So
here is what I did:
First I added a helo restriction using this:
smtpd_helo_required = yes
This eliminated about 80% of my spam. The helo_access file allows me
to make exceptions for my clients that have broken networks. In
addition, this file includes rejects for anything coming from itself.
(Handy since most Spammers try to pretend they are you, hoping to get
around your relay restrictions) It looks similar to this:
mydomain.com REJECT You are not me!
localhost REJECT You are not me!
127.0.0.1 REJECT You are not me!
localhost.localdomain REJECT You are not me!
Next I added this to my main.cf
Forcing everything to use a fully qualified domain name helped
eliminate a ton of spam. The next item I did was the last of the light
weight stuff, this catches almost everything else:
The big stuff here is the reject_rbl_client lines. These line check
the incoming server against relay databases. I used these because they
seemed relatively fair (I don't want valid email getting rejected) and
people are able to get off of these lists since they don't seem to be
Nazi's about it.
After adding these items, pretty much the only email getting to ClamAV
and SpamAssassin are valid email messages. This brought the load of my
sever back into a managable place (4-5% CPU load) and makes email
delivery fast again.
More information about the PLUG