Anti Spam Landscape

[Dallin Jones]

> This is an interesting (to me) approach.  I've tried to use it, but
> get the following:
> fatal: open database /etc/postfix/helo_access.db: Inappropriate file
> type or format
>
> I admit, all I did was copy and slightly modify the above lines to
> see what it would do. :)

run "postmap helo_access" this will output the database (it took me
forever to get that one working.)


> > Next I added this to my main.cf
> >  smtpd_sender_restrictions =
> >        permit_sasl_authenticated,
> >        permit_mynetworks,
> >        reject_non_fqdn_sender,
> >        reject_unknown_sender_domain,
> >        permit
> > Forcing everything to use a fully qualified domain name helped
> > eliminate a ton of spam. The next item I did was the last of the light
> > weight stuff, this catches almost everything else:
> > smtpd_recipient_restrictions =
> >        reject_unauth_pipelining,
> >        reject_non_fqdn_recipient,
> >        reject_unknown_recipient_domain,
> >        permit_mynetworks,
> >        permit_sasl_authenticated,
> >        reject_unauth_destination
> >        check_sender_access
> >                hash:/etc/postfix/sender_access,
> >        check_recipient_access
> >                hash:/etc/postfix/recipient_access,
> >        check_helo_access
> >                hash:/etc/postfix/secondary_mx_access,
> >        reject_rbl_client list.dsbl.org
> >        reject_rbl_client sbl-xbl.spamhaus.org,
> >        permit
> >
>
> This is also valuable stuff as well, as there are a few directives
> here that I've not seen before.  I wanted to ask about the format of
> the sender_access, recipient_access, and secondary_mx_access files to
> which you refer above.  Are these basically whitelists? If so, how do
> you format the files?

Yeah these files are simply white/blacklists depending on if you use
OK or REJECT.
my.host.com    OK
evil.host.com    REJECT You are evil!

-- 
Dallin Jones
www.dallinjones.com