21 Sep
2017
21 Sep
'17
1:31 a.m.
On 09/20/2017 04:54 PM, Steve Simon wrote:
My spam filtering is all plan9 based but the ideals
are all portable.
I would love to hear more about how (and why) you're using Plan9. I'm
naively curious.
Greylisting and delaying a few secs before starting
the SMTP
conversation are my most successful filters, After this comes
SPF and using spamhaus to validate the senders IP.
I forgot about pre-greeting delay. I also use that. It's amazing how
much difference even 1 second makes.
I think it's also amazing how many spam bots try tricks to get around
spam filtering, like connecting to a high order MX that hypothetically
has less spam filtering. - JunkEmailFilter's Project Tarbaby does
phenomenal work with that. Plus, it feeds their RBL which I use as a
data signal for SpamAssassin. }:-)
I reject some silly domains like localhost.com and
usernames like
user and test.
Are you referring to the purported sender? Or something in your domain?
Are you referring to SMTP Authentication or email addresses?
I have disabled SMTP Authentication on my main MTA and only allow it on
my MSA.
I also have a list of regexps which match the reverse
dns
addresses of adsl blocks which catch many spam bots.
Thankfully I've not had to deal with those. (At least not that I'm
aware of.)
The regexps sound like a lot of work but I have some
scripts to
analyse my logs and suggest patterns, so its just a click or two
I can block somthing like:
dhcp.[0-9]+.[0-9]+.[0-9]+.[0-9]+.adsl.nasty-isp.net
Nice.
--
Grant. . . .
unix || die