[TUHS] Who is running their own mail server and what do you run?

Grant Taylor gtaylor at tnetconsulting.net
Thu Sep 21 09:31:36 AEST 2017

On 09/20/2017 04:54 PM, Steve Simon wrote:
> My spam filtering is all plan9 based but the ideals are all portable.

I would love to hear more about how (and why) you're using Plan9.  I'm 
naively curious.

> Greylisting and delaying a few secs before starting the SMTP
> conversation are my most successful filters, After this comes
> SPF and using spamhaus to validate the senders IP.

I forgot about pre-greeting delay.  I also use that.  It's amazing how 
much difference even 1 second makes.

I think it's also amazing how many spam bots try tricks to get around 
spam filtering, like connecting to a high order MX that hypothetically 
has less spam filtering.  -  JunkEmailFilter's Project Tarbaby does 
phenomenal work with that.  Plus, it feeds their RBL which I use as a 
data signal for SpamAssassin.  }:-)

> I reject some silly domains like localhost.com and usernames like
> user and test.

Are you referring to the purported sender?  Or something in your domain?

Are you referring to SMTP Authentication or email addresses?

I have disabled SMTP Authentication on my main MTA and only allow it on 
my MSA.

> I also have a list of regexps which match the reverse dns
> addresses of adsl blocks which catch many spam bots.

Thankfully I've not had to deal with those.  (At least not that I'm 
aware of.)

> The regexps sound like a lot of work but I have some scripts to
> analyse my logs and suggest  patterns, so its just a click or two
> I can block somthing like:
> 	dhcp.[0-9]+.[0-9]+.[0-9]+.[0-9]+.adsl.nasty-isp.net


Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3717 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://minnie.tuhs.org/pipermail/tuhs/attachments/20170920/68de9162/attachment.bin>

More information about the TUHS mailing list