Postfix and greylisting
in [Postfix]
|
From: LuKreme on 18 Jul 2010 15:31 What's the best choice with current 2.7 postfix for enabling greylisting? I am still using postgrey, but I don't think that really takes advantage of any of the new features in current postfix that would make greylisting more efficient. -- "He is not only dull himself; he is the cause of dullness in others." Samuel Johnson
From: lst_hoe02 on 18 Jul 2010 15:53 Zitat von LuKreme <kremels(a)kreme.com>: > What's the best choice with current 2.7 postfix for enabling > greylisting? I am still using postgrey, but I don't think that > really takes advantage of any of the new features in current postfix > that would make greylisting more efficient. Just curious. What features do you mean as more efficient for greylisting? Regards Andreas
From: "Jack Raats" on 19 Jul 2010 02:39 ----- Original Message ----- From: "LuKreme" <kremels(a)kreme.com> To: "postfix users" <postfix-users(a)postfix.org> Sent: Sunday, July 18, 2010 9:31 PM Subject: Postfix and greylisting What's the best choice with current 2.7 postfix for enabling greylisting? I am still using postgrey, but I don't think that really takes advantage of any of the new features in current postfix that would make greylisting more efficient. -answer I'm using postgrey quite a long time but I think there are more efficient ways to block spam. Running pflogsumm on maillog gives the following numbers Totally blocked 85 Blocking countries (using client host name and helo): 7 relay access denied: 45 spamhaus: 8 cannot find your hostname: 23 greylisting: 2 (only blocked for 30 sec) spamassassin started by procmail didn't have to block anything Yes I'm blocking complete countries (using the domain name), because no one on my server expects to get mail form e.g. china (cn). If someone from China wants to mail me, he can use gmail, hotmail etc..... Jack
From: Stan Hoeppner on 19 Jul 2010 04:06 Jack Raats put forth on 7/19/2010 1:39 AM: > I'm using postgrey quite a long time but I think there are more efficient > ways to block spam. Totally agree. > Running pflogsumm on maillog gives the following numbers > > Totally blocked 85 > Blocking countries (using client host name and helo): 7 > relay access denied: 45 > spamhaus: 8 > cannot find your hostname: 23 > greylisting: 2 (only blocked for 30 sec) I run a small MX system, same as you, and get about the same results for Postgrey. However, as with all the spam nets at our disposal, each in isolated use will catch far more spam than when we combine them all. I do super selective greylisting. In fact, Postgrey is my last restriction. It blocks (or delays) less than 1% or so of my flow because I give it so little chance to--by design. I use Postgrey as a safety net of sorts, to "catch the one that got away", hopefully. Greylisting is/was designed to stop bot spam exclusively. I've got a substantial FQrDNS checking regex that catches a ton of bot spam, along with standard Postfix client checks, Spamhaus Zen and DBL, and on rare occasions BRBL (which throws more lookup errors than actual results--pretty close to kicking BRBL to the curb). > Yes I'm blocking complete countries (using the domain name), because no one > on my server expects to get mail form e.g. china (cn). > If someone from China wants to mail me, he can use gmail, hotmail etc..... Don't be ashamed or defensive. It's smart for small operations to country block, along with many other blocking methods that larger OPs shun. I'm not ashamed of it. I go a bit further than mere TLD blocking though. I use CIDR tables populated with ipdeny.com country ranges, which is more precise than TLD blocking. There are many .com, .org, .net, .info, etc domains in all countries, which can't be rejected via TLD. -- Stan
|
Pages: 1 Prev: set-permissions tweak Next: [JOB] Email Sys Admin, NYC | 80-100k+ |