rejecting spam at SMTP time (was Re: Postfix anti-antivirus (was Re: [linux-elitists] etc))

Andrew Kohlsmith akohlsmith-le@benshaw.com
Fri Oct 1 07:20:05 PDT 2004


On Tuesday 28 September 2004 15:31, Rob McGee wrote:
> Spamhaus XBL includes the CBL. sbl-xbl.spamhaus.org is indeed a very
> good choice for conservative spam filtering. I've been using it only a
> couple days, still watching logs closely, but the few it caught did
> definitely sound like spam ... if you can judge from the envelope:
> something like fdkjhvwefpijvipwnb@hotmail.com coming from Portugal, for
> example.

This is where SPF comes in handy; unless that Portugese server is allowed to 
send mail on hotmail.com's behalf it wouldn't get through.  I just hate the 
additional network traffic involved in checking SPF records; that is why I 
use rsync and build the RBL lists locally to try and keep the total amount of 
network traffic down and the actual SMTP-time lag low.

> For some sites I'm going to get more aggressive than that and use
> dynamic IP blocks. I feel like a hypocrite in doing so since those
> lists used to block ME, but unfortunately it seems to be a very strong
> antispam measure.

Agreed; It's a shame that things have to get this way but until the spam 
problem is able to be better addressed though simple, fast and low-traffic 
verification of the sender and its authority to send on the behalf of the 
domain it's claiming to send from...  we have little choice.    It's just an 
arms race.

-A.



More information about the linux-elitists mailing list