16 Feb
2014
16 Feb
'14
9:53 p.m.
I think the only answer is a good multilayered approach. Use a couple of
good RBLs. Then make sure you are doing all the checks on headers etc. Then
into spamassassin. The next step is to use fail2ban, so that any particular
IP can only be used by them a couple of times before being blocked at the
firewall. This has limited usefulness tbh, because they are not using their
own machines. What I have done is to research addresses and found that
there are certain ISPs that keep appearing in spam but not ham. I then log
and block them.
It is a bit time intensive the last steps, As always, it's a trade-off
On 16 February 2014 20:52, ed <ed-bitfolk(a)s5h.net> wrote:
On Sun, Feb 16, 2014 at 03:13:44PM +0000, Gavin
Westwood wrote:
--
Keith Williams
Keith's Place www.keiths-place.co.uk
Tailor Made English www.tmenglish.org
West Norfolk RSPCA www.westnorfolkrspca.org.uk
[...]
Can any one provide some hints for IPTables rules or Exim config to rate
limit my SMTP ports without interfering too much with normal mail
operations? Alternatively, any suggestions to help Spamassassin process
quicker/better?
[...]
Not for SpamAssassin, but have you thought about using one of the RBLs?
Then you'd block potential junk before you start spending CPU time on
bayes filtering.
Alternatively, you could try greylising, 4xx the sending mail server IP
for thirty minutes on the first mail seen from it, then allow it. Often
this helps as most exploited spam sources don't queue.
--
Best regards,
Ed http://www.s5h.net/
_______________________________________________
users mailing list
users(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users