Spam Issues

Taking care of your Linux box.

Spam Issues

Postby mejam » Fri Feb 13, 2009 6:48 pm

I am having problem on qmail....i have spamassassin and clamAV for anti-spam and anti-virus respectively....somehow i am not satisfied with spamassassin...for example..if there is an e-mail about VIAGRA then spamassasin will tag it as spam deliver to the mailbox...but if it is some information like from panda security or planet software and sources like that...spamassassin does not TAG them....and also plz guide me how can i declate a domain or an email adress as SPAM and all those emails from SPAM sources should not reach my mail box....spamassassin will just take them and burn them in HELL....!!
Regards
Abdulrehman
mejam
Havaldaar
 
Posts: 127
Joined: Sat Oct 18, 2008 12:30 pm
WLM: bmw1000cc@hotmail.com
Yahoo Messenger: vagabond_aw@yahoo.com
Location: Lahore

Postby lambda » Fri Feb 13, 2009 7:45 pm

read spamassassin's documentation. it can whitelist/blacklist anything by domain or regex.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Re:

Postby LinuxFreaK » Sat Feb 14, 2009 3:40 pm

Dear mejam,
Salam,

FYI, http://www.magma.com.ni/~jorge/spamassassin.html

Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi

Postby x2oxen » Mon Feb 16, 2009 10:59 pm

you should read about greylisting. it solved my spam problem to extreme level
Muhammad Usman
+92-321-6640501
Chemonics International
http://usmanpk.com
x2oxen
Major General
 
Posts: 1114
Joined: Wed Aug 22, 2007 3:17 pm
Website: http://usmanpk.com
WLM: x2oxen@hotmail.com
Yahoo Messenger: x2oxen
Location: Faisalabad

Postby lambda » Tue Feb 17, 2009 1:59 am

i no longer use greylisting because there were uncooperative mail servers out there and i likely lost email. instead, i use something similar to greet pause (a sendmail feature), an rbl, and a bogofilter-based spam checker. blocked email for the past week: 757 for greet pause, 2,103 for bl.spamcop.net's rbl, and 996 for bogofilter. i run the bogofilter check using qmail-qfilter, and the pause check using some code i wrote for rblsmtpd.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby x2oxen » Tue Feb 17, 2009 10:06 am

Well thats interesting. I am using Spam Assassin (Qmail Filter), Reverse DNS Lookup, Greylisting & rblsmtpd for fighting with spams. It solved my 99.9% problem of spams & i see rarely 1 or 2 spam messages in months.
Muhammad Usman

+92-321-6640501

Chemonics International

http://usmanpk.com
x2oxen
Major General
 
Posts: 1114
Joined: Wed Aug 22, 2007 3:17 pm
Website: http://usmanpk.com
WLM: x2oxen@hotmail.com
Yahoo Messenger: x2oxen
Location: Faisalabad

Postby lambda » Tue Feb 17, 2009 12:00 pm

yes, but how much spam is blocked by each check (reverse dns, greylisting, etc)? a lot of places in pakistan don't have reverse dns; are you sure you're not dropping legit mail?
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby mejam » Tue Feb 17, 2009 12:44 pm

x2oxen wrote:Well thats interesting. I am using Spam Assassin (Qmail Filter), Reverse DNS Lookup, Greylisting & rblsmtpd for fighting with spams. It solved my 99.9% problem of spams & i see rarely 1 or 2 spam messages in months.


I am also using the same but do not have RBL and Greylisting....can you guide me how can i implement greylisting and RBL to my qmail...?
Regards

Abdulrehman
mejam
Havaldaar
 
Posts: 127
Joined: Sat Oct 18, 2008 12:30 pm
WLM: bmw1000cc@hotmail.com
Yahoo Messenger: vagabond_aw@yahoo.com
Location: Lahore

Postby lambda » Tue Feb 17, 2009 1:37 pm

use rblsmtpd (part of ucspi-tcp).

like i said, i'd lose mail with greylisting. i don't do that any more.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby x2oxen » Thu Feb 19, 2009 10:30 am

Well alot of spam as i told you about 99%. And those who don't have reverse lookup or get greylisted receive a bounce back message and if source is authentic then they always email to postermaster about this issue. and i ask them to fix their side problems or else i add exception for them. Yahoo, AOL and many big email providers using these policies and have very strict rules about spams.
Muhammad Usman

+92-321-6640501

Chemonics International

http://usmanpk.com
x2oxen
Major General
 
Posts: 1114
Joined: Wed Aug 22, 2007 3:17 pm
Website: http://usmanpk.com
WLM: x2oxen@hotmail.com
Yahoo Messenger: x2oxen
Location: Faisalabad

Postby lambda » Thu Feb 19, 2009 2:48 pm

Well alot of spam as i told you about 99%.
that's not what i asked. again: how much spam is blocked by each check (reverse dns, greylisting, etc)? if, for example, the reverse dns check takes 0.6 seconds per email, but only catches 4 spam emails a day out of 250, it's not very helpful.
And those who don't have reverse lookup or get greylisted receive a bounce back message and if source is authentic then they always email to postermaster about this issue.
in other words, you do lose actual non-spam mail every day, but you don't know how much because some of the users don't send mail to postmaster.

a procedure that results in false negatives is much worse than a procedure that lets a few spam messages through.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby mejam » Thu Feb 19, 2009 2:48 pm

I have implemented rblsmtpd and it heals the pain of spam...i was having a look at my queue...the spam messages are sent to those email address that no longer exist...i mean those employees have left the organization and spam to those email address stays in the queue..any solution for that...?
Regards

Abdulrehman
mejam
Havaldaar
 
Posts: 127
Joined: Sat Oct 18, 2008 12:30 pm
WLM: bmw1000cc@hotmail.com
Yahoo Messenger: vagabond_aw@yahoo.com
Location: Lahore

Postby lambda » Thu Feb 19, 2009 3:38 pm

if you have the badrcptto patch installed, use that. if you use qmail-qfilter (doesn't need patching), put all the old/unused email addresses in a file, and write a simple filter that checks the incoming mail against the file.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby mejam » Thu Feb 19, 2009 5:05 pm

i dont think i have any of these....how can i path my existing qmail for badrcptto or qmail-qfilter...?
Regards

Abdulrehman
mejam
Havaldaar
 
Posts: 127
Joined: Sat Oct 18, 2008 12:30 pm
WLM: bmw1000cc@hotmail.com
Yahoo Messenger: vagabond_aw@yahoo.com
Location: Lahore

Postby lambda » Thu Feb 19, 2009 5:08 pm

how can i path my existing qmail for badrcptto or qmail-qfilter...?
maybe you should use postfix.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore


Return to “%s” Administration

Who is online

Users browsing this forum: No registered users and 1 guest

cron