Topic: Spam Issue

[Knuddi]

Hi kruhm,

You should be welcome to try out my filter solution as see whether it makes a difference - if it does I can maybe help finding the right combination to remove some more spam. Bayes is great but requires intelligent training, grey listing is annoying but sometimes does a great job. I am afraid that relying on SpamAssassin rules will be an endless walk in the spam desert

Contact me at jkn@scanmailx.com if interested.

Greetings,
Jesper

[Knyte]

I've had fantastic results by blocking spam at the firewall level, if that is an option for you.  pfsense (BSD based firewall) has a plugin (I think it's standard on the 2.x version) called Country Block that prevents any email from selected countries.  I noticed ~90% reduction in spam after configuring in this fashion.  Now I see ~5 spam a month, if that.  Of those, perhaps 1 or 2 are missed by SpamAssassin and make it to the Inbox.  Not bad at all.

[kruhm]

Hi Knyte,

Thanks for the info. I've subscribed to Knuddi's product as a stop-gap solution since it's cost effective and simple.

In the long run, the client has decided to move to MS Hosted Exchange. I've tried to convince them that it isn't going to solve the issues they're facing but I'll have to let them learn on their own.

Thanks to everyone involved in making suggestions.

[MSmith]

As for the machine being in server-only mode ... I haven't tried this out, but would it be possible to have the SME machine have two NICs with two IPs on the same /24, for instance, and run in server/gateway mode? The Sonicwall passes port 25 traffic to the "external" NIC, then your clients pull email from the "internal" NIC.

[MSmith]

Answering my own question ... I posted a bug and developers said "nope, can't have 2 NICS in same subnet." Oh well.

[janet]

MSmith

..... would it be possible to have the SME machine have two NICs with two IPs on the same /24, for instance, and run in server/gateway mode? The Sonicwall passes port 25 traffic to the "external" NIC, then your clients pull email from the "internal" NIC.

A similar configuration is available already.
Configure SME in gateway & server mode, then select the Static IP option (done in admin console menu Configure tbis server), that IP being the IP of the firewall, effectively creating a DMZ (AFAIK).
Whether doing that will gain you spam filtering advantages is questionable, but for many professional installers/users it is a "standard" arrangement to increase security.

[MSmith]

Thanks Janet, that's very interesting but I'm a bit lost. Are you saying that if, for instance, my Sonicwall had a public-facing IP of X.Y.Z.Z that I would configure the SME "behind" it with an "external" IP of X.Y.Z.Z? I'd be very interested to see how that would work. How would the Sonicwall know where to send the SMTP packets?

I may try setting up a 2nd IP range on the firewall and passing the traffic to the "external" NIC that way, but currently the machine seems to be working well enough in server-only mode.

[janet]

MSmith

Are you saying that if, for instance, my Sonicwall had a public-facing IP of X.Y.Z.Z that I would configure the SME "behind" it with an "external" IP of X.Y.Z.Z?

No, although it may/will depend on the type of connection protocol you are using.

More typically the Static IP will be the local IP of the gateway (eg your Sonicwall)

The comment was really related to the original poster.