Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 9.x
  4. Topic: Limiting SPAM
« previous next »
Pages: [1]   Go Down

Limiting SPAM

  • 2 Replies
  • 2057 Views

Offline charlien

  • ****
  • 88
  • +0/-0
    • http://www.rn-computing.com
Limiting SPAM
« on: May 14, 2015, 04:41:07 PM »
I'm sure this has been discussed over and over but I couldn't find anything current and did not want to follow old advice. I'm looking to limit spam that is hitting our server without losing real messages. Here are my settings:

Spam Filter = Enabled
Spam sensitivity = Custom
Custom spam tagging = 5
Custom spam rejection = 9

config show qpsmtpd
qpsmtpd=service
    Bcc=disabled
    BccMode=cc
    BccUser=maillog
    DNSBL=enabled
    LogLevel=6
    MaxScannerSize=25000000
    RBLList=zen.spamhaus.org:b.barracudacentral.org:bl.spamcop.net
    RHSBL=enabled
    RelayRequiresAuth=enabled
    SBLList=badconf.rhsbl.sorbs.net:nomail.rhsbl.sorbs.net
    TlsBeforeAuth=1
    access=public
    qplogsumm=disabled
    status=enabled

Does anyone have any recommendations what I can change to make this a little better at rejecting SPAM.

Thanks in advance.
Logged
...

Offline mmccarn

  • *
  • 2,656
  • +10/-0
Re: Limiting SPAM
« Reply #1 on: May 16, 2015, 02:02:12 PM »
This section of the email FAQ may help:
http://wiki.contribs.org/Email#Spam

I strongly recommend implementing bayesian autolearning, along with the 'learnasspam' and 'learnasham' scripts.

I love the barracudacentral blocklist but it uses a different reply methodology that is a bit tricky to configure on a SME server by default.  Here are some notes on what I got it to work:
http://forums.contribs.org/index.php?topic=50941.0
http://bugs.contribs.org/show_bug.cgi?id=8484

For various reasons I switched from using a SME server to using a Sophos UTM appliance for spam filtering about 9 months ago.  Towards the end of my use of the SME server I had:
* created custom spamassassin rules to match some common offending email patterns
* created a custom DNSBL service on my Active Directory DNS servers, so I could list mail servers quickly while I waited for the more responsible DNSBL services to pick up the new IPs

Since switching, I'm finding that most of the spam that I could never successfully block with my SME is being blocked by a sophos rule I'd never heard of called BATV (Bounce Address Tag Validation).
« Last Edit: May 16, 2015, 02:06:45 PM by mmccarn »
Logged

Offline Knuddi

  • *
  • 540
  • +0/-0
    • http://www.scanmailx.com
Re: Limiting SPAM
« Reply #2 on: May 21, 2015, 02:03:21 PM »
BATV is merely meant to handle fake bounces and is not likely to handle a real spam problem. One of the most efficient ways to get rid of bulk spam i greylisting where I use http://sqlgrey.sourceforge.net/.
Bayes is also efficient, but not SpamAssassin stand-alone - you actually need to build a custom qpsmtpd plugin to feed it with both 100% spam and 100% ham.


Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 9.x
  4. Topic: Limiting SPAM