While not directly related to spam fighting measures, I've been accumulating the tools I use to monitor mail server performance (including spam blocking) here:
http://wiki.contribs.org/Email_StatisticsThings I use that aren't specifically discussed in the Sonoracomm howto or included in the Learn contrib:
* SBLList
I recently discovered that with dbl.spamhaus.org included in the SBLList on my server, rhsbl consistently blocks 60% of the inbound emails on one server (but only 3.4% on another).
*
check_badmailfrom_patternsBefore discovering how effective dbl.spamhaus.org is on the server mentioned, I setup and configured check_badmailfrom_patterns to block top level domains that never sent the client any real email (.biz, .eu, .info, .faith, .cricket, .accountant, .xyz, etc). this plugin still blocks some email (3.4%), but without dbl.spamhaus.org in the SBLList it was blocking almost 50% of inbound email deliveries.
* I've increased the default
check_earlytalker delay from 1 second to 5 seconds. check_earlytalker is catching 7% of attempted deliveries to the spam-prone server mentioned earlier.
* I've added a
custom template to allow support for A-record RBL lists (like b.barracudacentral.org). On every server I've added it to, the b.barracudacentral.org list blocks more spam than any other service configured in my DNSBL settings.
*
rbl-recheck.sh will check recently received mail for one or all users, and identify messages that were delivered from servers that are now listed in your DNSBL services. The messages identified can either be listed or moved into a new folder.
* I make regular use of
mxtoolbox to research obvious spam to find out why it wasn't blocked, and look for ways to block similar spam moving forward. This has led me to serveral aggressive but useful DNSBL services: ix.dnsbl.manitu.net, truncate.gbudb.net, bl.nosolicitado.org. These services may block mid-size ISPs and are likely to require some whitelisting.
6 Replies
3318 Views