Anti spam solutions

[Keith Mastin]

<quote who="Fraser Campbell">
> Hi,
>
> I had nothing much to say or ask when I started writing this email but
> now  that I've thought about it ... do any of you have any experience
> with  commercial anti-spam solutions?
>
> Of particular interest to me are Roaring Penguin's CanIt and
> Sophos/ActiveState's PureMessage?  To a lesser extent I am interested
> in
>  commercial RBLs such as MAPS and their effectiveness versus the free
> RBLs (I  use sbl.spamhaus.org, bl.spamcop.net and relays.ordb.org).

$smtpd_helo_restrictions  or $smtpd_recipient_restrictions in postfix :)
This was just posted on the postfix-users list today. They'll help some...

--START DRAG-N-DROP--
--- main.cf
    smtpd_helo_restrictions =
        permit_mynetworks
        reject_invalid_hostname
        reject_non_fqdn_hostname
        reject_non_fqdn_recipient
        reject_unauth_destination
        reject_non_fqdn_sender
        check_helo_access

    smtpd_recipient_restrictions =
        check_helo_access pcre:/etc/postfix/access-helo.pcre
        check_helo_access hash:/etc/postfix/access-helo
        [...]

--- /etc/postfix/access-helo.pcre
# RFC [2]821 requires IP addresses to be enclosed with square brackets
/^[0-9.]+$/                 550 Your software is not RFC 2821 compliant

--- /etc/postfix/access-helo
localhost.localdomain   REJECT  localhost? Really?  Nah, fix your
'hosts' file!
mail.beechtree.ca       REJECT  Don't use my own hostname
216.113.197.175         REJECT  Don't use my own IP address

Just change the access-helo file to contain your host/domain name(s) and
IP address(es).
--END DRAG-N-DROP--

At the end of the day, I'de say save your $$.

> *Any* other commercial or non-commercial solutions that you find
> effective I'd  like to hear about.
>
> I ask about commercial solutions because they usually come with
> management  interfaces that I do not have the time to write currently.
> AFAIK, pure open  source tools like spamassassin do not have anything
> other than text config  files and command line invocations.  Clients
> mostly seem to prefer GUIs.  I  would love to hear about mangement
> interfaces for the open source tools that  I might have missed.

There is a SpamAssassin frontend available with squirrelmail. Most of
the opensource tools can be accessed by a php or perl front end and
packaged pre-compiled into a webserver for the point-n-drool crowd.

> -- Original rant on W32/Gibe-F preserved below for my amusement --
>
> When this beloved virus first came out I had the pleasure of being one
> of the  early recipients, to the tune of 200 copies per day.
<snip>
> Do we just have to get used to the idea of trashing 10 emails for
> every  legitimate one (as is often the case with snail mail)?  What
> will happen as  more computer illiterates come online with their
> incompetent operating  systems?  Perhaps the solution is to make
> everyone go back to communicating  at 9,600bps?

One of the things I've being seeing more of recently is noise about
registering mailservers, much the same as registering a dns server.
There's a lot of complaints about freedom, etc, but it makes sense. This
would make rbl tables much more accurate and _testable_. Until then,
choosing a good list is a turkey shoot.

-- 
Keith



--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml