Nathan Harris wrote: > About two weeks ago, our server's spam load suddenly increased four > times. I am filtering all email through spamd and clamd.
Content filtering of course only happens after the message has been received. IMHO, anti-spam should happen before. > In the past, > this was fine. However, I need to do something to decrease the load at > the front end and reject some of this junk. Spam has been a topic at Athens 2006. See their page Element IV - Anti-Spam Technologies http://www.oecd-antispam.org/article.php3?id_article=241 > I have not setup SPF Apparently, there is no sign to recover from MARID failure in the SPF standardization process. As a consequence, the number of sites that implement SPF is low. I'd recommend to implement SPF, but don't expect to significantly reduce your load with that. Blacklists (spamhaus and/or trendmicro) stop nearly 50%. SPF stops an insignificant fraction of it. > Can anyone recommend a "safe" SPF configuration? Or other suggestions > on setting up greylisting or such (a HowTo or such would be helpful). Setting up SPF consists of 3 steps: 1) Check your .courier or .mailfilter forwards, any fetchmail-like pumping, etcetera, and make sure you set a proper sender for bounces. Normally, you just want to stop forwarding if a bounce shows there's no one to forward to. Thus, delete the forwarding instruction by the same means that you used to insert it, triggered by bounces. Otherwise, e.g. for bulk vanity addresses, use SRS to automatically redirect bounces to the original sender. 2) Configure Courier. The following in bofh is safe: opt BOFHSPFHELO=pass,none,neutral,softfail,unknown,error,fail opt BOFHSPFMAILFROM=pass,none,neutral,softfail,unknown,error opt BOFHSPFFROM=mailfromok,pass,none,neutral,softfail,unknown,error opt BOFHSPFTRUSTME=1 3) Publish your spf records. My suggestion is to take advantage of the cidr format to set as many neutral addresses as it's cool (e.g. all ARIN's blocks), but then terminate your domain record with `-all'. You should also add a record for each ip address, since it can be used on the right side of a '@' to form an e-mail address, or as a helo host. You may generate that like so: perl -n -e 'if (m/^\s*([-a-z0-9.]+)\s+(IN\s+)?A\s+([0-9]{1,3}\.?){4}\s*/) {printf "%-26sIN TXT \"v=spf1 a -all\"\n", $1;}' /your/zone/file Step numbering is not necessarily the order that you have to do them. E.g. step (1) is required if an original sender's domain has done step (3) _and_ the forwarded-to domain has done step (2). Links: http://www.openspf.org/ http://postmaster.aol.com/spf/ ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
