On 12/30/2010 05:54 PM, Tomas Kuliavas wrote:
Can I collect opinions here about favorite/least favorite spam
filtering packages, for use in a dbmail environment?
What have you had luck with? What works best? What's your opinion?
Which should a happy dbmail (postfix) user, now getting too much
spam, use for filtration?
TIA, Lou Picciano
I'm using sqlgrey (postgrey implementation with database (mysql)) and
spamassassin. So far so good. sqlgrey is the best tool (to my
knowledge)
for front-line protection against spam before spamassassin takes over
the job. I'm welcome for other suggestions.
So, you don't mind not receiving mail from multi-homed hosts (*cough*
gmail *cough*)? Greylistting's very concept is broken by design.
So using myriad of outgoing email servers is not something unusual.
You are missing the point. Consider this scenario. A server has multiple
NICs on different networks, all routing to the internet. The default
route gets rotated around (when it expires, after a few minutes) in
order to load balance. This sort of a setup is fairly common on big
installations (helps with resiliency, too).
So, such a server gets a message in it's outbound spool. It tries to
deliver it to you via one of it's several routes/NICs. You see the
connection, greylist it and temporarily reject. Server goes away for a
bit. By the time it retries, the route has expired, and you get an
incoming connection from the same server but from a different source IP.
Your greylist hasn't seen that IP, so you temporarily reject again. This
can go on forever. Some of your mail might get lucky and get through.
Most will probably get massively delayed, and some will likely keep
bouncing in the outgoing spool until it expires and bounces back,
several days later.
So network design with routes that last less than couple of hours is
perfectly ok? Trying to feed same email from different locations is
exactly what spammer would do.
Equal cost routes rotate all the time, frequently on a per-TCP-session
basis. It's a perfectly legitimate, RFC compliant thing to do.
If spammers start to have heavily multi-homed zombies on a large scale,
that would arguably be pretty concerning.
Anyone who does not like some tool can call it broken by design.
You are mixing up cause and effect. I dislike tools if they are broken.
I don't call them broken because I dislike them.
If you have information that tool has problems with some types of
networking setups, you should say that it has problems with such setups.
Sure, and if you are happy to have unreliable service between your
servers and MSPs with multi-homed hosts, then you are welcome to break
your mail servers as much as you like. I don't really care.
Tool works fine with other servers. Design is not broken. Calling
something broken by design does not show what is broken in design. It only
shows that you dislike the tool.
It's broken because it demonstrably fails, by it's very design, to work
reliably in a very real and valid scenario.
Gordan
_______________________________________________
DBmail mailing list
[email protected]
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
