Thx a lot, Paul (and Stevan), for the time you spent explaining this, I'll follow that steps and maybe shout for more help later! My install is (gonna be) a postfix-powered, smtp relay to the regular corporate mail server (coz this one is heavily loaded with IMAP clients). I'm a coder (well, I hve my roots there at least), yes, with average postfix skills, and it's better for everyone if I don't write any documentation ;-)
Cyril' Paul Cockings a écrit : > >> What MTA are you using? Maybe I could help to harden your setup? I >> have so far helped two users from the DSPAM mailing list to harden >> their setup and I would say that those little things have helped to >> cut their Spam rate by factors. >> @Marko Weber and Paul Cockings: If you are reading this... could you >> post your experience with the hardened setup? I think Cyril could >> benefit from some input. >> >> > > Hey Cyril, > > Dspam is an awesome antispam-tool, but what Stevan has helped me with > is to understand Dspam correctly and thats it best as a much large > anti-spam toolkit. > The big changes for me: > > Now using a merged group which was created from my own mailbox with a > good balance of ham/spam. (i'm now working on ways to keep this > auto-updated) > Changed to OSB... Waaaay better than CHAIN (which I used for ~ 2 years). > Adding a huge list of excluded headers to dspam.conf > > but the big change was not from Dspam, but from the other tools around > it The vast majority of spam never gets to Dspam now because it is > blocked with tools like policy-weightd, greylist, spf checks etc. > policy-weightd has been extended with lots of tools like p0f (which OS > sniffed from packets), Geo:IP (scores based on distance), DNSBL, S25R > etc the list goes on. > > # HIT score, MISS Score > @client_ip_eq_helo_score = (1.5, -1.25 ); > @helo_score = (1.5, -2 ); > @helo_from_mx_eq_ip_score = (1.5, -3.1 ); > @helo_numeric_score = (2.5, 0 ); > @from_match_regex_verified_helo = (1, -2 ); > @from_match_regex_unverified_helo = (1.6, -1.5 ); > @from_match_regex_failed_helo = (2.5, 0 ); > @helo_seems_dialup = (1.5, 0 ); > @failed_helo_seems_dialup = (2, 0 ); > @helo_ip_in_client_subnet = (0, -1.2 ); > @helo_ip_in_cl16_subnet = (0, -0.41 ); > @client_seems_dialup_score = (3.75, 0 ); > @client_s25r_score = (1.75, -0.35 ); # > http://gabacho.reto.jp/en/anti-spam/ > @from_multiparted = (1.09, 0 ); > @from_anon = (1.17, 0 ); > @bogus_mx_score = (2.1, 0 ); > @random_sender_score = (0.25, 0 ); > @rhsbl_penalty_score = (3.1, 0 ); > @enforce_dyndns_score = (3, 0 ); > > > I to have ultra stupid users (i think we all do). Today I had to > explain to one user that email 'display name' and 'email address' are > two different things, and someone the other day was asking the > difference between Spam and Junk!! -HeLp! > > I have some users that only use the web-ui for training - these people > are technical. > I have some users that just forward mail to retraining aliases > I am now working on the old Outllook 2003 Addin so to give most of my > users Spam/Ham buttons in outlook. > > You could also look at training from IMAP folders - depends on your > setup and users. > > I will not waste my time with customers that will not take 2 mins of > tutorial on how to use the Ham/Spam in outlook. They deserve to get > spam, but the truth is even if you don't train on my system the merged > group is doing such a good job that those users seem to tolerate a > small amount of spam. > > If you give a bit more information about your setup, I'm sure you'll > find we are able to help. IMO you don't want to be training for the > end users, this eats a huge amount of time on your part. Building a > merged group and adding automatic ways to keep it updated is a much > smarter way forward. > > BTW - are you coder or have any good skills with postfix? (other > mtas?) or would you be willing to write up some howto's on the wiki or > editing documentation? > > Kind regards > from Middle England ('the shire') although i'm not a hobbit. > > > ------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first _______________________________________________ Dspam-user mailing list Dspam-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspam-user
