Hi, I have a client who's server has just been blacklisted by BT, not without some justification, however the help received from BT to resolve the problem is non existent. Originally, the server was set up simply as the MX for about 600 domains with about 1000 users in virtusertable. None of the accounts were local accounts, the box just accepted what came in and forwarded the message to the recipient. No filtering, no checks. Unfortunately, some of the domains had wildcard addresses in them so the machine was a spammers dream :-( Since many of the addresses forwarded to BT Connect accounts and have done for several years, it was inevitable that at some point BT would start to get a bit sensitive about the amount of spam being received and would do something about it hence the blacklisting.
The blacklisting has caused the client some problems - not least of which is the complete reluctance of BT to engage in a dialogue to resolve the problem, eventually BT white-listed the server after one of the end users wrote a message to the BT Chairman. In the meantime, I was asked by the client what was required to limit the damage so I migrated them from sendmail to exim + clamav + spamassassin + DNSBL + sender/callout. I also removed all the wildcard addresses that went to BT. BT now say that the client will still be blocked eventually because they still receive a 'significant' amount of spam from the server even though the new configuration throws away 97% of messages before they are forwarded to the btconnect accounts (For instance, yesterday 88834 rejects and 3016 deliveries according to eximstats). BT haven't defined 'significant'. I suspect that if I ask BillW or MarcP, I'd get different definitions of significant :-) My question is, what more can I do to cut down the spam further ? I don't know of any spam filter that is 100% accurate and what I let through BT may block but similarly, what a BT spam filter might let through, spamassassin would block. Spam is a moving target/definition. BT seem to be using DKIM and SPF but will this really make a big difference if I implement it on the server ? Exim is performing much better than sendmail BTW, though this is probably due to the fact that poor old sendmail was doing nothing other than store and forward and was consequently being hit with so much backscatter that it couldn't do anything but run slowly. Regards, Dave exim/2009-09-04.tx exim-users +----------------------------------------------------------------------------+ | Dave Restall, Computer Nerd, Cyclist, Radio Amateur G4FCU, Bodger | | Mob +44 (0) 7973 831245 Skype: dave.restall Radio: G4FCU | | email : [email protected] Web : Not Ready Yet :-( | +----------------------------------------------------------------------------+ | Please ignore previous fortune. | +----------------------------------------------------------------------------+ -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
