Re: Massive SPAM Increase {-2.6} {-2.6}

Mon, 09 Oct 2006 11:15:47 -0700 

Kurt Seifried said the following on 09/10/06 14:06:

You got joe-jobbed.

http://en.wikipedia.org/wiki/Joe_job



What MTA do you run?



seifried.org Mail looks like this:


Sorry when I asked what MTA, I wanted to know what MTA Alex runs.

Alex, please tell us what MTA you run!

Your mail structure looks nice!


Internet
|
Firewall - OpenBSD with spamd (defaults) and very agressive greytrapping.This catches about 90% of my spam (the main idea is to reduce load on spamassassin and make sure I'm talking to a real mail server). For example if you try to email [EMAIL PROTECTED] or [EMAIL PROTECTED] you get black listed (so often spammers go in alphabetical order hit those before [EMAIL PROTECTED]) I also have a script that checks the maillogs for undeliverable addresses and adds those (about 3000 in all added, very few new ones being added now). 
|
Incoming MX servers - two servers running Postfix with various anti-spam things enabled. 
|
Mail server - Postfix server with spamassassin and some procmail filtering for attachments/etc to my personal accounts. IMAPS server for mail retrieval.
So tell me once your OpenBSD accepts the mail, it goes to the postfix machines. Does the OpenBSD server know what users are valid and what aren't? Do you postfix MXs know what users exist or don't?
So currently I have two main lines of defense against spam: OpenBSD spamd and spamassassin. I have not yet enabled Bayes filtering, which would provide an additional level of spam filtering (I get 2-3 spams a day to my accounts so it's not enough to bother me enough to setup Bayes filtering).
I am running SA on my server, it work well but I am studying a move onto dspam. I think it will give me much more granularity than SA, people say that it is also much more accurate. I am yet to see! 

Vini

------------------------------------------------------------------------------
This List Sponsored by: Black Hat
Attend the Black Hat Briefings & Training USA, July 29-August 3 in Las Vegas. World renowned security experts reveal tomorrow's threats today. Free of vendor pitches, the Briefings are designed to be pragmatic regardless of your security environment. Featuring 36 hands-on training courses and 10 conference tracks, networking opportunities with over 2,500 delegates from 40+ nations. 
http://www.blackhat.com
------------------------------------------------------------------------------

Reply via email to