Jack Raats put forth on 7/19/2010 1:39 AM: > I'm using postgrey quite a long time but I think there are more efficient > ways to block spam.
Totally agree. > Running pflogsumm on maillog gives the following numbers > > Totally blocked 85 > Blocking countries (using client host name and helo): 7 > relay access denied: 45 > spamhaus: 8 > cannot find your hostname: 23 > greylisting: 2 (only blocked for 30 sec) I run a small MX system, same as you, and get about the same results for Postgrey. However, as with all the spam nets at our disposal, each in isolated use will catch far more spam than when we combine them all. I do super selective greylisting. In fact, Postgrey is my last restriction. It blocks (or delays) less than 1% or so of my flow because I give it so little chance to--by design. I use Postgrey as a safety net of sorts, to "catch the one that got away", hopefully. Greylisting is/was designed to stop bot spam exclusively. I've got a substantial FQrDNS checking regex that catches a ton of bot spam, along with standard Postfix client checks, Spamhaus Zen and DBL, and on rare occasions BRBL (which throws more lookup errors than actual results--pretty close to kicking BRBL to the curb). > Yes I'm blocking complete countries (using the domain name), because no one > on my server expects to get mail form e.g. china (cn). > If someone from China wants to mail me, he can use gmail, hotmail etc..... Don't be ashamed or defensive. It's smart for small operations to country block, along with many other blocking methods that larger OPs shun. I'm not ashamed of it. I go a bit further than mere TLD blocking though. I use CIDR tables populated with ipdeny.com country ranges, which is more precise than TLD blocking. There are many .com, .org, .net, .info, etc domains in all countries, which can't be rejected via TLD. -- Stan
