Hi! Thanks for the Info!
Do you use qpsmtpd? If yes, are you satisfied with it and do you use any of the plugins available? Thank you for your Feedback. Best Zeno 2006/10/31, Zeno Davatz <[EMAIL PROTECTED]>: > Hallo Hannes > > Hier noch weitere Info, die ev. hilft. > > Mit Gruss > Zeno > > ---------- Forwarded message ---------- > From: Conrad <[EMAIL PROTECTED]> > Date: 31.10.2006 00:04 > Subject: Re: Spamcop Bullshit > To: TMDA Users <[email protected]> > Cc: Zeno Davatz <[EMAIL PROTECTED]> > > > Ive found the following things help out against spamcop: > > - run a rbl check against major blacklists (think nagios) and apply > to be removed asap. We usually request to be removed within 10 > minutes of being placed on a RBL. > > - apply as many smtp-transaction checks as possible, including spf. > Dk does not protect against joe-jobbed domains, but only at the > individual email. A dk-protected domain can still validly send non-dk > signed email. > > - apply spamassissin and other internal checks - a SA score of 10 or > more should NOT send out a confirm message. This is configured in > tmda via "headers .... hold" > > - apply a regex of common spam words - including misspellings and > other things. We currently run a regex file of +/- 200 lines on all > tmda-protected accounts, and do not send confirms for those messages > (headers-file ... hold, body-file .. .hold). This catches most SA > scored messages between 10 and 4, but allows for a valid sender to > send a high SA scored message and get a confirmation request. Of > course, there will be a resources hit with a regex file this big - > but I feel its worth it. > > - move outbound tmda messages to an IP you dont care about. We have a > separate server we run exclusively for tmda-outbound messages. Use > "mailtransport" and "smtphost" to configure these. This mail server > is has a shorter default queue lifetime. The bad thing about this is > that all tmda-related messages go this route - not just confirmationm > requests. So your released messages and tmda-ofmipd messages will go > out through the same IP. You could set this up as another instance of > your favorite mail software on the same server on another IP, or a > seperate server. > > The point of the above is to remove the amount of backscatter tmda > causes. Note that for all the above I recommend a hold instead of > drop - as this way you can still see the incoming messages and > release/adjust as necessary. > > Using all of the above, we have mitigated our RBL risks. We still get > on one from time to time, but every moment not on a blacklist helps! > > Thanks. > > At 09:11 AM 10/30/2006, Todd A. Jacobs wrote: > >On Mon, Oct 30, 2006 at 03:35:11PM +0100, Zeno Davatz wrote: > > > > > because TMDA sends out replys to dead end Spam-Traps of Spamcop. > > > >FWIW, SPF and domainkeys were designed specifically to prevent joe-jobs, > >but neither is widely adopted. YMMV. > > --Photocon > Conrad Hunziker III > NightSky Hosting - http://www.nightskyhosting.com/ > _________________________________________________ tmda-workers mailing list ([email protected]) http://tmda.net/lists/listinfo/tmda-workers
