Hi Ok, I checked with qpsmtp and it does support SSL perfectly now. It also seems to be less "patch-hell" then SPAMCONTROL, because of Dan Bernstein not supporting qmail anymore.
Best Zeno 2006/10/31, Conrad <[EMAIL PROTECTED]>: > We actually dont use qpsmtp - as I think I mentioned here on this > list. We manage several thousand tmda-protected mailboxes, and a > couple thousand un-protected boxes. For our uses, qpsmtp was not the > way to go for smtp-time checks, as at the time I looked into it it > did not scale well and didnt have ssl included (this may have changed > since when I last looked at it) > > We use spamcontrol, located here: > > http://www.fehcom.de/qmail/spamcontrol.html > > In addition, we have complied in a bunch of custom code using the > above as a base. > > Thanks. > > At 12:25 AM 10/31/2006, Zeno Davatz wrote: > >Hi! > > > >Thanks for the Info! > > > >Do you use qpsmtpd? If yes, are you satisfied with it and do you use > >any of the plugins available? > > > >Thank you for your Feedback. > > > >Best > >Zeno > > > >2006/10/31, Zeno Davatz <[EMAIL PROTECTED]>: > > > Hallo Hannes > > > > > > Hier noch weitere Info, die ev. hilft. > > > > > > Mit Gruss > > > Zeno > > > > > > ---------- Forwarded message ---------- > > > From: Conrad <[EMAIL PROTECTED]> > > > Date: 31.10.2006 00:04 > > > Subject: Re: Spamcop Bullshit > > > To: TMDA Users <[email protected]> > > > Cc: Zeno Davatz <[EMAIL PROTECTED]> > > > > > > > > > Ive found the following things help out against spamcop: > > > > > > - run a rbl check against major blacklists (think nagios) and apply > > > to be removed asap. We usually request to be removed within 10 > > > minutes of being placed on a RBL. > > > > > > - apply as many smtp-transaction checks as possible, including spf. > > > Dk does not protect against joe-jobbed domains, but only at the > > > individual email. A dk-protected domain can still validly send non-dk > > > signed email. > > > > > > - apply spamassissin and other internal checks - a SA score of 10 or > > > more should NOT send out a confirm message. This is configured in > > > tmda via "headers .... hold" > > > > > > - apply a regex of common spam words - including misspellings and > > > other things. We currently run a regex file of +/- 200 lines on all > > > tmda-protected accounts, and do not send confirms for those messages > > > (headers-file ... hold, body-file .. .hold). This catches most SA > > > scored messages between 10 and 4, but allows for a valid sender to > > > send a high SA scored message and get a confirmation request. Of > > > course, there will be a resources hit with a regex file this big - > > > but I feel its worth it. > > > > > > - move outbound tmda messages to an IP you dont care about. We have a > > > separate server we run exclusively for tmda-outbound messages. Use > > > "mailtransport" and "smtphost" to configure these. This mail server > > > is has a shorter default queue lifetime. The bad thing about this is > > > that all tmda-related messages go this route - not just confirmationm > > > requests. So your released messages and tmda-ofmipd messages will go > > > out through the same IP. You could set this up as another instance of > > > your favorite mail software on the same server on another IP, or a > > > seperate server. > > > > > > The point of the above is to remove the amount of backscatter tmda > > > causes. Note that for all the above I recommend a hold instead of > > > drop - as this way you can still see the incoming messages and > > > release/adjust as necessary. > > > > > > Using all of the above, we have mitigated our RBL risks. We still get > > > on one from time to time, but every moment not on a blacklist helps! > > > > > > Thanks. > > > > > > At 09:11 AM 10/30/2006, Todd A. Jacobs wrote: > > > >On Mon, Oct 30, 2006 at 03:35:11PM +0100, Zeno Davatz wrote: > > > > > > > > > because TMDA sends out replys to dead end Spam-Traps of Spamcop. > > > > > > > >FWIW, SPF and domainkeys were designed specifically to prevent > joe-jobs, > > > >but neither is widely adopted. YMMV. > > > > > > --Photocon > > > Conrad Hunziker III > > > NightSky Hosting - http://www.nightskyhosting.com/ > > > > >_________________________________________________ > >tmda-workers mailing list ([email protected]) > >http://tmda.net/lists/listinfo/tmda-workers > > _________________________________________________ > tmda-workers mailing list ([email protected]) > http://tmda.net/lists/listinfo/tmda-workers > _________________________________________________ tmda-workers mailing list ([email protected]) http://tmda.net/lists/listinfo/tmda-workers
