On Mon, Oct 20, 2014 at 9:18 AM, Robert Moskowitz <[email protected]> wrote:
> SInce this is about mail and spam, I thought this might be a good place to > ask about nolisting: > > http://en.wikipedia.org/wiki/Nolisting > > I get ~ 7000 messages/day on my server, with ~70% getting tagged as spam. > > This is really private mailserver for my side consulting business and for > all the standards and support lists I am on. > > I am in the process of building a new server that I hope to launch > tonight: Redsleeve6 (on armv7/Cubietruck)/postfix/ > dovecot/spamassassin/clamav/amavis-new. > > I a friend recommended I use nolisting to reduce the amount of spam > messages to scan for spam. I tried the single fake MX record as discussed > in the wiki. Port 25 is blocked on the first MX entry. No changes in spam > received. > > So I was told that this simple single MX record may not work. To have TWO > fake low value MX records and one high value like: > > MX 10 bad.foo.com > MX 20 bad2.foo.com > MX 30 me.foo.com > MX 40 bad3.foo.com > > And this did not make any difference in % of spam. I seem to be receiving > the same amount. So either the spammers that know about me use realy MTAs > or have updated their SMTP to process MX records right. > > So is there any experience here with nolisting? > > thanks > > > We ran nolisting set up for a number of years. It worked about as well as reverse DNS checks for eliminating spam, without the CPU overhead of reverse DNS check. The problem is, this does nothing about spammers who decide to run a real mailqueue, or abuse someone else's mail server, which is increasingly the case. Eventually we implemented a real grey lister, sqlgrey with Postfix. The results were worthwhile. The email delivered by our secondary MX fell from about 5000 per day down to 200 or so. It was so alarming I was afraid we would hear from users on missing mail, but it really was all spam. Our solution is Postfix with postscreen (eliminates zombies that don't behave like a mail server), sqlgrey (eliminates systems that don't queue) amavis with SA and clamav, RBLs like spamhaus, plus SANE security add ons for clamav. When I eliminated the nolisting config with all the above in place, spam and email delivery stats did not increase. While running with nolisting I think we encountered two sites running home made mail software which didn't fail over to the next MX and called us. Once we explained why their software failed, they fixed it on their end.
