Re: Can't change SpamAssassin score without enabling the "Spam Auto-Delete" function

Mon, 15 Dec 2014 10:40:09 -0800 


Am 15.12.2014 um 19:20 schrieb Herbert Eppel:

On 15.12.2014 18:02 UK Time, Reindl Harald wrote:

besides that using RBL scoring and wise filters for dynamic PTRs and
invalid HELO names *before* SA on the MTA level should reject most spam
without false positives

3 months:

* 250000 delivered ham messages
* 850000 MTA level rejects
*  32000 SA hits


Thanks for your reply, but I'm afraid as an ordinary SA user with
limited knowledge of these matters I have, quite frankly, no idea what
you are talking about.

Don't hesitate to tell me to RTFM, but if you feel like elaborating a
little, ideally in an 'acronym-free environment', I would be grateful.



for postfix just Google for the parameters below and read 
http://www.postfix.org/POSTSCREEN_README.html which will kill 90% of all 
junk before it ever touchs the expensive content filter



since only the dialup-balcklists have the reject score of 8 and all 
others need at least confirmation based on trust-level of the RBL 
combined with some whitelists you achieve both:


* large amount of catches
* avoid false positives


this like "127.0.0.[4..7]" are the RBL response codes of aggregated 
lists which has the benefit postscreen needs only do a single dns lookup 
and weight the results (RTFM of the RBL's itself)


postscreen_dnsbl_ttl = 5m
postscreen_dnsbl_threshold = 8
postscreen_dnsbl_action = enforce
postscreen_greet_action = enforce
postscreen_dnsbl_sites =
 dnsbl.sorbs.net=127.0.0.10*8
 zen.spamhaus.org=127.0.0.[10;11]*8
 b.barracudacentral.org=127.0.0.2*7
 dnsbl.inps.de=127.0.0.2*7
 dnsbl.sorbs.net=127.0.0.5*7
 zen.spamhaus.org=127.0.0.[4..7]*7
 zen.spamhaus.org=127.0.0.3*5
 bl.mailspike.net=127.0.0.2*5
 bl.mailspike.net=127.0.0.[10;11;12]*4
 bl.spamcop.net=127.0.0.2*4
 bl.spameatingmonkey.net=127.0.0.[2;3]*4
 dnsrbl.swinog.ch=127.0.0.3*4
 zen.spamhaus.org=127.0.0.2*3
 dnsbl.sorbs.net=127.0.0.7*3
 dnsbl.sorbs.net=127.0.0.8*2
 dnsbl.sorbs.net=127.0.0.6*2
 dnsbl.sorbs.net=127.0.0.9*2
 wl.mailspike.net=127.0.0.[18;19;20]*-2
 list.dnswl.org=127.0.[0..255].0*-2
 list.dnswl.org=127.0.[0..255].1*-3
 list.dnswl.org=127.0.[0..255].2*-4
 list.dnswl.org=127.0.[0..255].3*-5






Attachment:
signature.asc

Description: OpenPGP digital signature






















					Reply via email to