Hi,
My top hit counts from last week from dnsblcount.pl script (using postscreen so the numbers are most likely skewed based on ordering and thresholds being met with multiple RBL hits):
Where did you find dnsblcount.pl? Or is this is your own? That sounds like a great compliment to pflogsumm and mailgraph. I'm also using postscreen. How difficult do you think it would be to update it to account for those rejects too?
- Enable greylisting. This is just about the only way you can block zero-hour spam from compromised accounts that come from legit mail servers before they get listed in RBLs. I use SQLgrey with Postfix and was able to ease it in slowly with it's feature called discrimination mode.
I'm also using sqlgrey with DB_CLUSTER to support communications between bayes on multiple systems. Do you know anything about using policyd for this? I've seen a few references to it recently, and heard it may be a better replacement for use with postfix?
Inside SA add the KAM.cf rules (Google for it) and update them a couple of times each day. These rules are a must!
http://www.peregrinehw.com/downloads/SpamAssassin/contrib/KAM.cf
I also have added CRM114 and BOGOFILTER plugins which are similar to BAYES but don't require the manual training. These are fairly difficult to install but provide a good complement to BAYES scoring and actually help automatically train my BAYES database.
CRM114 looks interesting, but is it still being developed? Can you briefly describe what's involved in setting it up?
BOGOFILTER also looks interesting, but are you concerned it's duplicating some of the rules or efforts of SA itself?
I'm really interested in TxRep: http://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Plugin_TxRep.html
Setup ClamAV and add the UNOFFICIAL SIGS.
Yes, everyone should be using at least the sanesecurity sigs. A script to download and manage the sigs is here:
http://sourceforge.net/projects/unofficial-sigs/ Regards, Alex
