[TriLUG] postfix spam blocking

David Black dave at jamsoft.com
Fri Dec 16 08:05:56 EST 2011 

I experimented with client and recipient restrictions a while ago and found the client restrictions sometimes blocked too early.  The connecting MX didn't get enough of a chance to say much about who it was and what it wanted, before being disconnected.  If the filters were 100% accurate it'd be different, but the free RBLs, for instance, definitely aren't.

Better to load up recipient restrictions with a nice set of filters, able to act on all the info gathered after the HELO.   The author of this page seems to agree:  http://www.akadia.com/services/postfix_uce.html

Also, postgrey works but does delay emails from new sources - the MTA/to/from triad, and there's the odd MTA that doesn't know how to correctly retry or takes a very long time to do so.  Many services use a different from address every time, forcing a delay for *every* email.  I used to use it and don't any more, because of the occasional legitimate email that never arrived and more delays than expected.  At least in a business setting, I've consistently found it's better to let a bit more spam through and not block legit emails, than have the occasional - and very important to the CEO - email just disappear.   IMHO today people in general depend too heavily on email.

These days I use spamassassin on the MXs to classify but not block.  The decision to block/not block is done at the local mailbox delivery, and the end user at least has an opportunity to fish an email out of their junk folder.

Dave

----- Original Message -----
> When setting up postfix to help curb spam, which is more
> correct/effective
> when specifically addressing RBLs?  OR can this be done in both
> places in
> main.cf to enhance the protection:
> 
> smtpd_recipient_restrictions = reject_rbl_client zen.spamhaus.org
> 
> OR
> 
> smtpd_client_restrictions = reject_rbl_client zen.spamhaus.org
> 
> OR
> 
> both?
> 
> OSX Server puts the setting in the smtpd_client_restrictions via the
> gui
> admin, however some other linux related how-to docs say to use
> smtpd_recipient_restrictions.
> 
> thanks,
> David
> 
> http://www.facebook.com/notollson540
> --
> This message was sent to: David Black <dave at jamsoft.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from
> that address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web	:
> http://www.trilug.org/mailman/options/trilug/dave%40jamsoft.com
> TriLUG FAQ          :
> http://www.trilug.org/wiki/Frequently_Asked_Questions
>

More information about the TriLUG mailing list