Hi, I just read about a very handy strategy handling spam mails. I think the problem with most of us is that scanning mails for spam takes up a lot of system ressources and may even cause a system to hang. The suggestion now is to check the ip of the sending mail server via an "ehlo" before actually receiving the mails. They also suggest to insert an "artificial wait time of about 2 seconds" to annoy profi spammers as they will loose time which is money for them. I have found two ressources explaining it a little more detailed: http://gerstmann.net/index.php?option=com_content&task=view&id=68&Itemid=2 (german) http://www.policyd-weight.org/ Perhaps you could somehow build it into ISPConfig. Greets, Alex
Seems as if there are some others occasionlly reading comments to Heise's news I read Gerstmann's article, had to agree and nodd to a lot of what he says (about rejected mail being not that bad at all) and tweaked my config. To me, receiving 50-80 spams a day is normal.. or at least it has been. Today the count went down to - believe it or not - three! Customers were also positive about receivig a lot less marked spam and my server also gets some breathing room.... Next step will be checking out policyd...
Have a look here, this is some native blocking stuff: http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt Btw, Heise does not offer RSS right?
Wrong: All of Heise: http://www.heise.de/newsticker/heise.rdf Only Heise Security: http://www.heise.de/security/news/news.rdf
btw: It's available in english too: Multilang URL: http://Gerstmann.Net/How2BlockSpam.html English URL: http://gerstmann.net/content/view/68/2/lang,en/ German URL: http://gerstmann.net/content/view/68/2/lang,de/
