Professional Web Applications Themes

how to deal with spam for good? - FreeBSD

Hi, I'm wondering, how does this mailing list doesn't get any spam? :), I need to set some filter on my mail server, can some one here give me a hint on this? thanks -- www.eXactas.org - La Universidad Evolutiva...

  1. #1

    Default how to deal with spam for good?

    Hi,
    I'm wondering, how does this mailing list doesn't get any spam? :),
    I need to set some filter on my mail server, can some one here give
    me a hint on this?

    thanks

    --
    www.eXactas.org - La Universidad Evolutiva
    Luciano Guest

  2. #2

    Default Re: how to deal with spam for good?

    On Wednesday 09 March 2005 10:53 pm, Luciano Musacchio wrote: 

    heh... I'm working on that right now, actually... :)

    There are so many options and combinations out there, it wouldn't
    be worth it to list them.

    From my experience (somewhat limited)... If you're running
    sendmail on FreeBSD, then SpamAssassin and clamav running thorugh
    MIMEDefang is probably the best way to go (MIMEDegang is pretty
    cool and it simplifies the whole process... and it supports a
    lot of other stuff too)

    With sendmail on OpenBSD, it's probably SpamAssassin and clamav
    running through smtp-vilter (but clamav and smtp-vilter are still
    very much a work in progress on obsd, and will cause hair to fall
    out until at least the next release... pd me off. :( )

    Really though, there are lots of possibilities... I would start
    with a google with something like:

    bsd +u're_MTA-of-choise_goes_here +spam +filter +scan

    HTH

    Mike
    Mike Guest

  3. #3

    Default Re: how to deal with spam for good?

    On Thu, 10 Mar 2005, Luciano Musacchio wrote:
     

    It does, and I report it (but not the mailing list itself).

    -- Dave
    Dave Guest

  4. #4

    Default Re: how to deal with spam for good?

    On Mar 9, 2005, at 10:53 PM, Luciano Musacchio wrote: 

    Consider greylisting, amavisd, SpamAssassin, and a virus scanner of
    your choice.

    Greylisting needs postfix as your MTA at the moment, but is extremely
    effective for very few resources. Perl-based scripts like amavisd and
    SA are a lot more resource-intensive, perhaps dspam or other tools
    might also be worth looking at if your mail volume is high....

    --
    -Chuck

    Charles Guest

  5. #5

    Default RE: how to deal with spam for good?


    This is bull, milter-greylist is in the ports. Greylisting
    does not require postfix. Just because YOU are too lazy to
    understand sendmail doesen't mean everyone else is.

    Keep in mind that Greylisting isn't going to be very effective
    for long if a lot of people adopt it.

    We run, like most ISP's, a very busy mailserver. If 3/4 of the
    hosts we were sending mail to did this, our server would be completely
    overloaded. Every other ISP in the world of any size would be in
    the same boat. Why should we have to go spend a lot of money buying
    a new mailserver that's 5 times more powerful just to handle your
    goofy filter? Long before the number of hosts greylisting got to
    3/4 of the hosts on the Internet we would just reconfigure to
    start returning the mails back to our customers when we got a
    541 and telling the customer to contact their coorespondent and
    tell the cooresponent to switch ISP's. If only a few hosts on the
    Internet are doing it, (and none of the major ISP's are right now)
    then all the rest of the big ISP's (like Hotmail) will do the same
    thing.

    If our customer's coorespondent cannot get mails from us and from
    hotmail, how long do you think he's going to put up with his ISP
    running a greylist?

    Long before this happened of course the spammers would mod their
    software to simply start retrying more. If you think about it, if
    they are sending a million mails a minute, and the greylist delay is
    5 minutes, they merely need to construct a server that stores 5
    million mails for a set period and then retries. The server never has
    to store more than 5 million mails at a time.

    It's just one more anti-spam filter that is utterly dependent on
    nobody else on the Internet doing it. Typical bright idea from some
    tech somewhere that understands just enough of the SMTP standards to
    cause a lot of trouble for people.

    The only long term solution that is going to work is modding the
    DNS records to designate an official SMTP server for each domain, such
    a plan has been in the works for a while among the standard bodies
    that know what they are doing.

    Ted
     
    >
    > Consider greylisting, amavisd, SpamAssassin, and a virus scanner of
    > your choice.
    >
    > Greylisting needs postfix as your MTA at the moment, but is extremely
    > effective for very few resources. Perl-based scripts like amavisd and
    > SA are a lot more resource-intensive, perhaps dspam or other tools
    > might also be worth looking at if your mail volume is high....
    >
    > --
    > -Chuck
    >
    > _______________________________________________
    > org mailing list
    > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
    > To unsubscribe, send any mail to
    > "org"
    >[/ref]

    Ted Guest

  6. #6

    Default Re: how to deal with spam for good?

    On Thu, 10 Mar 2005 00:53:58 -0300
    Luciano Musacchio <org> wrote:
     

    mail/dspampd and mail/dspam-devel

    As for the lists, our postmaster has some nice header_checks (possibly
    body_checks also) and uses a few RBLs.


    --
    IOnut
    Unregistered ;) FreeBSD "user"


    Ion-Mihai Guest

  7. #7

    Default Re: how to deal with spam for good?

    On Mar 10, 2005, at 4:49 AM, Ted Mittelstaedt wrote: 

    I've paid my dues to sendmail:

    http://groups-beta.google.com/groups?
    &as_ugroup=comp.mail.sendmail&as_uauthors=Chuck+Sw iger

    ....shows about 900 postings from me. As of sendmail-8.11, and even
    early 8.12's perhaps, greylisting via sendmail wasn't possible because
    the MILTER API didn't support it. If the situation has been improved
    and you can greylist with sendmail now, that's fine.

    What isn't fine is your attitude: FOAD.
     

    Your opinion differs.
     

    If a customer isn't happy with you, they'll take their business
    elsewhere.
    Lord knows I wouldn't blame them, either.
     

    Let them retry more. There is more than one way to deal with UCE, and
    shifting the burden to the spammers, making them consume lots of time
    for minimal resources is amoung those ways.
     

    Someone whose SMTP engine is unwilling to retry delivering email after
    the first response is refused with a 4xx code is the one failing to
    understand RFC-822/2822. Real mailers retry at a recommended 1 hour
    interval for a recommended maximum queue length of 5 days, per RFC.
    Once you've whitelisted your clients and covered 95+% of incoming mail,
    up your greylisting time from 5 to say, 59 minutes, works wonders.
     

    SPF is another way of dealing with UCE.

    It's not hard to find people who have implemented SPF in their DNS,
    either.
    I haven't seen it do much good as yet...

    --
    -Chuck

    Charles Guest

  8. #8

    Default Re: how to deal with spam for good?

    On 2005-03-10T01:49:20-0800, Ted Mittelstaedt wrote:

    [snip caustic commentary]
    [snip real-life facts]
     

    While not all-encompassing, I found the following site to be very
    useful, not just for finding problems with my own domains, but finding
    out why my draconian Postfix config would reject email from some
    friends (check the NANOG archives for Verizon's retarded SMTP tactics).

    http://www.dnsreport.com/

    That site also turned me onto SPF[1] records in DNS, which I think is
    what Ted is talking about (or something similar). If not, I am sure
    that he will correct me.

    [1] http://spf.pobox.com/

    --
    Mike Oliver
    [see complete headers for contact information]

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.0 (FreeBSD)

    iD8DBQFCMB7nsWv7q8X6o8kRAuTUAKCvikS4OWXZiF99GWt9FR uHd0E3WQCeIZVA
    0UrSPv35Vf9HlCQkIIEJjms=
    =K0La
    -----END PGP SIGNATURE-----

    Michael Guest

  9. #9

    Default RE: how to deal with spam for good?

    On Thu, 10 Mar 2005, Ted Mittelstaedt wrote:
     

    Which, of course, will do nothing to stop spam, but only forgeries. This
    issue has been dealt with many times upon the anti-spam lists.

    -- Dave
    Dave Guest

  10. Moderated Post

    Default RE: how to deal with spam for good?

    Removed by Administrator
    Ted Guest
    Moderated Post

  11. #11

    Default Re: how to deal with spam for good?

    LM> Hi,
    LM> I'm wondering, how does this mailing list doesn't get any spam? :),
    LM> I need to set some filter on my mail server, can some one here give
    LM> me a hint on this?

    LM> thanks

    Spamers are too lazy to subscribe freebsd-questions, so they can't post here :)

    --
    WBR,
    Dmitry Kozhevnikov mailto:ru


    Dmitry Guest

  12. #12

    Default RE: how to deal with spam for good?


     
    > domain, such 
    >
    > Which, of course, will do nothing to stop spam, but only
    > forgeries. This
    > issue has been dealt with many times upon the anti-spam lists.
    >[/ref]

    Correct, however when I go to the police to report criminal spamming
    activity, it gets a lot better response when I can tell them who
    is doing it. :-)

    Don't be impatient. There are a lot of pieces that still have to be
    placed before the spam is going to start dropping. We aren't going to
    see much change until at least 2010 because by then most of the Windows
    XP desktop systems will be flushed out of the network, and replaced with
    the next version of Windows which will be much harder to find holes in.

    I don't have a lot of respect for Microsoft but I will say that once
    they get moving in a general direction, they are like the Borg they don't
    stop until everything has been assimilated. Microsoft only gave lip
    service
    to computer security until just a couple years ago, but they are finally
    moving in that direction, and they are not going to stop for a long time
    yet.

    Once you see most of the desktops on the Internet behind firewalls and
    translators, and being forceably updated with security patches, without
    the consent or even knowledge of their owners, a lot of this hit and run
    spamming is going to die down. That will flush out the amateur spammers
    that operate out of their garages and make a few extra bucks at it, and
    push a lot of the spam to the professionals, who will get a lot richer
    and thus make far more attractive targets to the collection of state DA's
    who's job it is to go after them. And the more agressive those people
    get
    the more the large networks are going to be encouraged to be nasty also.

    Red China is pretty successful at filtering stuff that goes into that
    country, they are proof that the technology exists to clamp down on
    offshore spammers. It is merely a political problem of generating the
    necessary will among the ISP's and their customers to deploy that
    technology in the US, but that will is slowly being developed. It would
    have happened sooner but for the "pioneer wild west" mythos attached to
    the
    Internet in the US, just because it started here, and it's taken a
    long time to stamp that out.

    Also don't forget too that the war on drugs would be pointless if they
    didn't arrest the people buying the stuff as well as the people selling
    the stuff. So far the lawmakers have focused on the spammers selling
    the spam, but what isn't discussed is that spam wouldn't happen if people
    wern't buying the stuff spammers are pushing. It's not out of the realm
    of possibility to make it illegal to buy products from a spammer, and
    a few high profile prosecutions of purchasers would do wonders to reduce
    the
    revenue stream that feeds spammers, don't you think?

    I better stop now before you think I'm a total devil. :-) But seriously
    the
    problems with spam are growing to be more of a
    political/economic/criminal nature
    than a technical nature. Solutions are going to have to come from the
    governments,
    not from the techs. And they will unfortunately be solutions that are
    not as
    clean as ones the technical community will want to use, but they will be
    more
    effective, in the same way a club is more effective at opening a door
    than
    a lockpick is.

    Ted

    Ted Guest

  13. #13

    Default Re: how to deal with spam for good?

    On Mar 10, 2005, at 6:44 AM, Ted Mittelstaedt wrote: 

    Dude, half my mailservers are running sendmail. Sendmail's fine.

    As for "chips on the shoulder": pot, kettle, black.
     

    When was the last time someone thanked you for diatribes like these,
    Ted? You're wasting more time than just mine with this drivel, and
    frankly, your rabid personal attacks say more about you then they do
    about me.

    --
    -Chuck

    Charles Guest

  14. #14

    Default Re: how to deal with spam for good?


    On Mar 9, 2005, at 11:54 PM, Mike Hauber wrote:
     
    >
    > heh... I'm working on that right now, actually... :)
    >
    > There are so many options and combinations out there, it wouldn't
    > be worth it to list them.
    >
    > From my experience (somewhat limited)... If you're running
    > sendmail on FreeBSD, then SpamAssassin and clamav running thorugh
    > MIMEDefang is probably the best way to go (MIMEDegang is pretty
    > cool and it simplifies the whole process... and it supports a
    > lot of other stuff too)[/ref]

    At the moment we're running FreeBSD 4.x with postfix, clamav, and
    spamassassin via amavisd-new; after processing the message is injected
    into another postfix queue where it's forwarded to an internal mail
    server. Is there an easy way to plug mimedefang into that kind of
    setup? Is there a nice howto on the subject?

    Bart Guest

  15. #15

    Default Re: how to deal with spam for good?

    On Wednesday 09 March 2005 21:53, Luciano Musacchio wrote:
     

    I just wrote an article for Free Software Magazine on this subject. It's
    available online at
    http://www.freesoftwaremagazine.com/free_issues/issue_02/focus_spam_postfix.
    While it's largely aimed at Postfix users, every method I use is available
    in other MTAs.
    --
    Kirk Strauser

    -----BEGIN PGP SIGNATURE-----

    iD8DBQBCMGp25sRg+Y0CpvERAqYMAKCUB495u2wgnWhw2Nz2vD Pk7M/YaQCfWH/4
    vm1nX/Ar9RnYIRmkHvc8HMU=
    =FtUj
    -----END PGP SIGNATURE-----

    Kirk Guest

  16. #16

    Default Re: how to deal with spam for good?


    On Mar 10, 2005, at 01:49, Ted Mittelstaedt wrote:
     

    SPF is only going to address one form of spam distribution.
    Unfortunately it does nothing for the spammers who get their own domain
    and establish their own SPF records. They can continue to spam away at
    will. Likewise SPF will not close any of the open relays run by the
    organizations that are pushing SPF. Those will continue to forward
    spam like they do today. I suspect the open relays are ahead of their
    SPF checking as we continue to receive mail through them even theough
    they claim SPF is in use.

    Spam will only go away when people no longer respond to it. When there
    is no revenue generated to cover the cost of spamming then it will end.
    Since spamming is so cheap, it only takes a couple of responses to
    cover the costs. Probability of finding a couple of morons out there
    is 1.00. People still respond to the Nigerian scams.....

    Doug Guest

  17. #17

    Default Re: how to deal with spam for good?

    On Thursday 10 March 2005 12:40, Doug Hardie wrote:
     

    Not necessarily true. If you can *force* senders to tie themselves to their
    own domain, then it becomes rather easy to blacklist that particular
    domain. Imagine having a DNS blackhole list that was 100% accurate with no
    chance of collateral damage. If SPF (or another similar system) were
    universally deployed, then such things would be possible.
     

    I'm not sure what you mean by that. Could you elaborate?
     

    You know, I'm no longer sure that's true. I think that spam will stick
    around as long as stupid business owners continue to get ered into
    thinking that it's a legitimate means of marketing. One of my associate's
    customers (a brick and mortar store) was being sweet-talked by a spammer
    into sending a series of broadcasts. In this situation, the spammer would
    profit off the ignorance of that *business owner*. Even if 100% of the
    messages were blocked, he'd still get his pay for performing the "service".
    --
    Kirk Strauser

    -----BEGIN PGP SIGNATURE-----

    iD8DBQBCMKL95sRg+Y0CpvERAll4AJ4m3TslpkteAi8RPBkdxo fcsZ8aQQCgmMf9
    vrp5TU2JfDHAxJHATrsODx8=
    =E3Le
    -----END PGP SIGNATURE-----

    Kirk Guest

  18. #18

    Default Re: how to deal with spam for good?

    Luciano Musacchio wrote:
     

    # sudo ipfw add 00001 deny ip from any to me 25

    :-)

    Should do the trick.

    Actually, it's a never-ending battle. And it's
    tricky to fight. And, as you've seen, a lot of
    people have opinions.

    So far, I've tried:

    a] blocking entire countries with ACL's.
    b] SpamAssasssin + Amavisd + Dual-Sendmail
    c] Greylisting with Perl + Mysql + Sendmail
    (excluding a lot of big SP's, thank you much)

    It frankly takes more of my time than it's worth,
    and that's an economic issue, to be sure. I'm beginning
    to think that, if you have time to spend on it, b] isn't
    such a bad option. But I've not found the *answer*
    yet.

    Good luck.

    Kevin Kinsey
    Kevin Guest

  19. #19

    Default Re: how to deal with spam for good?

    Doug Hardie writes:
     

    Exactly. A surprising number of people _do_ respond to spam--more than
    enough to justify sending it.

    Ironically, I seem to see a slight decline in the spam I receive myself,
    which has dropped a bit from the usual 1500 messages per day. Some
    weeks ago I removed my e-mail address entirely from my Web site, so that
    it could not be harvested. It seems unlikely that this could have much
    effect since it has been out there for years, but perhaps it does.

    In any case, I don't use any automated filters for spam. I have filters
    that sort probable spam into folders that I periodically examine, but
    I don't delete anything automatically because even a single false
    positive can cost me more than I'd ever save by running automatic spam
    filters. As it is, sometimes I can't answer clients by e-mail because
    their own ISPs (e.g., anything run by Time-Warner) simply throw away my
    e-mail because it doesn't come from a Big ISP.

    If fewer people respond to spam, spam will decline. If more people
    respond to it, it will increase. It's a simple as that. There's no
    fundamental, objectively verifiable difference between spam and any
    other e-mail, so no automated or technical solution will ever work
    completely.

    --
    Anthony


    Anthony Guest

  20. #20

    Default Re: how to deal with spam for good?


    On Mar 10, 2005, at 15:24, Anthony Atkielski wrote:
     

    I doub't thats the reason. I am presuming you are referring to
    wanado.fr. I know we have its MTA blocked because of the unresolved
    spam complaints over the years. I suspect thats the same for others
    also.

    Doug Guest

Page 1 of 2 12 LastLast

Similar Threads

  1. Is an IBM pSeries 615 a good deal?
    By Mike in forum AIX
    Replies: 2
    Last Post: January 2nd, 07:15 PM
  2. Replies: 3
    Last Post: July 10th, 10:40 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139