[CentOS] spam control

Mark Weaver mdw1982 at mdw1982.com
Mon Oct 30 03:27:49 UTC 2006

Bill Church wrote:
> If you have the luxury of blocking IPs based on countries or regions,
> that helps as well but not everyone can do this.
> -Bill

That in a nutshell of but one layer of a multi-layer approach that I've 
been using for the past two years. At present I may get a grand total of 
2 SPAMs per week; sometimes less than that, but that's the average.

layer #1: RBLs configured in the MTA - Sendmail
layer #2: SpamAssassin (score set to 3 and known or trusted addresses
layer #3: iptables rules and a technique known as geo-blocking.

The third layer, iptables and geo-blocking REALLY make a huge 
difference. It's taken about a year and some digging, but I've got a 
very good foundation ruleset that works extremely well. And personally I 
don't consider blocking on countries or regions is a luxury, but rather 
a necessity. Anyone can do it and should of they're running a mail 
server that is accepting direct SMTP connections.

Since my mail server is already behind a router the rule set is very 
simple, but extremely effective and very portable.

*see attached bash script.


"If you have found a very wise man, then you've found
a man that at one time was an idiot and lived long enough
to learn from his own stupidity."
Powered by CentOS4 (RHEL4)
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: chains
URL: <http://lists.centos.org/pipermail/centos/attachments/20061029/6858a131/attachment.ksh>

More information about the CentOS mailing list