[CentOS] spam control

Wed Oct 25 15:09:25 UTC 2006
Rodrigo Barbosa <rodrigob at darkover.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Oct 24, 2006 at 10:22:26PM -0400, Jerry Geis wrote:
> Gents,
> 
> I have added the following to /etc/mail/sendmail.mc and rebuilt it
> trying to control spam. I still get about 25 spam messages a day.
> Is there something else that can help control spam?
> 
> Thanks
> 
> jerry
> ---------------------------
> dnl #
> dnl # dnsbl - DNS based Blackhole List/Black List/Rejection list
> dnl # See http://www.sendmail.org/m4/features.html#dnsbl
> dnl #
> FEATURE(`dnsbl', `bl.spamcop.net',     `"Spam blocked see: 
> http://spamcop.net/bl.shtml?"$&{client_addr}')dnl
> FEATURE(`dnsbl', `relays.ordb.org',    `"Spam blocked see: 
> http://ordb.org/lookup/?host="$&{client_addr}')dnl
> FEATURE(`dnsbl', `cbl.abuseat.org',    `"Spam blocked see: 
> http://cbl.abuseat.org/lookup.cgi?ip="$&{client_addr}')dnl
> FEATURE(`dnsbl', `sbl.spamhaus.org',   `"Spam blocked see: 
> http://spamhaus.org/query/bl?ip="$&{client_addr}')dnl
> FEATURE(`dnsbl', `list.dsbl.org',      `"Spam blocked see: 
> http://dsbl.org/listing?"$&{client_addr}')dnl
> dnl #

There have been a lot of replies (some very good) on this subject
already, but I feel I have to drop my 2 cents on this subject, since
spam control is a good part of what I do.

It is fairly trivial to get to a point where you have a spam control
system with 75% efficiency (with 1% to 2% false positives). Just
implementing RBLs, greylisting and spamassassin will do that. SPF
might also help a bit here.

Wish a bit more work, you can get to 85% efficiency, keeping the same
level of false positives (rate limiting and various access control
rules).

After that point, it starts to get ugly. We currently manage to have
96% efficiency (false positives around 0.001%), and thats a daily
battle. Spam traps and new rules almost every day (5 days a week, at
least).

For those interested, these are the RBLs I use:
         sbl-xbl.spamhaus.org
         relays.ordb.org
         dnsbl.njabl.org

Dropped spamcop some months ago.

[]s

- -- 
Rodrigo Barbosa
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFP34lpdyWzQ5b5ckRAgRhAJ9NFSojm5DdbqjnCmIHSgFkNOlpWwCgueH4
NrEicr/sHZG4kH7CHrSO8qQ=
=3nva
-----END PGP SIGNATURE-----