On 3/29/2012 11:26 PM, Nataraj wrote: > On 03/29/2012 03:00 PM, Bob Hoffman wrote: >> Hello, >> Thanks to some nice people on here and other forums I have pretty much >> finalized my whole mail system on centos 6.x. >> >> With all the checks, greylisting, dev/null of any 8+ spam level SA, I >> still get a few mails. >> >> It seems like everytime I enable a new protectant, the mail stops >> spamming for a few hours...then the spammers decide I am worthy of using >> better methods against me..and more come. LOL. >> >> I am down to just 10-15 a day. >> Anything that gets through all that I set up now goes to a spammers list >> that I add to the access file of postfix. >> >> http://bobhoffman.com/spammers.html >> >> that is the link to my list. I am trying to sort them out into >> political, real estate, bulk spammers, etc. >> The worst part is the bulk emailers are not on any black list. It is >> very hard to find their mail MX until they actually send you one. >> Many will be blocked, then a new alternate of theirs comes through. >> >> I could not find a list of bulk commercial spammers so I thought I would >> start one. As I progress it will become more defined, but right now a >> big list with some categories after it. >> >> Hope it helps. >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> http://lists.centos.org/mailman/listinfo/centos > You won't be able to track them easily because they hop around from > network to network. Sometimes I can recognize them by seeing the same > spams repeatedly, also, different IP addresses connecting and guessing > passwords for the same list of users. But I rarely get those anymore > since I have blocked pop/imap logins from outside of the US. > > You can report them to spamcop.net and that may help to provide some > incentive for ISPs to kick spammers off their network. > > The way that I finally got rid of all the residual spam that makes it > through greylisting, SPF, spamassassin, clamav is to handout unique mail > addresses and use black/whitelists. So for example if I assign an email > address for incoming mail from a mailing list and then setup a whitelist > entry that only allows that address to receive email from the > mailservers that serve that mailing list and then blacklist all other > incoming mail to that address it is very effective. With a decent > whitelist/blacklist tool it's fairly easy to implement. I used to get > literally hundreds of spams a day and now I probably average about 2 per > week. > > You can also get on the spamassassin mailing list and add more plugins > and work on tuning the spamassassin config. You can also play with > sa-learn. For me though the black/whitelisting works quite well. > > > Nataraj > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > > mostly down to just the bulk commercial spammers. Usually spam dev/null them but decided to disable spam assassin and go after a nice list. Only got two mails in the last 12 hours, so it is cool. I get lots of political and real estate spammers due to the jobs I have had and my mail being on their lists...a list you can never get off. So listing them was the perfect thing. so without spamassassin, going good so far. Almost nothing. when I get one or two a day I just add them to the list..lol I am happy to not have hundreds a day anymore...so happy.