Need advice for setting up mail server
Niklaas Baudet von Gersdorff
me at niklaas.eu
Mon Aug 8 06:31:57 UTC 2016
Doug Hardie [2016-08-07 14:17 -0700] :
> I am running spamd (obspamd last time I checked) on the mail
It's mail/spamd in ports and `obspamd` in /etc/rc.d.
> server for a medium sized ISP. It has never worked the way the
> documentation describes. However, it has been useful. When
> I first installed it, around 90% of the email being received
> was dropped. It blocks drive-by spammers who don't queue and
> retry on TMP_FAILs. Unfortunately, it appears that many
> spammers now can afford the disk and processor resources to
> enable queueing and retrying so its usefulness is diminishing.
I also made bad experiences with its greylisting function. (I'm
not a big fan of greylisting anyway.) That's why I use it's
blocking function only:
obspamd_enable="YES"
obspamd_flags="-l 127.0.0.1 -b"
And for PF I have
table <spamd> persist
rdr pass on $ext_if inet proto tcp from <spamd> to any port smtp -> 127.0.0.1 port spamd
rdr pass on $ext_if inet6 proto tcp from <spamd> to any port smtp -> ::ffff:127.0.0.1 port spamd
In /usr/local/etc/spamd/spamd.conf I use two of the example
lists:
all:\
:uatraps:nixspam:
# University of Alberta greytrap hits.
# Addresses stay in it for 24 hours from time they misbehave.
uatraps:\
:black:\
:msg="Your address %A has sent mail to a ualberta.ca spamtrap\n\
within the last 24 hours":\
:method=http:\
:file=www.openbsd.org/spamd/traplist.gz
# Nixspam recent sources list.
# Mirrored from http://www.heise.de/ix/nixspam
nixspam:\
:black:\
:msg="Your address %A is in the nixspam list\n\
See http://www.heise.de/ix/nixspam/dnsbl_en/ for details":\
:method=http:\
:file=www.openbsd.org/spamd/nixspam.gz
What I like about the concept is that false positives will get
a reply that their mail was considered spam. This way they can
try to contact me over a different channel.
The problem I see with "traditional" spam checking (moving spam
into a spam folder) is that the sender does not know whether
their mail was classified as spam or not. And the other way
I don't have to check a spam folder for false positives.
I must confess though
1. I trust the quality of the blacklists.
2. The mail servers where I'm using mail/spamd at the moment
don't get lots of traffic. So I can't really tell how
efficient that is.
I just started using postscreen(8) and will see whether the
combination of mail/spamd and postscreen(8) is a good one. I hope
that I don't have to opt for mail/spamassassin because I find it
difficult to configure.
Niklaas
More information about the freebsd-questions
mailing list