Need advice for setting up mail server

Valeri Galtsev galtsev at kicp.uchicago.edu
Mon Aug 8 14:52:05 UTC 2016


On Mon, August 8, 2016 1:31 am, Niklaas Baudet von Gersdorff wrote:
> Doug Hardie [2016-08-07 14:17 -0700] :
>
>> I am running spamd (obspamd last time I checked) on the mail
>
> It's mail/spamd in ports and `obspamd` in /etc/rc.d.
>
>> server for a medium sized ISP.  It has never worked the way the
>> documentation describes.  However, it has been useful.  When
>> I first installed it, around 90% of the email being received
>> was dropped.  It blocks drive-by spammers who don't queue and
>> retry on TMP_FAILs.  Unfortunately, it appears that many
>> spammers now can afford the disk and processor resources to
>> enable queueing and retrying so its usefulness is diminishing.
>
> I also made bad experiences with its greylisting function. (I'm
> not a big fan of greylisting anyway.) That's why I use it's
> blocking function only:
>
>   obspamd_enable="YES"
>   obspamd_flags="-l 127.0.0.1 -b"
>
> And for PF I have
>
>   table <spamd>       persist
>
>   rdr pass on $ext_if inet  proto tcp from <spamd> to any port smtp ->
> 127.0.0.1 port spamd
>   rdr pass on $ext_if inet6 proto tcp from <spamd> to any port smtp ->
> ::ffff:127.0.0.1 port spamd
>
> In /usr/local/etc/spamd/spamd.conf I use two of the example
> lists:
>
>   all:\
>     :uatraps:nixspam:
>
>   # University of Alberta greytrap hits.
>   # Addresses stay in it for 24 hours from time they misbehave.
>   uatraps:\
>     :black:\
>     :msg="Your address %A has sent mail to a ualberta.ca spamtrap\n\
>     within the last 24 hours":\
>     :method=http:\
>     :file=www.openbsd.org/spamd/traplist.gz
>
>   # Nixspam recent sources list.
>   # Mirrored from http://www.heise.de/ix/nixspam
>   nixspam:\
>     :black:\
>     :msg="Your address %A is in the nixspam list\n\
>     See http://www.heise.de/ix/nixspam/dnsbl_en/ for details":\
>     :method=http:\
>     :file=www.openbsd.org/spamd/nixspam.gz
>
> What I like about the concept is that false positives will get
> a reply that their mail was considered spam. This way they can
> try to contact me over a different channel.

Hi Niklaas,

quick question here. The alleged spam message was never accepted here,
instead "SMTP error is generated" telling one of the reasons above, right?
In other words, this will not be a source of "backscatter" (to the
contrary to accepting message then sending non-delivery notification to
sender whose address could have been forged).

Thanks for this!
Valeri

>
> The problem I see with "traditional" spam checking (moving spam
> into a spam folder) is that the sender does not know whether
> their mail was classified as spam or not. And the other way
> I don't have to check a spam folder for false positives.
>
> I must confess though
>
> 1. I trust the quality of the blacklists.
>
> 2. The mail servers where I'm using mail/spamd at the moment
>    don't get lots of traffic. So I can't really tell how
>    efficient that is.
>
> I just started using postscreen(8) and will see whether the
> combination of mail/spamd and postscreen(8) is a good one. I hope
> that I don't have to opt for mail/spamassassin because I find it
> difficult to configure.
>
>     Niklaas
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>


++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++


More information about the freebsd-questions mailing list