Greetings,
We have a real spam problem for some users, and this seems to be really
tough spam to block. I have postscreen set up which blocks a lot of
spam, of the spam that does get through, Spamassassin catches about 200
spams a day, but we have about a dozen users that get 20 - 30 spams a
day, so I ask if anyone can give me some advice about my configs here.
This is what I have had thus far, postscreen's deep protocol tests have
been turned on a turned off at different times due to troubleshooting a
particular user's iPhone connection, and they are off at this time:
postscreen_access_list = permit_mynetworks,
cidr:/etc/postfix/postscreen_access.cidr
postscreen_dnsbl_threshold = 3
postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2;3;4;5;6;7]*4
#l2.apews.org*3, ##I've used this with variable successs
dbl.spamhaus.org*2
cbl.abuseat.org*2
zen.spamhaus.org*1
bl.spamcop.net*1
b.barracudacentral.org*1
bl.spameatingmonkey.net*1
dnsbl.sorbs.net*1
psbl.surriel.com
bl.mailspike.net
zen.spamhaus.org=127.0.0.11*-3
swl.spamhaus.org*-5
list.dnswl.org=127.[0..255].[0..255].0*-2
list.dnswl.org=127.[0..255].[0..255].1*-3
list.dnswl.org=127.[0..255].[0..255].[2..255]*-4
postscreen_dnsbl_whitelist_threshold = -1
postscreen_dnsbl_action = enforce
postscreen_blacklist_action = drop
postscreen_greet_banner =
postscreen_greet_action = drop
I'm wondering about turning this back on under
smtpd_recipient_restrictions which has been turned off since I started
using postscreen:
smtpd_recipient_restrictions = permit_mynetworks,
...
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client cbl.abuseat.org,
reject_rhsbl_sender dbl.spamhaus.org,
reject_rhsbl_sender rhsbl.sorbs.net,
permit
I would be grateful for any advice here and if anyone could share their
experience.
Thanks!
--
--asai
