> On Apr 28, 2015, at 1:47 AM, Marius Gologan <marius.golo...@gmail.com> wrote: > > Hi Terry, > > I use amavisd-new/spamassassin in post-queue configuration with few > adjustments: increased score for SPF_FAIL, DKIM_ADSP_DISCARD, Bayes_80, > Bayes_95, Bayes_99, Bayes_999 and few others. > Local DNS server - critical for RBL queries. > As for postscreen, I preffer "postscreen_greet_action = enforce" only which > doesn't require the client to retry (as opposite to greylist behavior), > while is pretty effective against bots. > > Marius.
Thank you for the reply Marius. Do the RBL queries from amavisd-new/spamassassin require a local DNS because they're more resource intensive than postscreen_dnsbl_sites or reject_rhsbl_* queries? I've received 16 UCE emails in the last hour--weight loss, wrinkle creams, bird feeders, pharmacies. More pointers (favorite postfix techniques and/or add-ons, sites to read, etc.) from those who've been successful in reducing spam load are greatly appreciated. Thanks, -Terry > -----Original Message----- > From: owner-postfix-us...@postfix.org > [mailto:owner-postfix-us...@postfix.org] On Behalf Of Terry Barnum > Sent: Tuesday, April 28, 2015 1:15 AM > To: postfix users > Subject: spam fighting > > We've been using postscreen and dspam for quite some time but in the past > couple months more spam is making it through. I realize there's no > one-size-fits-all approach but because dspam isn't actively developed > anymore I've started looking around and am curious what others are using. Is > amavisd-new/spamassassin the preferred solution? My company is small with > <30 users. > > Perhaps my postscreen settings could be improved? postscreen_access.cidr is > a small file with 4 entries to whitelist customers that aren't implicated in > the increase in spam. > > $ postconf -n > broken_sasl_auth_clients = yes > command_directory = /opt/local/sbin > daemon_directory = /opt/local/libexec/postfix > data_directory = /opt/local/var/lib/postfix > debugger_command = > PATH=/opt/local/bin:/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd > $daemon_directory/$process_name $process_id & sleep 5 > default_privs = nobody > delay_warning_time = 4h > dovecot_destination_recipient_limit = 1 > dspam-lmtp_destination_recipient_limit = 1 > home_mailbox = Maildir/ > html_directory = no > inet_protocols = ipv4 > mail_owner = _postfix > mailq_path = /opt/local/bin/mailq > manpage_directory = /opt/local/share/man > message_size_limit = 51200000 > mydestination = $myhostname, localhost.$mydomain, localhost > myhostname = mailbox.dop.com > mynetworks = 192.168.0.0/23, 127.0.0.0/8 > myorigin = $mydomain > newaliases_path = /opt/local/bin/newaliases > postscreen_access_list = permit_mynetworks, > cidr:/opt/local/etc/postfix/postscreen_access.cidr > postscreen_bare_newline_action = enforce > postscreen_bare_newline_enable = yes > postscreen_blacklist_action = drop > postscreen_dnsbl_action = enforce > postscreen_dnsbl_sites = > b.barracudacentral.org=127.0.0.2*7 > dnsbl.inps.de=127.0.0.2*7 > bl.mailspike.net=127.0.0.2*5 > bl.mailspike.net=127.0.0.[10;11;12]*4 > dnsbl.sorbs.net=127.0.0.10*8 > dnsbl.sorbs.net=127.0.0.5*6 > dnsbl.sorbs.net=127.0.0.7*3 > dnsbl.sorbs.net=127.0.0.8*2 > dnsbl.sorbs.net=127.0.0.6*2 > dnsbl.sorbs.net=127.0.0.9*2 > zen.spamhaus.org=127.0.0.[10;11]*8 > zen.spamhaus.org=127.0.0.[4..7]*6 > zen.spamhaus.org=127.0.0.3*4 > zen.spamhaus.org=127.0.0.2*3 > hostkarma.junkemailfilter.com=127.0.0.2*3 > hostkarma.junkemailfilter.com=127.0.0.4*1 > hostkarma.junkemailfilter.com=127.0.1.2*1 > wl.mailspike.net=127.0.0.[18;19;20]*-2 > list.dnswl.org=127.0.[0..255].0*-2 > list.dnswl.org=127.0.[0..255].1*-3 > list.dnswl.org=127.0.[0..255].2*-4 > list.dnswl.org=127.0.[0..255].3*-5 > hostkarma.junkemailfilter.com=127.0.0.1*-2 > postscreen_dnsbl_threshold = 3 > postscreen_dnsbl_ttl = 5m > postscreen_greet_action = enforce > postscreen_non_smtp_command_enable = yes > postscreen_pipelining_action = enforce > postscreen_pipelining_enable = yes > proxy_interfaces = 70.167.15.110 > queue_directory = /opt/local/var/spool/postfix > readme_directory = /opt/local/share/postfix/readme > sample_directory = /opt/local/share/postfix/sample > sendmail_path = /opt/local/sbin/sendmail > setgid_group = _postdrop > smtpd_banner = $myhostname ESMTP $mail_name > smtpd_helo_required = yes > smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, > reject_non_fqdn_helo_hostname > smtpd_recipient_restrictions = > permit_mynetworks, > permit_sasl_authenticated, > reject_non_fqdn_sender, > reject_non_fqdn_recipient, > reject_unknown_sender_domain, > reject_unknown_recipient_domain, > reject_unauth_pipelining, > reject_unauth_destination, > reject_unlisted_recipient, > check_recipient_access pcre:/opt/local/etc/postfix/recipient_checks.pcre, > check_helo_access hash:/opt/local/etc/postfix/helo_checks, > check_sender_access hash:/opt/local/etc/postfix/sender_checks, > check_client_access hash:/opt/local/etc/postfix/client_checks, > check_client_access pcre:/opt/local/etc/postfix/fqrdns.pcre, > reject_rhsbl_client dbl.spamhaus.org, > reject_rhsbl_sender dbl.spamhaus.org, > reject_rhsbl_helo dbl.spamhaus.org, > check_client_access pcre:/opt/local/etc/postfix/dspam_filter_access > smtpd_reject_unlisted_sender = yes > smtpd_sasl_auth_enable = yes > smtpd_sasl_local_domain = $myhostname > smtpd_sasl_path = private/auth > smtpd_sasl_security_options = noanonymous > smtpd_sasl_type = dovecot > smtpd_sender_restrictions = permit_mynetworks, reject_unknown_address > smtpd_tls_auth_only = yes > smtpd_tls_cert_file = /opt/local/etc/postfix/ssl/certs/postfix.cert > smtpd_tls_key_file = /opt/local/etc/postfix/ssl/private/postfix.key > smtpd_tls_loglevel = 1 > smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 > smtpd_tls_security_level = may > smtpd_tls_session_cache_database = > btree:/opt/local/var/lib/postfix/smtpd_tls_cache > smtpd_tls_session_cache_timeout = 3600s > tls_random_source = dev:/dev/urandom > transport_maps = hash:/opt/local/etc/postfix/transport > unknown_local_recipient_reject_code = 550 > vacation_destination_recipient_limit = 1 > virtual_alias_maps = > proxy:mysql:/opt/local/etc/postfix/mysql_virtual_alias_maps.cf > virtual_gid_maps = static:_vmail > virtual_mailbox_base = /Volumes/mail/vmail/ > virtual_mailbox_domains = > proxy:mysql:/opt/local/etc/postfix/mysql_virtual_mailbox_domains.cf > virtual_mailbox_maps = > proxy:mysql:/opt/local/etc/postfix/mysql_virtual_mailbox_maps.cf > virtual_minimum_uid = _vmail > virtual_transport = dovecot > virtual_uid_maps = static:_vmail > > Thanks, > -Terry > > Terry Barnum > digital OutPost > http://www.dop.com > > > Terry Barnum digital OutPost http://www.dop.com
