iptables based spam prevention

2013-08-25 Thread Niclas Arndt 
Hi,

Sorry if this is slightly off-topic, but at least a bunch of experts are 
listening.

I am using Spamhaus (and other methods) and over time I have amassed a list of 
IP ranges that (according to Spamhaus) shouldn't be sending e-mail at all. One 
problem is that this list tends to become quite long and another is that I 
would like to verify it so that I don't eventually block legitimate e-mail.

On the other hand, I would like to place as little a load as possible on 
Spamhaus.

Here are my questions: Is the iptables approach at all viable in the long run? 
Is there any non-commercial way to upload a text file containing spamming IP 
addresses and have it verified for correctness?

Any other related response is of course welcome.

Thanks in advance.

Niclas

RE: greylist.db corruption

2013-08-02 Thread Niclas Arndt 


> Subject: Re: greylist.db corruption
> To: postfix-users@postfix.org
> Date: Thu, 1 Aug 2013 18:44:41 -0400
> From: wie...@porcupine.org
> 
> Niclas Arndt:
> [ Charset ISO-8859-1 unsupported, converting... ]
> > Hi,
> > 
> > I hope I am right to post this here.
> > 
> > I use openSUSE 12.3 with Postfix and the basic greylist.pl policy
> > and Spamhaus lookup. The last few months I have had problems with
> > greylist.db corruption (both in old openSUSE 11.3 and current
> > 12.3).
> 
> Which greylist program are you using? The one bundled with
> Postfix has been tested only with the default *BSD Berkeley
> DB implementation (db1.85). It should probably be retired.
> 
>   Wietse

Thanks Wietse. I'm using the one bundled with Postfix. openSUSE 12.3 is on 
db4.8.3. ;-)

It sounds like I should change to another greylist. Which would you recommend?

Kind regards

Niclas

greylist.db corruption

2013-08-01 Thread Niclas Arndt 
Hi,

I hope I am right to post this here.

I use openSUSE 12.3 with Postfix and the basic greylist.pl policy and Spamhaus 
lookup. The last few months I have had problems with greylist.db corruption 
(both in old openSUSE 11.3 and current 12.3). 

If I place the Spamhaus lookup before the policy check, I seem to be safe. 
However, I suspect that this puts an unnecessary load on Spamhaus, so I would 
like to first check the greylist policy and then do the Spamhaus lookup, but 
this causes greylist.db corruption.

Am I doing it wrong or am I receiving a new type of spam messages or 
transmission patterns that cause corruption? Has anybody else noticed this 
lately?

Kind regards

Niclas