2013-08-28 14:09 keltezéssel, MJ Ray írta:
On 21/08/13 22:49, Szládovics Péter wrote:
For correct filtering you need to use the followings in order of
importance:
1. RBL checking with few reliable lists (ip and domain based too) - you
can eliminate the 90% percent of spams
2. Greylisting - you can eliminate the 90% of remain spams
3. virus filtering, attachment checking - you can eliminate phishing,
and trojean mails
4. content checking for spams (e.g. spamassassin) - you can eliminate
the almost all of remain spams
5. use sieve filters for sa spam marked headers (if you want)
Valuable tactics missing from that list:
1. Load-balancing - each subsequent mail from the same host gets a
slower response and things like that, stops one spammer hogging the CPU;
It's a good idea, if you have more SMTP - or SMTP proxy
2. SMTP protocol enforcement - the SMTP RFC doesn't have many MUSTs, but
lots of spammers don't even do those, like they don't wait for the
greeting before starting trying to send their spam, or they try to put
your mailserver hostname in the HELO;
It's a basic setting, but we need to use it carefully. Lots of exchange
servers use the local hostname as HELO name. E.g. mail.somecorp.local
3. Whitelisting - only allowing approved senders into your main INBOX
while the rest go into further filtering and probably a grey INBOX.
Yes, postfix is handle it generally too. I forgot it. :)
Only the third of those could be supported by SOGo (the first two are
best done in the SMTP server software), but it would be nice if it was.
Regards,
--
users@sogo.nu
https://inverse.ca/sogo/lists
