Re: Can't change SpamAssassin score without enabling the "Spam Auto-Delete" function

Mon, 15 Dec 2014 23:18:07 -0800 

On 15.12.2014 18:38 UK Time, Reindl Harald wrote:



Am 15.12.2014 um 19:20 schrieb Herbert Eppel:

On 15.12.2014 18:02 UK Time, Reindl Harald wrote:

besides that using RBL scoring and wise filters for dynamic PTRs and
invalid HELO names *before* SA on the MTA level should reject most spam
without false positives

3 months:

* 250000 delivered ham messages
* 850000 MTA level rejects
*  32000 SA hits


Thanks for your reply, but I'm afraid as an ordinary SA user with
limited knowledge of these matters I have, quite frankly, no idea what
you are talking about.

Don't hesitate to tell me to RTFM, but if you feel like elaborating a
little, ideally in an 'acronym-free environment', I would be grateful.


for postfix just Google for the parameters below and read
http://www.postfix.org/POSTSCREEN_README.html which will kill 90% of all
junk before it ever touchs the expensive content filter

since only the dialup-balcklists have the reject score of 8 and all
others need at least confirmation based on trust-level of the RBL
combined with some whitelists you achieve both:

* large amount of catches
* avoid false positives

this like "127.0.0.[4..7]" are the RBL response codes of aggregated
lists which has the benefit postscreen needs only do a single dns lookup
and weight the results (RTFM of the RBL's itself)

postscreen_dnsbl_ttl = 5m
postscreen_dnsbl_threshold = 8
postscreen_dnsbl_action = enforce
postscreen_greet_action = enforce
postscreen_dnsbl_sites =
  dnsbl.sorbs.net=127.0.0.10*8
  zen.spamhaus.org=127.0.0.[10;11]*8
  b.barracudacentral.org=127.0.0.2*7
  dnsbl.inps.de=127.0.0.2*7
  dnsbl.sorbs.net=127.0.0.5*7
  zen.spamhaus.org=127.0.0.[4..7]*7
  zen.spamhaus.org=127.0.0.3*5
  bl.mailspike.net=127.0.0.2*5
  bl.mailspike.net=127.0.0.[10;11;12]*4
  bl.spamcop.net=127.0.0.2*4
  bl.spameatingmonkey.net=127.0.0.[2;3]*4
  dnsrbl.swinog.ch=127.0.0.3*4
  zen.spamhaus.org=127.0.0.2*3
  dnsbl.sorbs.net=127.0.0.7*3
  dnsbl.sorbs.net=127.0.0.8*2
  dnsbl.sorbs.net=127.0.0.6*2
  dnsbl.sorbs.net=127.0.0.9*2
  wl.mailspike.net=127.0.0.[18;19;20]*-2
  list.dnswl.org=127.0.[0..255].0*-2
  list.dnswl.org=127.0.[0..255].1*-3
  list.dnswl.org=127.0.[0..255].2*-4
  list.dnswl.org=127.0.[0..255].3*-5



Thanks for your further reply, but all this stuff is quite new to me, 
and I'm quite mystified by it, to be honest.


Grüße nach Wien

Herbert Eppel
www.HETranslation.co.uk























					Reply via email to