From owner-freebsd-questions@FreeBSD.ORG  Sun Dec 16 19:53:35 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4718A16A419
	for <freebsd-questions@freebsd.org>;
	Sun, 16 Dec 2007 19:53:35 +0000 (UTC)
	(envelope-from jack@jarasoft.net)
Received: from raats.xs4all.nl (raats.xs4all.nl [82.95.230.43])
	by mx1.freebsd.org (Postfix) with ESMTP id B3B1213C458
	for <freebsd-questions@freebsd.org>;
	Sun, 16 Dec 2007 19:53:34 +0000 (UTC)
	(envelope-from jack@jarasoft.net)
Received: from raats.xs4all.nl (localhost.jarasoft.net [127.0.0.1])
	by raats.xs4all.nl (Postfix) with ESMTP id 0519116A87A;
	Sun, 16 Dec 2007 20:53:33 +0100 (CET)
Received: from jara3 (unknown [192.168.1.64])
	by raats.xs4all.nl (Postfix) with ESMTP id 7C0EA16A464;
	Sun, 16 Dec 2007 20:53:32 +0100 (CET)
Message-ID: <002a01c8401d$56186e10$0202fea9@jarasoft.net>
From: "Jack Raats" <jack@jarasoft.net>
To: "Sten Daniel Soersdal" <netslists@gmail.com>,
	"freebsd-questions" <freebsd-questions@freebsd.org>
References: <476086E2.5030402@gmail.com>
Date: Sun, 16 Dec 2007 20:53:32 +0100
Organization: JaRaSoft, Steenbergen, Nederland
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="UTF-8"; reply-type=response
Content-Transfer-Encoding: 7bit
X-Priority: 1
X-MSMail-Priority: High
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
X-Signed-With-GnuPG: GPGrelay Version 0.959 (Win32)
X-Virus-Scanned: ClamAV using ClamSMTP
Cc: 
Subject: Re: (postfix) SPAM filter?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Jack Raats <jack@jarasoft.net>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Dec 2007 19:53:35 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Sten and the rest,

> We have a need for a relatively painless anti-spam solution that would
> reduce the amount of incoming spam (via postfix mail router). The problem
> is that i have little knowledge on what this actually means. Googling
> reveals a whole "universe" of interesting ways but what should i pursue?
> The things that are important to me is:
>
> * Once it is setup then it would require no additional maintenance.
> * Potential spam messages are marked with a special header that can be
> filtered on user discretion on their local mail client software.
>
> Neither performance, scalability, license nor cost is of much importance
> to me at this point.

I have a different approach. I refuse all connections from ip's which
reverse DNS points to costumers of providers.
This gives a huge reduction of botnets.
Below my helo_checks and client_checks. Ofcourse use it for your own risk!
Besides this method I also use rbls's, greylisting, clamsmtpd, clamav,
procmail and spamassasin

#######################################################################
# helo_checks.pcre
#######################################################################
/^[0-9.]+$/             REJECT Please use your ISP's outgoing mail server -
HA
/^\|/                         REJECT Please use your ISP's outgoing mail
server - HB
/^[\d\.]+$/               REJECT Please use your ISP's outgoing mail
server - HC

# H1 adsl,dial,dhcp,cable,retail,dynamic in helo
/(adsl|dial|dhcp|cable|retail|dynamic)/i     REJECT Please use your ISP's
outgoing mail server - H1

# H2 customer,static,kabel in helo
/(customer|static|kabel)/i                           REJECT Please use your
ISP's outgoing mail server - H2

# H3 12345
# /\d{5}/                                                       REJECT
Please use your ISP's outgoing mail server - H3

# H4 123-123-123
/\d{1,3}-\d{1,3}-\d{1,3}/                              REJECT Please use
your ISP's outgoing mail server - H4

# H5 123.123.123
# /\d{1,3}\.\d{1,3}\.\d{1,3}/                         REJECT Please use your
ISP's outgoing mail server - H5

#######################################################################
# client_checks.pcre
#######################################################################

# C1 adsl,dial,dhcp,cable,retail,dynamic in hostname
/(adsl|dial|dhcp|cable|retail|dynamic)/i     554 Please use your ISP's
outgoing mail server - C1

# C2 customer,static,kabel in hostname
/(customer|static|kabel)/i                           554 Please use your
ISP's outgoing mail server - C2

# C3 123456
/\d{6}/                                                          554 Please
use your ISP's outgoing mail server - C3



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32) - GPGrelay v0.959

iD8DBQFHZYI8Ph5RwW/NzC4RAj1uAJ9saKRz9Q+daCcU7D/plXGRAdXflACfQ3KR
DpXkjMrMMITbqdSulZW8aBM=
=D4lA
-----END PGP SIGNATURE-----