Date: Mon, 8 Aug 2016 08:31:49 +0200 From: Niklaas Baudet von Gersdorff <me@niklaas.eu> To: freebsd-questions@freebsd.org Subject: Re: Need advice for setting up mail server Message-ID: <20160808063138.GA20037@box-hlm-03.niklaas.eu> In-Reply-To: <44D296EC-FA25-4279-9501-8BB6B2DD86A6@mail.sermon-archive.info> References: <VI1PR02MB0974A0FB1361638BDD437043F61A0@VI1PR02MB0974.eurprd02.prod.outlook.com> <2394887a809b4ad8e702d1d13bb1337c@mail.zplay.eu> <20160807180149.GC12411@len-t420.klaas> <44D296EC-FA25-4279-9501-8BB6B2DD86A6@mail.sermon-archive.info>
next in thread | previous in thread | raw e-mail | index | archive | help
Doug Hardie [2016-08-07 14:17 -0700] :
> I am running spamd (obspamd last time I checked) on the mail
It's mail/spamd in ports and `obspamd` in /etc/rc.d.
> server for a medium sized ISP. It has never worked the way the
> documentation describes. However, it has been useful. When
> I first installed it, around 90% of the email being received
> was dropped. It blocks drive-by spammers who don't queue and
> retry on TMP_FAILs. Unfortunately, it appears that many
> spammers now can afford the disk and processor resources to
> enable queueing and retrying so its usefulness is diminishing.
I also made bad experiences with its greylisting function. (I'm
not a big fan of greylisting anyway.) That's why I use it's
blocking function only:
obspamd_enable="YES"
obspamd_flags="-l 127.0.0.1 -b"
And for PF I have
table <spamd> persist
rdr pass on $ext_if inet proto tcp from <spamd> to any port smtp -> 127.0.0.1 port spamd
rdr pass on $ext_if inet6 proto tcp from <spamd> to any port smtp -> ::ffff:127.0.0.1 port spamd
In /usr/local/etc/spamd/spamd.conf I use two of the example
lists:
all:\
:uatraps:nixspam:
# University of Alberta greytrap hits.
# Addresses stay in it for 24 hours from time they misbehave.
uatraps:\
:black:\
:msg="Your address %A has sent mail to a ualberta.ca spamtrap\n\
within the last 24 hours":\
:method=http:\
:file=www.openbsd.org/spamd/traplist.gz
# Nixspam recent sources list.
# Mirrored from http://www.heise.de/ix/nixspam
nixspam:\
:black:\
:msg="Your address %A is in the nixspam list\n\
See http://www.heise.de/ix/nixspam/dnsbl_en/ for details":\
:method=http:\
:file=www.openbsd.org/spamd/nixspam.gz
What I like about the concept is that false positives will get
a reply that their mail was considered spam. This way they can
try to contact me over a different channel.
The problem I see with "traditional" spam checking (moving spam
into a spam folder) is that the sender does not know whether
their mail was classified as spam or not. And the other way
I don't have to check a spam folder for false positives.
I must confess though
1. I trust the quality of the blacklists.
2. The mail servers where I'm using mail/spamd at the moment
don't get lots of traffic. So I can't really tell how
efficient that is.
I just started using postscreen(8) and will see whether the
combination of mail/spamd and postscreen(8) is a good one. I hope
that I don't have to opt for mail/spamassassin because I find it
difficult to configure.
Niklaas
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160808063138.GA20037>