[BlueOnyx:08105] Re: spam email problem
Jeff Folk
jfolk at qzoneinc.com
Mon Aug 15 10:46:00 -05 2011
On Aug 15, 2011, at 5:33 AM, Mark McGavin wrote:
>
> Hi
>
> I wonder if anyone can advise. Some of my users are getting bombarded with virus laden spam. I am getting hundreds a day myself.
>
> Using the blacklists available with blue onyx plays havoc with legitimate email from dynamic ips and web mail.
>
> what can i use to reduce/block/filter this spam/ virus laden email without intefering with legitimate mail please.
>
> Regards
> Mark ...
That is the art we all aspire to! As long as you rely on a third-party dnsbl to accept or deny mail delivery, you are at the mercy of the integrity of that particular dnsbl. You're going to possibly lose legitimate mail in the process.
Another strategy is to use Spamassasin to tag spam instead, and let the end-user decide. No lost mail, but you do burn some resources accepting and tagging all that mail that will eventually be thrown away.
Me, I choose to deny deliver based on dnsbl, and am careful about what lists to use. On my customer server, I use zen.spamhaus.org only, and that takes care of 90% of the spam mails. I spend time educating my customers about what to do when someone tells them mails are being bounced. On my personal mail server (yes, I have two) I get a little more aggressive by using a mix of the following:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: spaceHolder.gif
Type: image/gif
Size: 43 bytes
Desc: not available
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20110815/e047ac87/attachment.gif>
-------------- next part --------------
b.barracudacentral.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: spaceHolder.gif
Type: image/gif
Size: 43 bytes
Desc: not available
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20110815/e047ac87/attachment-0001.gif>
-------------- next part --------------
bl.spamcop.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: spaceHolder.gif
Type: image/gif
Size: 43 bytes
Desc: not available
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20110815/e047ac87/attachment-0002.gif>
-------------- next part --------------
blackholes.five-ten-sg.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: spaceHolder.gif
Type: image/gif
Size: 43 bytes
Desc: not available
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20110815/e047ac87/attachment-0003.gif>
-------------- next part --------------
dnsbl-1.uceprotect.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: spaceHolder.gif
Type: image/gif
Size: 43 bytes
Desc: not available
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20110815/e047ac87/attachment-0004.gif>
-------------- next part --------------
dnsbl-2.uceprotect.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: spaceHolder.gif
Type: image/gif
Size: 43 bytes
Desc: not available
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20110815/e047ac87/attachment-0005.gif>
-------------- next part --------------
dnsbl-3.uceprotect.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: spaceHolder.gif
Type: image/gif
Size: 43 bytes
Desc: not available
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20110815/e047ac87/attachment-0006.gif>
-------------- next part --------------
psbl.surriel.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: spaceHolder.gif
Type: image/gif
Size: 43 bytes
Desc: not available
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20110815/e047ac87/attachment-0007.gif>
-------------- next part --------------
zen.spamhaus.org
All of them are not active all the time, and they aren't in that order in my mail config, but that mix reduces my mail connections by 70-85% on any given day with very little collateral damage.
Be sure to enable delay_checks in your advanced email settings so your users outside your network can authenticate to send mail, and DO NOT allow pop related auth relay.
Regards;
Jeff
More information about the Blueonyx
mailing list