Mail/AntiSpam
|
Simplified AntiSpam Proceedure w/ Sendmail
|
| Spam Songs from Monty Python |
|
| Anti-Spam HOWTO |
- My Anti-Spam Preferences
- I do want spam to be bounced back to the spammer as early as possible
- I do NOT want spam to occupy disk space in /var/spool/mail
- I do NOT want to look at spam or possible spam more than once
- it takes less than a second to hit the delete key
- spam that does get thru would require filters of /var/spool/mail for content analysis
- if you received the spam in your inbox ... game over dude !!!
- you've been spammed
- you have to spend the time to clean it up, even if its just to hit "delete"
- you will probably be added to other spam lists
- Stop incoming spam at the router
- Redirect all port-25 connections to the mail server
- Redirect all port-110 connections to the pop server
- Stop incoming spam at the mail and pop server
- enable sendmail ( or other MTA ) anti-spam features
- Deny access from all open relays
- Global RBLs and localized RBLs
- Reject all emails from servers with bad/missing reverse DNS
- Reject all emails from fake users
- Reject all emails addressed to non-existent users on your server
- Reject all emails with bad/malformed/faked headers
- Reject all emails with bad/malformed/faked mesgID
- Reject all emails with missing/bad subject lines
- Reject all emails with "spam content" - not easy to do
- Reject all emails from known "spam generating software"
- Kill those "properly addressed emails" that are still spam
- locally maintain lists and databases
( your own RBL equivalents )
- lists of known spam friendly isp
- lists of known spamsites
- lists of known spammers - email
- Stop incoming spam at the user workstation
- Users should be doing real work ... not playing with spam filtering
- run a local spam filter ( procmail ) -- tedious/tiresome/redundant/endless process
- too late -- you already received the spam in your mail server
- too late -- they verified your email address as valid and will add you to other spam lists
- Prevent yourself from being added/sold to other spamlists
- Unconditionally NEVER reply in any form to any spam ( especially to remove yourself )
- Turn off "return receipt" features
- Separate work emails from personal emails from web-surfing emails
- Know how the company you order stuff from will be using your personal info ( privacy policy )
Bagley.org Dirty Spammer Tricks ( Attacks )
|
| MTA Specific Anti-Spam Features and HOWTO |
|
Verify the Reply Address -- Validate the Sender
|
|
| MTA MailLog Analysis |
|
| Spam Tracing -- Email headers |
|
| AntiSpam Testing |
|
| Spam Statistics and Spam Archives |
- Spam Statistics
- Spam Archives, Spam Collection ( stats )
|
| Misc AntiSpam Tools |
- Shutdown spam sites
- AntiSpam Mailing Lists
- To Sort out
|
