From: john@csplan9.rit.edu
To: 9fans@9fans.net
Subject: Re: [9fans] dealing with spam
Date: Sat, 10 Jan 2009 14:41:45 -0500 [thread overview]
Message-ID: <42fdfb261c4e837f5179c2fcafdaae30@csplan9.rit.edu> (raw)
In-Reply-To: <56f6e94ee07d87b86ea8389e2fd461b1@coraid.com>
> On Thu Jan 8 14:59:57 EST 2009, slawmaster@gmail.com wrote:
>> Starting today, my account on my Plan 9 server has been getting tons
>> of "free coupons", "free Dell XPS", "Student loans!" spam, apparently
>> from one operator, since every domainname is in the form
>> <adjective><noun>.com or <noun><adjective>, like eggnavajo.com,
>> rosydeer.com, etc. It's so annoying that I may shut down my server for
>> a bit until I figure out what's up.
>>
>> What are my options for getting rid of this? People who run Plan 9
>> mail servers, what do you do?
>> Thanks
>
> i have had trouble in the past, but my defensive measures
> are now working better than the appliance that coraid uses,
> at least with the current configuration.
>
> this isn't ment to start a flame war, but my opinion is that
> content-based spam filtering doesn't appear to work very
> well. my dad's email always gets flagged. silly vendor spam
> gets through just fine.
>
> i've got a number of defensive measures.
> 1. -D. just waiting for 10 seconds before doing anything
> does a lot to slow spam down. >50% of connectors to my
> machine give up
>
> 2. i also use a nupas smtpd which is quite strict
> about helo. the flags i use are "fqDn". about 80%
> of spam has a helo line with an invalid domain or
> "localhost" or some such nonsense. dropping this
> mail helps alot.
>
> 3. spf. included in nupas is moderately helpful.
> nupas includes the hooks for this in validatesender.
>
> 4. i sometimes cheat by using the -k option. only
> works with nupas smtpd. this just drops connections
> coming from certain ip addresses. sometimes a range
> will be too much trouble.
>
> you can use the nupas smtpd without using the rest
> of nupas, though you will need to use the nupas
> validatesender.
>
> - erik
Ok, so a couple questions:
1. What do I need to do in order to drop nupas into my system?
2. If I update /mail/lib/blocked, do I have to restart smtpd in order
to get the changes?
3. What's the best way to restart smtpd?
John
next prev parent reply other threads:[~2009-01-10 19:41 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-01-08 19:55 John Floren
2009-01-08 20:23 ` erik quanstrom
2009-01-08 20:27 ` Francisco J Ballesteros
2009-01-08 20:31 ` erik quanstrom
2009-01-08 20:34 ` Steve Simon
2009-01-08 20:49 ` erik quanstrom
2009-01-08 23:14 ` Kenji Arisawa
2009-01-08 23:43 ` erik quanstrom
2009-01-10 19:41 ` john [this message]
2009-01-10 19:50 ` erik quanstrom
2009-01-10 20:35 ` john
2009-01-10 20:57 ` erik quanstrom
2009-01-13 23:36 ` John Floren
2009-01-13 23:52 ` erik quanstrom
2009-01-14 20:33 ` John Floren
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=42fdfb261c4e837f5179c2fcafdaae30@csplan9.rit.edu \
--to=john@csplan9.rit.edu \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).