From: erik quanstrom <quanstro@coraid.com>
To: 9fans@9fans.net
Subject: Re: [9fans] dealing with spam
Date: Thu, 8 Jan 2009 15:23:31 -0500 [thread overview]
Message-ID: <56f6e94ee07d87b86ea8389e2fd461b1@coraid.com> (raw)
In-Reply-To: <7d3530220901081155w2c1d6033v4acb3c961895fd06@mail.gmail.com>
On Thu Jan 8 14:59:57 EST 2009, slawmaster@gmail.com wrote:
> Starting today, my account on my Plan 9 server has been getting tons
> of "free coupons", "free Dell XPS", "Student loans!" spam, apparently
> from one operator, since every domainname is in the form
> <adjective><noun>.com or <noun><adjective>, like eggnavajo.com,
> rosydeer.com, etc. It's so annoying that I may shut down my server for
> a bit until I figure out what's up.
>
> What are my options for getting rid of this? People who run Plan 9
> mail servers, what do you do?
> Thanks
i have had trouble in the past, but my defensive measures
are now working better than the appliance that coraid uses,
at least with the current configuration.
this isn't ment to start a flame war, but my opinion is that
content-based spam filtering doesn't appear to work very
well. my dad's email always gets flagged. silly vendor spam
gets through just fine.
i've got a number of defensive measures.
1. -D. just waiting for 10 seconds before doing anything
does a lot to slow spam down. >50% of connectors to my
machine give up
2. i also use a nupas smtpd which is quite strict
about helo. the flags i use are "fqDn". about 80%
of spam has a helo line with an invalid domain or
"localhost" or some such nonsense. dropping this
mail helps alot.
3. spf. included in nupas is moderately helpful.
nupas includes the hooks for this in validatesender.
4. i sometimes cheat by using the -k option. only
works with nupas smtpd. this just drops connections
coming from certain ip addresses. sometimes a range
will be too much trouble.
you can use the nupas smtpd without using the rest
of nupas, though you will need to use the nupas
validatesender.
- erik
next prev parent reply other threads:[~2009-01-08 20:23 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-01-08 19:55 John Floren
2009-01-08 20:23 ` erik quanstrom [this message]
2009-01-08 20:27 ` Francisco J Ballesteros
2009-01-08 20:31 ` erik quanstrom
2009-01-08 20:34 ` Steve Simon
2009-01-08 20:49 ` erik quanstrom
2009-01-08 23:14 ` Kenji Arisawa
2009-01-08 23:43 ` erik quanstrom
2009-01-10 19:41 ` john
2009-01-10 19:50 ` erik quanstrom
2009-01-10 20:35 ` john
2009-01-10 20:57 ` erik quanstrom
2009-01-13 23:36 ` John Floren
2009-01-13 23:52 ` erik quanstrom
2009-01-14 20:33 ` John Floren
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56f6e94ee07d87b86ea8389e2fd461b1@coraid.com \
--to=quanstro@coraid.com \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).