From mboxrd@z Thu Jan 1 00:00:00 1970 From: erik quanstrom Date: Thu, 8 Jan 2009 15:23:31 -0500 To: 9fans@9fans.net Message-ID: <56f6e94ee07d87b86ea8389e2fd461b1@coraid.com> In-Reply-To: <7d3530220901081155w2c1d6033v4acb3c961895fd06@mail.gmail.com> References: <7d3530220901081155w2c1d6033v4acb3c961895fd06@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Subject: Re: [9fans] dealing with spam Topicbox-Message-UUID: 7d54831e-ead4-11e9-9d60-3106f5b1d025 On Thu Jan 8 14:59:57 EST 2009, slawmaster@gmail.com wrote: > Starting today, my account on my Plan 9 server has been getting tons > of "free coupons", "free Dell XPS", "Student loans!" spam, apparently > from one operator, since every domainname is in the form > .com or , like eggnavajo.com, > rosydeer.com, etc. It's so annoying that I may shut down my server for > a bit until I figure out what's up. > > What are my options for getting rid of this? People who run Plan 9 > mail servers, what do you do? > Thanks i have had trouble in the past, but my defensive measures are now working better than the appliance that coraid uses, at least with the current configuration. this isn't ment to start a flame war, but my opinion is that content-based spam filtering doesn't appear to work very well. my dad's email always gets flagged. silly vendor spam gets through just fine. i've got a number of defensive measures. 1. -D. just waiting for 10 seconds before doing anything does a lot to slow spam down. >50% of connectors to my machine give up 2. i also use a nupas smtpd which is quite strict about helo. the flags i use are "fqDn". about 80% of spam has a helo line with an invalid domain or "localhost" or some such nonsense. dropping this mail helps alot. 3. spf. included in nupas is moderately helpful. nupas includes the hooks for this in validatesender. 4. i sometimes cheat by using the -k option. only works with nupas smtpd. this just drops connections coming from certain ip addresses. sometimes a range will be too much trouble. you can use the nupas smtpd without using the rest of nupas, though you will need to use the nupas validatesender. - erik