From mboxrd@z Thu Jan  1 00:00:00 1970
From: jon@fourwinds.com (Jon Steinhart)
Date: Wed, 20 Sep 2017 09:39:16 -0700
Subject: [TUHS] Who is running their own mail server and what do you run?
In-Reply-To: <20170920162502.GN25650@mcvoy.com>
References: <20170920162502.GN25650@mcvoy.com>
Message-ID: <201709201639.v8KGdGhC024387@darkstar.fourwinds.com>

Larry McVoy writes:
> I tried running my own server on mcvoy.com but eventually gave up, the
> spam filtering was a non-ending task.
> 
> If someone has a plug and chug setup for MX I'd love to try it.
> 
> Thanks,
> 
> --lm

I run my own server using sendmail.  Part of what makes it work is an accretion
of crud that I have hooked to it over the years which I wouldn't particularly
suggest to anyone else.

So yes, spam is a big problem.  I manage it in a crude but effective way.  I
have a milter (mail filter) that I cobbled together that is invoked by sendmail.
I also have a separate "spam" user.  What the milter does is to take anything
that it considers to be spam and rewrites the address so that it goes to the
spam user.  I have permissions set up so that I can easily check on spam when I
have time.  Oh yeah, another of my curmudgeon credentials is that I use nmh for
my MUA (I'm a maintainer).

The big question is, what is spam?  To me, it's any message from a sender who is

 1.  It's spam if the sender is in my blacklist.  This rarely gets used.

 2.  It's spam if it's sent to more than one recipient at my domain and any of
     the recipients are nonexistent users.

 3.  It's spam if the message is malformed.

 4.  It's spam if the message has a forged address or a non-resolvable host.

 5.  Finally, it's spam if it's not text/plain and not in my whitelist.

My big issue with spam is not the spam itself, it's the interruptions.  So I
scan the spam folder every once in a while and if I see something from someone
that I want then I add them to my whitelist.  Works for me.

I also run fail2ban which at least keeps my log file size down.  Biggest issue
for me is that, living out in the country I am limited to a very expensive T1.
Every once in a while I have to call Verizon customer service which coincidentally
is the phone number for the Oregon Department of Justice and get them to block
mainly Chinese IP addresses at their end because getting hit with thousands of
spam attempts per minute is effectively a DDOS attack.

Jon