Sendmail: How does one blacklist annoying spammers?
jdow
jdow at earthlink.net
Mon Jun 28 10:38:12 UTC 2010
From: "Alan Cox" <alan at lxorguk.ukuu.org.uk>
Sent: Monday, 2010/June/28 02:05
> I believe that's what SPF is supposed to solve. Sites advertise in
> their DNS records which the "official" outgoing email servers are.
Spammers advertise SPF records of 'the whole internet' (normally split
into chunks to confuse checkers) and turning on SPF checking naïvely
simply helps the spam get through.
>>jdow
Actually not, Alan. If you are using SpamAssassin simply set the score
for passing SPF tests at a very low non-zero number, say 0.001. That
helps you get statistics on the rule without it affecting scores. Then
set failing SPF tests to as high a score as seems reasonable with
experience. Then it will only kick in if a spam is "dumb enough" to
have gotten out without a valid SPF.
Note that spf is also good with whitelists. If an email is supposedly
from fred at wherever.foo and the SPF confirms that it was sent from a
proper address for that mail server you're better off than merely
testing for being from wherever.foo, even with tests against the
Received headers. That's why SpamAssassin has "whitelist_from_spf"
in addition to "whitelist_from_rcvd".
man Mail::SpamAssassin is a good start to really learning SpamAssassin.
man Mail::SpamAssassin::Conf(3) is a good place to start when writing
rules.
{^_-}
More information about the users
mailing list