[Techtalk] Spam filtering Mailman..

Kathryn Andersen kat_lists at katspace.homelinux.org
Sat Sep 17 05:13:26 EST 2005

On Fri, Sep 16, 2005 at 06:12:41AM -0500, agoats wrote:
> Is there a way to do spam filtering before mailman? 
I've found there are some settings in Postfix that can cut down spam to
the entire system, by blocking things like dynamic IPs, realtime
blackhole lists, non-reverse-DNS-lookups...

This is a list of settings I actually got from my Sysadmin at work, so
I'm not sure what all of them do.  This has certainly cut down spam
getting to my system, though it has also blocked legitimate email from
blacklisted domains -- that's the weakness with blacklists.
But even some of the following settings should be better than nothing.

# Reject the request when the client IP address has no PTR (address to
# name)
# record in the DNS, or when the PTR record does not have a matching A 
# (name to address) record.
smtpd_recipient_restrictions = permit_mynetworks,
    reject_rbl_client sbl-xbl.spamhaus.org,
    reject_rbl_client relays.ordb.org,
    reject_rbl_client dnsbl.njabl.org,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client dnsbl.ahbl.org,
    reject_rbl_client dnsbl.sorbs.net,
    reject_rbl_client relays.visi.com,
    reject_rhsbl_client blackhole.securitysage.com,
    reject_rhsbl_sender blackhole.securitysage.com,
    reject_rhsbl_client rhsbl.ahbl.org,
    reject_rhsbl_sender rhsbl.ahbl.org,
    reject_rhsbl_client rhsbl.sorbs.net
    reject_rhsbl_sender rhsbl.sorbs.net,
    reject_rhsbl_client block.rhs.mailpolice.com,
    reject_rhsbl_sender block.rhs.mailpolice.com,
    reject_rhsbl_client dynamic.rhs.mailpolice.com,
    reject_rhsbl_sender dynamic.rhs.mailpolice.com,
    reject_rhsbl_client bogusmx.rfc-ignorant.org,
    reject_rhsbl_sender bogusmx.rfc-ignorant.org,
    reject_rhsbl_client dsn.rfc-ignorant.org,
    reject_rhsbl_sender dsn.rfc-ignorant.org
    reject_rbl_client list.dsbl.org,

Kathryn Andersen
You know you're using the computer too much when:
your cable internet goes down at night and you decide to stay up till 6am to
call and have it fixed, it started working again at 5am b at st@rd NTL just
torturing me.
	-- ewan.paton
 _--_|\     | Kathryn Andersen	<http://www.katspace.com>
/      \    | 
\_.--.*/    | GenFicCrit mailing list <http://www.katspace.com/gen_fic_crit/>
      v     | 
------------| Melbourne -> Victoria -> Australia -> Southern Hemisphere
Maranatha!  |	-> Earth -> Sol -> Milky Way Galaxy -> Universe

More information about the Techtalk mailing list