How to implement a Postfix spam trap? - Written by mirabilos @ monday 04 november 2013, 15:09

https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap en a blog about Debian and self-hosting Mon, 04 Nov 2013 15:09:00 +0000 PluXml How to implement a Postfix spam trap? - Written by mirabilos @ monday 04 november 2013, 15:09 https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap/#c1383577763-1 https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap/#c1383577763-1 I'm doing it using OpenBSD’s spamd, which ofc won’t work for you. But it works. Block only for a day, or a couple of days. The biggies aren’t as much an issue as people with changing IPs are. (The biggies have other, worse, problems.) Mon, 04 Nov 2013 15:09:00 +0000 mirabilos How to implement a Postfix spam trap? - Written by Craig @ sunday 03 november 2013, 22:14 https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap/#c1383516866-1 https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap/#c1383516866-1 I use dspam for my filtering and they have this concept of innoculation. So email to abigail@enc.com.au goes to a special alias that dspam knows is spam. It then uses this to determine if email for other users is spam. From the outside it looks like the email is delivered. Sun, 03 Nov 2013 22:14:00 +0000 Craig How to implement a Postfix spam trap? - Written by AH @ thursday 31 october 2013, 22:24 https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap/#c1383258250-1 https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap/#c1383258250-1 Isn't it very easy to launch a denial-of-service attack against your server then? Thu, 31 Oct 2013 22:24:00 +0000 AH How to implement a Postfix spam trap? - Written by MJD @ thursday 31 october 2013, 22:15 https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap/#c1383257722-1 https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap/#c1383257722-1 There is a service that already implemented such a thing at: http://psbl.org/ . They use the software at http://spamikaze.org/ to do their filtering. I use the public blacklist myself, seems to generally work well. Thu, 31 Oct 2013 22:15:00 +0000 MJD How to implement a Postfix spam trap? - Written by Steven C. @ thursday 31 october 2013, 20:14 https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap/#c1383250479-1 https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap/#c1383250479-1 I agree with @Laurento. You could accept spamtrap mail without doing any scanning, and have procmail pipe them to sa-learn, or store them in a maildir and batch-process them. That teaches the Bayesian filter with texts and also headers, including the Received: lines identifying servers involved, and may be able to pick out specific email addresses (useful for GMail etc.). I thought the whole idea of a spamtrap mailbox is that you don't have human control? If you prefer, you could retain the learned messages, in case you want to review sometime for false positives, then you could re-learn them as ham. Something else you could do is create your own local DNS-based RBL, add sending servers to it for some period of time, and configure SpamAssasin to use it. You might even make it public :) Thu, 31 Oct 2013 20:14:00 +0000 Steven C. How to implement a Postfix spam trap? - Written by Tanguy @ thursday 31 october 2013, 16:41 https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap/#c1383237660-1 https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap/#c1383237660-1 @Laurento : That may be a good idea to initialize a bayesian filter database, but I do not like the idea of using it with almost no human control. To me, these are two distinct measures: spam traps to block what is, by definition, a spam, and bayesian filters to identify what looks like spammy messages. Now, I would not use that spam trap to bayesian linking as the only measure, since the on a bayesian filter requires some computing power that can be saved with a simple blocking. @Mika : You can add dnswl.org too, which may be more reliable than Spamhaus. Personally, I do not trust Spamhaus, because I ended on their policy list, and as a consequence on their global block list, with no valid reason (my ISP never told me not to send mail directly, and I know they does not voluntarily gives away his end user addresses to RBL providers; they only gave them to TrendMicro MAPS, after they blackmailed them to blacklist their main servers if they did not gave them their end user address ranges). Thu, 31 Oct 2013 16:41:00 +0000 Tanguy How to implement a Postfix spam trap? - Written by Mika @ thursday 31 october 2013, 16:20 https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap/#c1383236410-1 https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap/#c1383236410-1 Hi, for the problem of blacklisting hotmail or gmail, you should consider using a whitelist (like the spamhaus whitelist) of IP addresses that you will never ever blacklist. Thu, 31 Oct 2013 16:20:00 +0000 Mika How to implement a Postfix spam trap? - Written by Laurento @ thursday 31 october 2013, 16:14 https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap/#c1383236082-1 https://tanguy.ortolo.eu/blog/article114/postfix-spamtrap/#c1383236082-1 What about using all received emails to feed spamassassin bayesian filter automatically? Thu, 31 Oct 2013 16:14:00 +0000 Laurento Tanguy Ortolo - How to implement a Postfix spam trap? - Comments