Re: [cobalt-users] Spam blocking

["Raq4" <cobaltraq4@xxxxxxx>]

Hi everyone,

Been watching this thread and a few others like it for the past few months
now.  One thing that seems to be missing is 'Having a Plan'. First realize
that there is no magic solution to eliminate spam.  You need multiple
weapons to just reduce it.  Want to use RBL's?  Fine, but what about
MailScanner/Spamassassin, procmail and even the 'ole /etc/mail/access?  Like
I said, have a plan, do some investigating, maintain control over the
process, etc...

E-Mail coming from an obvious spam domain?  Add them to /etc/mail/access.
After all why even waste the bandwidth accepting spam in the first place.
Now we're down to random spam from random servers.  RBLs and Spamassassin
can take care of the own fair share.  Tweak settings/confs like
Spamassassins High and Low score spam, which RBLs to use and which order to
put them in, to accomodate accounts that do not want anything blocked vs.
accounts that want this crap gone.  Another good reason to learn to install
software manually so you understand configuring them.

We're now left with random spam from random servers.  Hello procmail.  Scan
the headers and bodies for known patterns like Viagra (even spelling them
wrong like vairga) and @china.com to reduce this crap even further.  We're
even blocking any .biz with procmail since none of our clients receive legit
email from a .biz domain (yet).  And we see that the majority, 80%, of the
spam that gets this far have a .biz domain hosting a web graphic to be
downloaded.

Final result, I receive 1-2 spams an hour vs. 40-50.  Add those numbers up
for all users!  Is this the only way?  No.  Are there better ways?
Probably.  Bottom line is that we have a *plan* which uses several ways to
reduce spam while leaving most of the control to us.

Just my 2 cents...

Dave~