= Postfix/Spam_handling = From: * http://archives.neohapsis.com/archives/postfix/2010-02/0075.html * http://archives.neohapsis.com/archives/postfix/2010-01/0089.html ---- * Stop 70% or more of all spam with {{{ smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination reject_rbl_client zen.spamhaus.org }}} * Stop other zombies with greylisting, e.g., with postgrey. * If the remaing spam bothers you, look into amavisd-new and other deep inspection systems. Use these only for mail that isn't cleaned via other means. And some heavier duty options: * Maintaining a local block-list {{{ I get one to two spams a day in the inbox these days, if that. Every few weeks or so I'll see 5-10 spams in the inbox due to a run from a previously unknown snowshoe spammer IP or /27 or /24 range. I block it and sail mostly spam free again for another few weeks. }}} * Maybe ignore content filtering {{{ I don't use any content filtering software, period, only smtpd checks, postgrey daemon, and zen.spamhaus.org. I filter about 10 countries and all of Africa using ipdeny.com cidr blocks and I do some rdns name regex rejections. }}} * Sample config {{{ header_checks = pcre:/etc/postfix/header_checks mime_header_checks = pcre:/etc/postfix/mime_header_checks smtpd_helo_required = yes cidr=cidr:/etc/postfix/cidr_files smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination check_recipient_access hash:/etc/postfix/whitelist check_sender_access hash:/etc/postfix/whitelist check_client_access hash:/etc/postfix/whitelist check_client_access hash:/etc/postfix/blacklist check_client_access regexp:/etc/postfix/fqrdns.regexp check_client_access pcre:/etc/postfix/ptr-tld.pcre check_client_access ${cidr}/countries check_client_access ${cidr}/spammer check_client_access ${cidr}/misc-spam-srcs reject_unknown_client_hostname reject_non_fqdn_sender reject_non_fqdn_helo_hostname reject_invalid_helo_hostname reject_unknown_helo_hostname reject_unlisted_recipient reject_rbl_client zen.spamhaus.org check_policy_service inet:127.0.0.1:60000 }}}