Tuesday, January 16, 2007

Steps to stop SPAM

There is a good article about steps that we can use to prevent spam, you
can find the very good article in here
http://www.spamhaus.org/effective_filtering.html.

Personally, I use spamhaus as my primary DNSBL. It never let me down. Off
course there are some legitimate emails that being block by spamhaus, very
few, and that's not my problem. :).
I believe email administrators and ISP admin must protect they servers and
their network from spammers.

These is my configuration to stop spam:

1. DNSBL test in mta level.
I use sendmail as my mta server, and activated DNSBL in sendmail. Why put
DNSBL in mta level? Because it can stop a lot of spam before it transferred
to our mail server. But because it will stop few legitimate emails, I try
to put 'not so aggressive' DNSBL like sbl from spamhaus (actually I use
sbl-xbl.spamhaus.org).

2. Greetpause
Great new feature from sendmail. This way all emails (except if we put some
conditional) will be forced to wait for HELO or EHLO command from the mta
server. If the email doesn't bother to wait for HELO or EHLO command, the
we don't bother to receive, we simply kick it.

3. Mailscanner
Great software. Nothing more to say. You can download the latest version in http://www.mailscanner.info. In Mailscanner I activate these
features:

3.1. Spamassassin
A must. In new version of spamassassin there a script called sa-update to update builtin spamassassin rules, you can use cron job to make it run automatically every day.
You can add additional rules for spamassassin, most of them are in http://www.rulesemporium.org, additional rules can be automatically updated with smart cron job called rules_du_jour.

3.1.1. DCC + Razor
Inside the Spamassassin, I turn on both DCC and Razor. Increase the spam
score enough to make it a spam.

3.1.2. Bayes
Help a lot to stop more spam. I create two mail box, one for spam and one
for ham (non spam). Each day, a cron job will learn from each mail box, and
learn it as spam or ham.

3.2. Clamav (for check viruses)
Every mail server need antivirus. Clamav is the best there is, and free.

3.3. Another DNSBL test (to increase score)
This DNSBL actually will increase the spam score.

That's are my configurations. Hope that will help you to create your own
configuration for battle against spam.

Posted by Budi Febrianto

Labels: , , ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)
Template Designed by Douglas Bowman - Updated to Beta by: Blogger Team
Modified for 3-Column Layout by Hoctro