On Fri, 2012-09-07 at 17:25 +1200, Simon Lyall wrote:
On Fri, 7 Sep 2012, Steve Holdoway wrote:
As you've been very helpful in the past, can
I ask the best way forward
in addressing this problem.
In an attempt to reduce spam delivery to a local charity mail server, I
My advice is don't try to devise rules for spam blocking yourself, as
you've found even a simple idea like requiring reverse DNS will have
false positives. There are plenty of other "simple" solutions that will
also come back to bite you .
Either outsource your filtering or install something like Spamassassin
which comes with it's own build-in rules enabled and tuned.
 - "Voodoo spam filtering" is a phrase I like.
For incoming mail, I'm using services from SpamHaus - zen list in
sendmail and drop list via iptables updated daily - and greylisting.
I hate spamassassin with a vengeance for exactly the reason you
mentioned above - creating your own rules = imperfect + job for life.
However, I really don't consider RDNS to be in that category: isn't it
in the RFC? Ugh I just checked: 1912 Section 2.1... 'For every IP
address, there should be a matching PTR record in the in-addr.arpa
should, not must. Missed that first time around. Bugger.
I cannot outsource this mail due to its sensitive nature, backed up by
the board's decision. This also negates the use of naughty word filters
Steve Holdoway BSc(Hons) MIITP