I’ve been running Spamassassin and Postgrey on my mail server for the past few months. It was only since the server was upgraded that I had enough juice to run the very intensive SA processes (even using spamd), but still on occasion the server would grind to a stop when a particularly nasty Rumpelstiltskin attack was underway.
So, last week I met Mark for a coffee and he showed me his Nokia N90 (or N80, I can’t remember) and the gmail app that was installed on it. He collects his gmail email on his phone, after it’s filtered for spam, and what with the cost of GPRS data, that’s quite a saving. I don’t intend reading my email on my phone (I hate my W810i anyway), but he did give me the idea of sending my email through Google and then popping it off into Thunderbird!
Now, I have a simple .forward to send on my email. I was able to shut down Postgrey and Spamassassin and email is delivered quickly and with few false positives or spams getting through. When I think of it, I can use the web interface to check what’s due to come down the line. You also get the added bonus of encrypted pop3 data, useful when you’re at a conference or simply on public wifi.
I’m sure everyone else has been doing this for ages and ages but hopefully this will inspire at least one person to follow suit and rid themselves of spam once and for all!
It has been a long time since I used and configured Sendmail, and I don’t miss it one bit now that Postfix is on the scene, but the amount of spam I receive does bother me. My Junk folder had reached 160MB, mostly due to some idiots sending huge spam attachments, but also because spam still works and a majority of the email circulating is spam and not legitimate.
Spamassassin is how we fight back. Unfortunately it needs a reasonably powerful server, gobs of memory and CPU when there’s a lot of incoming email and time to configure. Using spamd/spamc makes things easier on your server but it’s still a hefty price to pay for being spam free.
Here are a few pages I found useful this morning when getting things up and running on my Ubuntu server:
I also recommend running Postgrey to stop some junk mail before it gets into your system at all.
Now, if only there was a Spamassassin for the junk mail and clothes collection leaflets we get to the front door. How’s about a Defense Tower that would fire pellets when it noticed someone with leaflets calling to the door?
Edit: Justin talks about one of Spamassassin’s honeypot traps and about goings on at Blacklist.ie
Greylisting is an anti-spam and virus measure you can use on your mail servers. When a remote server connects for the first time it’s automatically disconnected and can’t connect for a set time limit (default is 5 minutes). If it’s a real mail server it should keep trying to deliver the mail but viruses and spam will more than likely be stopped cold.
Postgrey is a greylisting server for Postfix that Colm Buckley installed on the machine that runs linux.ie
On Debian, it’s as easy as
apt-get install postgrey but then you have to configure Postfix to use it:
Edit /etc/postfix/main.cf and modify the line that starts with:
smtpd_client_restrictions = ...
inet:127.0.0.1:60000 to the end of it.
Now, you probably want to enable white listing of clients too so edit /etc/default/postgrey and change so it looks like this:
POSTGREY_OPTS="--inet=127.0.0.1:60000 --delay=300 --auto-whitelist-clients"
You might want to add the IP range for your local network to /etc/postgrey/whitelist_clients so they’re not greylisted:
/^192\.168\.1\..*/ does the job for my situation I think.
Now, restart Postfix and Postgrey and you should see the following message appear in /var/log/mail.info:
Client host rejected: Greylisted for 300 seconds (see http://isg.ee.ethz.ch/tools/postgrey/help)
If you don’t, it’s not working!
Much later… It’s been active for about 20 hours now and I’ve only received about 10 spams, down from well over 200 usually! The delay in delivery is annoying, but it’s something we can hopefully live with!