Author: Peter Bowyer Date: To: exim-users Subject: Re: [Exim] Opinions sought: Most effective spam reduction
techniques
warren, anthony said: > Hi all,
>
> After some testing with SMTP sender verify callouts and getting mixed
> results from that method, I am keen to explore other Spam reduction
> techniques.
Sender verify callouts are not suitable for general-purpose use, because
of the side-effect they have - they contribute to rather than reduce the
apparent level of junk mail at busy sites which are subject to a lot of
them.
I suggest (and use) the following set of measures in our virtual-domain
system, in order of increasing cost:
1. HELO checking - disallow bare IPs, HELO with any of your domains[1],
HELO not FQDN[1]
2. DNSBLs - we use sbl-xbl.spamhaus.org
3. SPF hard reject
4. Sender verify (without callout)
5. Unwanted attachment blocking
6. Malware scanning
7. Spam scanning with SpamAssassin
We're looking at introducing greylisting at stage 4.
We've not found any FP issues at all with stages 1-6 - at stage 7 we let
each domain decide what SA reject threshold it uses; we mark-up a header
for anything that passes under teh threshold.
Peter
[1] Be careful with these if you have clients relaying through the server
- some MUAs HELO with odd things which might fail these tests.
