Re: [exim] Anti SPAM Exim configuration

Top Page
Delete this message
Reply to this message
Author: Marc Perkel
Date:  
To: W B Hacker
CC: exim users
Subject: Re: [exim] Anti SPAM Exim configuration


W B Hacker wrote:
> Matthias wrote:
>
>> Hello,
>>
>> Alexander Prohorenko Wrote:
>>
>>> Tony,
>>>
>>> What can you advise, except spending hours daily filtering mail from
>>> SPAM manually?
>>>
>> DynaStop may well help in your filtering. It can stop all spam from
>> dynamic IP addresses (dialup and DHCP residential).
>>
>> its at http://tanaya.net/DynaStop/
>>
>> There is also a new forum at exim-users under Add-Ons.
>>
>>
>>
> Looked at the code.
>
> We have been using a wildcarded regexp block list with <1,000 members in a
> similar manner for more than a year. But far, far less clever substring matching.
>
> JM2CW, but possible pro and con:
>
> Pro:
>
> - Should work largely as advertised.
>
> Con:
>
> - Should be expected to return more false-positives AND misses than an actively
> maintained RBL of dynamic-IP's, if only because of updating/NOT.
>
> - but the far bigger drawback is that there is no 'free lunch' w/r substring
> matching.
>
> Whereas RBL hits are cached by Exim, the upstream, or a bespoke local DNS
> implemented for the purpose, using a simple and efficient DNS lookup...
>
> ..by contrast, this critter requires, (SWAG), probably 3 or greater orders of
> magnitude more CPU cycles than a DNS lookup uses.
>
> Ergo:
>
> IF {AND {CPU cycles to burn} {marginal DNS}{DOIT}{NOT}}
>
> Check your server load with/without the tool.
>
> YMMV,
>
> Bill
>
>
>


Bill, might be good as a greylist. Suppose you had your lowest MX do a
DEFER based on this list and your next highest MX not do defer. Bots
usually don't retry so if you get it wrong on this list you don't lose
any mail. But for bots that use the lowest MX it could make a lot of
spam go away.

Or - you could just add a header and let Spamassassin score it as well.