[exim] Spam Blocking by BT

Top Page
Delete this message
Reply to this message
Author: David Restall - System Administrator
Date:  
To: exim-users
Subject: [exim] Spam Blocking by BT
Hi,

I have a client who's server has just been blacklisted by BT, not
without some justification, however the help received from BT to
resolve the problem is non existent. Originally, the server was set up
simply as the MX for about 600 domains with about 1000 users in
virtusertable. None of the accounts were local accounts, the box just
accepted what came in and forwarded the message to the recipient. No
filtering, no checks. Unfortunately, some of the domains had wildcard
addresses in them so the machine was a spammers dream :-( Since many of
the addresses forwarded to BT Connect accounts and have done for several
years, it was inevitable that at some point BT would start to get a bit
sensitive about the amount of spam being received and would do something
about it hence the blacklisting.

The blacklisting has caused the client some problems - not least of
which is the complete reluctance of BT to engage in a dialogue to resolve
the problem, eventually BT white-listed the server after one of the end
users wrote a message to the BT Chairman. In the meantime, I was asked
by the client what was required to limit the damage so I migrated them
from sendmail to exim + clamav + spamassassin + DNSBL + sender/callout.
I also removed all the wildcard addresses that went to BT. BT now say
that the client will still be blocked eventually because they still
receive a 'significant' amount of spam from the server even though the
new configuration throws away 97% of messages before they are forwarded
to the btconnect accounts (For instance, yesterday 88834 rejects and 3016
deliveries according to eximstats). BT haven't defined 'significant'.
I suspect that if I ask BillW or MarcP, I'd get different definitions
of significant :-)

My question is, what more can I do to cut down the spam further ? I
don't know of any spam filter that is 100% accurate and what I let
through BT may block but similarly, what a BT spam filter might let
through, spamassassin would block. Spam is a moving target/definition.

BT seem to be using DKIM and SPF but will this really make a big
difference if I implement it on the server ?

Exim is performing much better than sendmail BTW, though this is
probably due to the fact that poor old sendmail was doing nothing other
than store and forward and was consequently being hit with so much
backscatter that it couldn't do anything but run slowly.

Regards,



Dave
exim/2009-09-04.tx                                     exim-users
+----------------------------------------------------------------------------+

| Dave Restall, Computer Nerd, Cyclist, Radio Amateur G4FCU, Bodger          |
| Mob +44 (0) 7973 831245      Skype: dave.restall             Radio: G4FCU  |
| email : dave@???                     Web : Not Ready Yet :-(       |

+----------------------------------------------------------------------------+
| Please ignore previous fortune.                                            |

+----------------------------------------------------------------------------+