A while back I implemented a change to our postfix config and about 97%+ of the spam went away immediately. This is a company of 1000+ people that had email wide open for 9 years (only using SpamAssassin). All I did was implement the S25R postfix filter methodology and all the spam bots were kicked to the curb. The employees and management are quite happy that all that crap is gone. Unlike anti-spam which has to guess if something is spam, this method gets rid of most of the real spammers. The email storage has less crap written to it as well which means wasting less money on shelves of storage.The only false positives have been small "businesses" that were set up by someone that had no idea how email and DNS worked. Those I resolve by whitelisting their IP until they fix their DNS, thus stopping a problem from propagating like anti-spam companies want to continue for their profits. You see, the anti-spam companies want you to rely on checking what is in the envelope and as everyone knows, that is easy to forge. By going back to basics (following the RFC's) and making use of standards that just about every ISP world wide have adopted since 2003, I have been able to spot the bots, easy.Anyway... just google for "S25R postfix spam". I will post some real world examples soon, as the developer of this concept was focused on email in Japan. It doesn't matter though because his concepts rock solid. I use a hybrid approach which combines S25R+RBL+iptables+traffic shaping, all of which are extremely easy to do. My mail servers (4 dual xeon boxes behind load balancers in 2 datacenters) used to have a run queue of 6.8 on average. They now have a run queue of 0.05. My average CPU utilization is slightly higher, but email delivery is much faster now. SA no longer has to work nearly as hard which means I can have more complex SpamAssassin rules from the SARE project. The tiny bit of spam that gets past postfix is easily caught and tagged by SA. This also eliminated almost all viri issues and thus the centralized mail server anti-virus has hardly anything to do. I have had this in place for 5 months and it has kicked some serious spammer butt!For the executive summary: Almost no viri/spam, less storage used, faster email delivery, vastly improved hardware scalability, easier to meet audit requirements, happy employees.For the spammers: No way around this one as I have proven this to work in a worst-case financial company scenario.
I think we all got over being indignant about spam 10 years ago. Now, what slips through the cracks in the filters is just background noise like TV ads that are just tuned subconsciously tuned out. It exists as background hiss. Get over it.
But eventually, even the stupid will either smarten up, or run out of money. Maybe there should be a tax on stupidity. Oh yeah, I forgot, we already have lotteries.
I do hope you are kidding, right? :-) I just gave people a pointer to a method to block all of their spam without using a single commercial product. S25R is a concept/methodology, not a product.
missingnoh4xMar 31, 2008
Lock them up with a cell mate who has used vi @g.r4, enlarged their penis, and is looking for a new relationship.
Closed AccountApr 1, 2008
A while back I implemented a change to our postfix config and about 97%+ of the spam went away immediately. This is a company of 1000+ people that had email wide open for 9 years (only using SpamAssassin). All I did was implement the S25R postfix filter methodology and all the spam bots were kicked to the curb. The employees and management are quite happy that all that crap is gone. Unlike anti-spam which has to guess if something is spam, this method gets rid of most of the real spammers. The email storage has less crap written to it as well which means wasting less money on shelves of storage.The only false positives have been small "businesses" that were set up by someone that had no idea how email and DNS worked. Those I resolve by whitelisting their IP until they fix their DNS, thus stopping a problem from propagating like anti-spam companies want to continue for their profits. You see, the anti-spam companies want you to rely on checking what is in the envelope and as everyone knows, that is easy to forge. By going back to basics (following the RFC's) and making use of standards that just about every ISP world wide have adopted since 2003, I have been able to spot the bots, easy.Anyway... just google for "S25R postfix spam". I will post some real world examples soon, as the developer of this concept was focused on email in Japan. It doesn't matter though because his concepts rock solid. I use a hybrid approach which combines S25R+RBL+iptables+traffic shaping, all of which are extremely easy to do. My mail servers (4 dual xeon boxes behind load balancers in 2 datacenters) used to have a run queue of 6.8 on average. They now have a run queue of 0.05. My average CPU utilization is slightly higher, but email delivery is much faster now. SA no longer has to work nearly as hard which means I can have more complex SpamAssassin rules from the SARE project. The tiny bit of spam that gets past postfix is easily caught and tagged by SA. This also eliminated almost all viri issues and thus the centralized mail server anti-virus has hardly anything to do. I have had this in place for 5 months and it has kicked some serious spammer butt!For the executive summary: Almost no viri/spam, less storage used, faster email delivery, vastly improved hardware scalability, easier to meet audit requirements, happy employees.For the spammers: No way around this one as I have proven this to work in a worst-case financial company scenario.
crossedbearingsApr 1, 2008
I think we all got over being indignant about spam 10 years ago. Now, what slips through the cracks in the filters is just background noise like TV ads that are just tuned subconsciously tuned out. It exists as background hiss. Get over it.
grumpyrainApr 1, 2008
That actually may well work, because as we all know, spam is only sent from the spammers computer, not some malware infected botnet.
proverbs17Apr 1, 2008
But eventually, even the stupid will either smarten up, or run out of money. Maybe there should be a tax on stupidity. Oh yeah, I forgot, we already have lotteries.
edleyApr 1, 2008
mmm. i dont get any spam. yay for me! double underscores are AWSOME!
Closed AccountApr 1, 2008
I do hope you are kidding, right? :-) I just gave people a pointer to a method to block all of their spam without using a single commercial product. S25R is a concept/methodology, not a product.
gijoebobApr 2, 2008
Except that it clogs up and slows down the Intertubes. My COD4 can't take much more of this.