TIP: Click on subject to list as thread! ANSI
echo: linux
to: BENNY PEDERSEN
from: ALEXEY VISSARIONOV
date: 2015-09-12 11:19:00
subject: spamhaus
Good ${greeting_time}, Benny!

12 Sep 2015 00:56:08, you wrote to All:

 BP> i hate spammers, but i hate also spamhaus for not helping me stop
 BP> spam originated from my own ips, that sayed it took me 5 mins to
 BP> delist, but the game can now continue :/

That's normal: that's you who should care of your servers.

 BP> sadly antispam looses sometimes

Really? :-)

 BP> if it continues to be a problem i will just add
 BP> reject_unverified_sender to postfix,

You had to do that well before you've faced the blacklisting.

 BP> if blocking my ip, senders cant spam me, and i win there

I use the following procedure:
reject messages with strange characters in hostnames and addresses;
accept messages from trusted hosts (only 127.0.0.1 and ::1 for now);
accept messages from authenticated clients;
reject messages to unknown domains (neither local nor relay-to);
reject messages that fail HELO verification (*1);
reject messages that fail sender verification;
reject messages with IP-based hostnames (*2);
reject messages from blacklisted hosts (*3);
reject messages to spamtraps (*4);
accept messages to known recipients (local or verified relay-to);
reject everything else.

(*1)    HELO hostname must resolve to the connection IP address and back
(*2)    client-192-0-2-123.users.example.net
(*3)    work.drbl.gremlin.ru blackholes.wirehub.net cbl.abuseat.org
        bl.spamcop.net zen.spamhaus.org abuse.rfc-ignorant.org
        bogusmx.rfc-ignorant.org dsn.rfc-ignorant.org
(*4)    spamtraps are used to fill the vote.drbl.gremlin.ru

The absolute leader is the RFC821-conformance (HELO and sender) verification
procedure, rejecting above 60% of all spam; everything else is filtered using
blacklists. Result: 1...2 spam messages per month in my mailbox.

 BP> what will be more correct will be to start blocking sender domains,
 BP> not sender ips, that will be more helpfull for me as hoster to stop
 BP> the spam

Registering the domain is much easier than changing the IP address (now that
generally means "finding another buggy host with security holes").

 BP> one day possible spamhaus have learned it :/

No: blacklisting the IP networks is the only effective way to fight spam.


--
Alexey V. Vissarionov aka Gremlin from Kremlin
gremlin.ru!gremlin; +vii-cmiii-cmlxxvii-mmxlviii

... god@universe:~ # cvs up && make world
--- /bin/vi
* Origin: http://openwall.com/Owl (2:5020/545)
SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.