Ticket #190 (closed task: fixed)

Opened 5 years ago

Last modified 5 years ago

Need SPAM filter for mailing list admins

Reported by: tmitchell Owned by: sbarnes
Priority: normal Milestone:
Component: Systems Admin Keywords: spam
Cc: sbarnes@…, neteler@…

Description

Those of us set as administrators of OSGeo lists get a lot of SPAM sent to the list owner addresses. I'm requesting that a simple filter be implemented, at least for mailman-related messages. I can't recommend any software for doing this and have had some problems with "blacklist" based ones in the past, so reluctantly I ask for some way to help this.

Change History

Changed 5 years ago by neteler

This can be implemented fo example like this (worked for years on grass.itc.it):

Protecting Mailman with bogofilter against spam

 http://mpa.itc.it/markus/bogofilter/index.html

Changed 5 years ago by tmitchell

Hi all - anyone on SAC able to help with this? We are starting to scare away some list admins who are bombarded with SPAM sent to [list]-owner@…. I don't know enough to install this bogofilter configuration.

Changed 5 years ago by neteler

While bogofilter installation requires a supervised training phase, I use "greylisting" on another server quite successfully. Spam dropped from 1700/day to 5-10/day.

Effort (system uses postfix): postgrey [1] installation plus one-liner addition into config file. Then restart postfix and enjoy. I defined a very short greylisting time to avoid delays of mail delivery. That still helps a lot.

[1]  http://postgrey.schweikert.ch/ or from your preferred distro.

Changed 5 years ago by tmitchell

  • owner changed from sac@… to tmitchell
  • status changed from new to assigned

Changed 5 years ago by tmitchell

  • cc sbarnes@… added

Now that I've lost some important emails due to my own poor local spam filter, I want to get this solved. Also, our volunteer list admins (and we have many!) are getting tons of spam. So, I've installed Postgrey but need some final set up help. I am at this step in the install documents, but not sure what to do here.

...

· Put something like this in /etc/postfix/main.cf:

smtpd_recipient_restrictions =

permit_mynetworks ... reject_unauth_destination check_policy_service inet:127.0.0.1:10023

...

Markus, can you share with me your config info? Shawn, do you have a minute to help, since you've done most of the postfix config?

I'm saving my notes at:  http://wiki.osgeo.org/wiki/Postgrey

Changed 5 years ago by sbarnes

Tyler,

i haven't setup postgrey before but, i will look into this in the next day or two.

cheers, shawn

Changed 5 years ago by sbarnes

Actually i just took a cursory look at postgrey.

I've edited /etc/postfix/main.cf to add the config lines for smtpd_recipient_restrictions but, commented them out. I assume we'll also have to open the firewall to allow connections to the port that postgrey is listening on.

I'll look into this more tomorrow....i won't be available this evening and i don't want to flip a switch and then be unavailable to switch it back if needed.

cheers, shawn

Changed 5 years ago by sbarnes

  • cc neteler@… added
  • owner changed from tmitchell to sbarnes
  • status changed from assigned to new

I've edited /etc/postfix/main.cf file, started postgrey and restarted postfix.

grep Greylisted /var/log/maillog shows that postgrey is working.

this is what i added to /etc/postfix/main.cf

smtpd_recipient_restrictions = permit_mynetworks,

permit_sasl_authenticated, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_unauth_destination, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, #reject_rbl_client list.dsbl.org, #reject_rbl_client sbl.spamhaus.org, #reject_rbl_client zen.spamhaus.org, #reject_rbl_client lists.spam.sux.com, check_policy_service unix:postgrey/socket, permit

Everything seems to be working.

I've added a couple RBL's (real time black listings) to the config and commented them out, we can uncomment them if we find we are still getting a ton of spam.

Cheers

Changed 5 years ago by tmitchell

  • status changed from new to closed
  • resolution set to fixed

I'm sure between you, Markus and I we will see how effective it is. Thanks for the push Markus and thanks Shawn for helping make this happen!

Changed 5 years ago by sbarnes

If postgrey causes us any problems it's easy to revert back to our previous configuration

Steps to revert:

Edit /etc/postfix/main.cf

comment out lines 222 to 236 

    smtpd_recipient_restrictions = permit_mynetworks,
        permit_sasl_authenticated,
        reject_invalid_hostname,
        reject_non_fqdn_hostname,
        reject_non_fqdn_sender,
        reject_unauth_destination,
        reject_unknown_recipient_domain,
        reject_unauth_pipelining,
        reject_unauth_destination,
        #reject_rbl_client list.dsbl.org,
        #reject_rbl_client sbl.spamhaus.org,
        #reject_rbl_client zen.spamhaus.org,
        #reject_rbl_client lists.spam.sux.com,
        check_policy_service unix:postgrey/socket,
        permit

Then restart postfix
$ sudo /sbin/service postfix restart

Changed 5 years ago by neteler

I no longer receive Spam - something must be broken :) Cool, thanks for activating postgrey.

It DOES help.

thanks, Markus

Changed 5 years ago by neteler

I observe that messages from our systems (SVN to mailing list etc) are not delayed at all. Good.

Changed 5 years ago by sbarnes

I set the delay to 60 seconds. I figured we'd start with a small delay and move up incrementally if needed. I'm glad it's working with the short delay.

Note: See TracTickets for help on using tickets.