[afnog] I am getting porn spam emails

Kevin Chege chege at isoc.org
Fri Jan 6 04:45:16 UTC 2017


In addition to all that has been said, we covered building an Anti-SPAM filter at the past AfNOG workshop with Postfix and MailScanner. Should you wish to build one, there are instructions that should work for Debian or Ubuntu

http://ws.afnog.org/afnog2016/sse/index.html#postfix



Regards

Kevin

On 06/01/2017, 1:15 AM, "afnog on behalf of W W" <afnog-bounces at afnog.org<mailto:afnog-bounces at afnog.org> on behalf of wanyalanabi at gmail.com<mailto:wanyalanabi at gmail.com>> wrote:


Hi

Deploy Kerio Connect to listen on port on desperate box or on same Linux server.  If behind a router, set destination Nat to forward to say port 26, Kerio Connect will listen on that, filter, score and forward mail to local host port 25.

Mail me if interested on further help.

On 22 Dec 2016 17:14, "Hezron Mwangi" <hmwangi at kenet.or.ke<mailto:hmwangi at kenet.or.ke>> wrote:
Dear Raphael,

Maybe you can try building a mail filtering gateway that filters your emails before forwarding them to your mail server. In the mail filtering gateway you can run:

postfix as your MTA and ensure you do spf checking.
postgrey which does greylisting.
clamav which does virus scanning.
spamassassin which scores emails and identifies spam.
MailScanner which is a Powerful virus/spam scanning framework for mail gateways.

In addition you can try:

pyzor which is a Collaborative, networked system to detect and block spam.
razor-agents which is a Distributed, collaborative, spam detection and filtering network.

Kind regards,
Hezron Mwangi.

________________________________
From: "David Njuki" <njukey at gmail.com<mailto:njukey at gmail.com>>
To: afnog at afnog.org<mailto:afnog at afnog.org>
Sent: Wednesday, 21 December, 2016 18:39:56
Subject: Re: [afnog] I am getting porn spam emails

> I am getting porn spam mail everyday in my mail server. Each email
> are from different email addresses and domains. I have tried
> creating a filter, and I have tried reporting them as spam. I need
> to know how to stop receiving them.

There is no perfect solution against spam. To avoid *reading* it, the
best solution is a bayesian filter that you train. I use bogofilter
and I'm very happy with it (very few false positives and few false
negatives). But if you want to avoir *receiving* spam (because you
want to save not only human attention, but also bandwidth), this is
more complicated. Things that can help:

* reputable black lists. I say "reputable" because many lists are
badly managed. (I use mostly two Spamhaus lists, sbl-xbl.spamhaus.org<http://sbl-xbl.spamhaus.org/>
and xbl-xbl.spamhaus.org<http://xbl-xbl.spamhaus.org/>.)

* greylisting (in my experience, it kills half of the spam before it
reaches your email server (RFC 6647 is a good reading).  Some people
will claim it is useless because the spammers will adapt. Let them
trust their theory, I trust my practice.

As an addition to greylisting, also make sure you postfix does sender verification at smtp time. Many spammers fail this test.

Check how to enable here http://www.postfix.org/ADDRESS_VERIFICATION_README.html#sender_always

_______________________________________________
afnog mailing list
https://www.afnog.org/mailman/listinfo/afnog

_______________________________________________
afnog mailing list
https://www.afnog.org/mailman/listinfo/afnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.afnog.org/pipermail/afnog/attachments/20170106/8226a211/attachment.html>


More information about the afnog mailing list