On Mon, 2007-07-30 at 11:25 +0100, Andy Green wrote: > I found this to be really effective for over a year now: > > - greylisting (I use gps + sqlite) I'm not enamoured of greylisting, though that might be down to the poor implementations of it that've held my mail up for hours, rather than greylisting in itself. > - Spamhaus RBL lookup (IPs that are detected by Spamhaus as sending > spam to their fake emails get blacklisted here) Do they get false positives added by malicious people? One of my hosts uses a RBL system, but I don't think it's spamhaus. > - tight rules on postfix: > > - insist that the server has reverse DNS Not all do, nor do they really have to, even if it's a damn good idea. This could be a problem. > - insist that the recipient user actually exists (end of most > virus mails) Does it also reject if the message has more than one recipient, and they're not all real users? I put a bait address into a HTML comment on my website, anything that spammed that (along with any other address) got trashed. No real user would have seen the bait, but HTML trawlers would. I could kill that mail with 100% certainty. -- [[email protected] ~]$ uname -ipr 18.104.22.168-33.fc7 i686 i386 Using FC 4, 5, 6 & 7, plus CentOS 5. Today, it's FC7. Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.