TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Brooklyn NYC
 ·Verizon Online DSL
| reply to n2jtx
Re: Duhhhhhh I get NO SPAM!
said by n2jtx  : I did use RBL for a while but I found many false positives with that route when relying on only one list.
I use RBLs with "delay_checks" which allows milters to have a go first. The two milters, which alone account for nearly 100% of the spam blocking is milter greylist, and milter-regex set up thus:
# reject things that look like they might come from a dynamic address
reject "Looks like an end-user address [rgx]"
connect /[0-9][0-9]*\-[0-9][0-9]*\-[0-9][0-9]*/ //
connect /[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*/ //
connect /[0-9]{12}/e //
#
reject "Malformed HELO (not a domain, no dot)"
helo /\./n
#
reject "No RDNS [rgx]"
connect /\[.*\]/ //
#
reject "Proaxad end-user SPAMMER [rgx]"
connect /.*\.fbx\..*/ //
#
reject "Verizon Dynamic IP"
connect /.*\.pub\.verizon\.net/ //
#
reject "Verizon Fios IP"
connect /.*\.fios\..*/ //
#
reject "Static End-User IP"
connect /.*\.static\..*/ //
connect /^static\-.*/ //
connect /^cpe\-.*/ //
connect /^CPE\-.*/ //
connect /^cpc\-.*/ //
connect /^pc\-.*/ //
connect /^port\-.*/ //
connect /.*\.shared\..*/ //
connect /.*\.rev\..*/ //
connect /.*\.ptr\..*/ //
#
reject "Dynamic pool"
connect /.*\.pool\..*/ //
connect /^pool\-.*/ //
connect /^port\-.*/ //
connect /.*\.pools\..*/ //
connect /.*\-POOL\-.*/ //
#
#
reject "End-User"
connect /^host\-.*/ //
#
reject "Dynamic Client"
connect /.*\.client\..*/ //
#
reject "Broadband"
connect /\.broadband\./ //
#
reject "VDSL"
connect /^VDSL.*/ //
#
reject "PPPOE"
connect /.*\.pppoe\..*/ //
connect /.*\.pppool\..*/ //
#
reject "Dynamic"
connect /.*\.dyn\..*/ //
connect /^dyn\-.*/ //
connect /\.dynamicIP\./ //
connect /.*\.dynamic\..*/ //
connect /.*\.xd\-dynamic\..*/ //
#
reject "Dialup"
connect /.*\.dip\..*/ //
connect /.*\.dip[0-9]\..*/ //
connect /.*\.dial\..*/ //
connect /.*\.dialup\..*/ //
#
reject "cust-adsl"
connect /.*\.cust\-adsl\..*/ //
#
reject "DHCP"
connect /.*\.dhcp\..*/ //
connect /.*\.adsl\-dhcp\..*/ //
#
reject "End-User"
connect /.*\.user\..*/ //
connect /^user\-.*/ //
connect /^softbank.*/ //
connect /.*\.intra\..*/ //
connect /.*\.numericable\..*/ //
connect /.*\.cablelink\..*/ //
#
reject "adsl"
connect /.*adsl.*/ //
connect /^adsl\-.*/ //
#
reject "dsl"
helo /.*dsl\..*/
#
reject "internetdsl"
connect /.*\.internetdsl\..*/ //
#
reject "PPP"
connect /.*ppp\-.*/ //
connect /^ppp\-.*/ //
#
reject "HSD1"
connect /.*\.hsd1\..*/ //
#
#
reject "Cable"
connect /.*\.cable\..*/ //
#
reject "Road Runner"
connect /.*\.res\.rr\.com/ //
connect /.*\.biz\.rr\.com/ //
#
reject "PayPal Phish"
header /From/ /.*<service@paypal.com>.*/
#
The idea being that anything coming directly from an end-user IP is spam. The great part of this is that the connection is immediately dropped at connect-time.
So, inbound mail has to negotiate regex-filtering, then grey-listing, then it has to pass several RBLs, and finally spamassassin. I get literally NO spam at all, and only about 2-3 spams get caught by spamassassin each week.
I use dyndns pointing MX directly to my dynamic ADSL IP, and use a pay service for outbound mail; smarthosted via smptauth (panix.com, $100/year for basic shell/smtp). I have used the same email address since 1984!
Bob
--
Motor Vessel - Tamara B.
43' Long-Range Trawler
Cape Elizebeth ME.
See her Here. |
