Spam fighting solutions PLEASE!

I hate to recommend this but I found that a huge percentage of spam comes from countries you could probably do without.

We have taken to blocking wide ranges of IP's from Russia, France, Poland, etc..

Even with spam rules or RBL services like Spamhaus or NJABL we still have to deal with the connections, handshake, rejections and all the i/o and processing it takes to do it.

Blocking massive ranges of IP's via software or hardware firewalls just cuts off any TCP talk at all and reduces spam as well.

So much spam is tricky enough to get around normal rule sets, at least cutting them off earlier reduces ALL traffic from the bad guys so at least a good percentage of the garbage is never even seen.

 

I'd say ASSP is most definitely worth it. I've used it over the past year and it's incredibly intuitive.

 

You know, with a little judicious adjustment, SpamAssassin is just about perfect for us. The settings in WHT and cPanel 11 give us plenty of elbow room to block 99% of spam, but we check the option to create a Spam folder, so we can keep tabs on legitimate mail.

My SpamAssassin setting is 4. And we have Exim, via WHT, adjusted to delete anything with a 10 or more rating. and we have also selected the option labeled "Reject mail at SMTP time if the sender host is in the zen.spamhaus.org, or bl.spamcop.net rbl."

We've never lost a single e-mail we needed to receive that we are aware of, and mistakenly flagged legitimate messages are minimal with tha setting.

FYI: We have four busy sites on a VPS system, with several hundred legitimate messages received every day. We have used dedicated e-mail hosting, with supposedly advanced spam settings, and it was no better.

Of course, these settings might not work for you, but for the variety of mail we get, it's just fine and I have no complaints. The Spam filters are not overwhelming, and everything is manageable.

Peace,
Gene Steinberg
Co-Host, "The Paracast"
www.theparacast.com

 

AFAIK, most spam originates from servers hosted in the US

- Vince

 

Fighting SPAM

i have use ConfigServer's dictionary attack tool ... just a little perl script that would deny ip's doing dictionary attack , works great for me ... i'll let you guys know tomorrow how it would turn out since most of the attacks starts Tuesday(my time) Philippines.

 

Very interested in this - how did you do it please ? Is it possible on shared servers please ?

Any help much appreciated.

Chris.

 

Correct
According to project honeypot (what a name ).