Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I being experimenting with fetchmail, sendmail and spam assassin. I'm relatively happy with the results so far. I'm now recieving so much junk mail that almost every message bar a couple are junk.
So this is what I want to do:
When I recieve a message from an unknown email address, I want my server to automatically send a verification email out to the sender to verify that they exist. I don't want the email placed into my inbox until a verification is received - this will weed out many of the junk mailings that come from bogus addresses. If an email address does not exist, then I want to automatically delete the email) or if a verification is not recieved within 12 hours), then I want it sent to another email box, reviewed through spam assassin and stored for later review (in other words the email address exists, but the sender hasn't verified there existance yet).
look into mailing list managers that use a hyperlink to verify a subscription, im sure you could hijack some code out of there and use it for aouthentication of valid email accounts and it will automate the whole process. Also, are you planning on holding the message enque for those 12 hours or whatever? Cause those individuals are going to be getting undeliverable messages while waiting if you arent and then they are likely to send again, and again, and again.
another thought, you could reject all emails not in your db, then in the undeliverable message, include a hyperlink to validate...etc. then when they resend them, they will get through.
Sorry i couldnt be of more help, but this is the direction i would take. ...
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
There have been several commercial anti-spam products built on this concept, and they share one thing in common: total disaster. People don't like having to work to send you things, it's insulting to make them jump through hoops just to have the privilage of sending you an e-mail. I suggest you just drop the whole idea before you actually get it set up and start annoying people to death (BTW these systems are ESPECIALLY annoying when you subcribe to mailing lists... guess what? the entire list gets your "confirmation" e-mail).
Okay - so it's going to annoy everybody. But what does one do to stop being harassed by 100's of emails a week. I know I can just get another email address, but I like it too much. I don't think anybody can answer the question of how to stop junk mailers - it's a really big problem and it's destroying the user experience of email. I'm only thinking along these lines as desparate measures to get around the problem until somebody out there work's out a full-proof way of getting rid of the junk mail.
Proactive filtering of spam can happen with a few products out there currently that won't eat or annoy the legitimate mailers.
First off, you might want to try using an RBL (Realtime Blackhole List) or ORDB (Open Relay Database) against the addresses for your top level/first filtering, this way you just drop connections before they are even processed by any of the mail system:
You can search for rbl or ordb on google and get some other results too.
Secondly, the next level of protection against such things is to have a host verification for each incoming mail. Since there are quite a few mailings that come from bogus hosts, using a DNS lookup on incoming mailings may help a bit as well. Again, we are minimizing our CPU/time usage on this with a simple look up before we even process the mail and dropping if it fails.
Third, we get into the actual processing of junk mail with SpamAssassin used. I have actually not used SpamAssassing myself, so I can not guide at this point about settings or config for it, but it has gotten quite a few thumbs up around the net even though it is a Baysian filter and can be defeated by the random word headers and other tricks.
If you are receiving quite a few of the random header mailings, almost no filter is going to do you any good only because the tracking done on messages can not deal with the huge dictionary and randomness that the spammers are using. That is one of the reasons I suggest the first two steps, to filter out which servers can actually even talk to you.
I am sure there are quite a few other people here that can point you in some better filter or server directions than me, I am still not fully up to date on all of the software.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
RBLs can help cut down on the sheer volume. Here is a much bigger list of RBLs. The problem is that some of them just add IPs with reckless abandon and don't have any real complaint resolution system to remove false positives. I've used Spamhaus and Spamcop. I'm very impressed with the accuracy of Spamhaus, but it doesn't block a huge amount of messages (the msgs it does block are always bad, though). Spamcop blocks a lot more messages, but I've also had some false positives. Don't even think about using the SPEWS list. About 12% of the mail it blocks is legitimate.
Reverse DNS checks are a counter-productive way to block mail. They work on the outdated notion that one IP has one hostname, which is not true any more. Even if it were, a lot of admins don't properly setup their reverse DNS zones so the test would fail any way. It's not the users fault that their admin is lazy/stupid/etc. Do not use reverse DNS checks to block mail (unless you can use them in a weighted system, but that's a fairly advanced concept).
Other than that, just make sure your SpamAssassin is completely up to date. Realize that spammers have access to SA just like anyone else does, so the good spammers will download SA and test their messages against it until they go through. The only way to have a prayer against tactics like that is to have the most recent SA possible and hopefully the spammers won't have re-run their tests yet.
If you want real spam blocking, you'll have to pay for it. There are a number of commercial products on the market that do an excellent job of stopping spam, but they certainly aren't free...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.