I was recently tackling a spam issue today.
A domain I have (no, its not this one, and its not the other popular one), has been getting spam sent to it at a not so low rate.
The domain doesn’t have a link in the search engines, and hasn’t been published anywhere.
But the spammers still have a go don’t they.
Anyway, the catch all was doing just that, catching it all. So the spammers were having a party sending spam to a catch all address that is unmonitored really, unless I manually decide to go and check it for anything lost (rarely ever).
So I investigated a few options. And decided I would see if I could sort out another issue that was bugging me recently, relaying mail via the ISP. A pain when you want mail to originate from your own server.
The solutions were all centered around ISPConfig, however, the setup I run doesn’t use MySQL. So, I tried to skim those for anything obvious that was stopping me relaying email directly.
I didn’t want to use mynetworks, as this isn’t ideal for the situation, I wanted something specific that would do the trick.
And then it came to me.
The spam emails are all just guesses at domains and don’t even come close to the right domain that I am running on.
The addresses they came from all were from seemingly existent domains.
So I added a regexp to kill all the email to the address they were attacking at, and viola. Bye spam. I also implemented a DNSBL, however, I remain under testing on this one because, just like Telstra with a national telecommunications network, you can’t trust one person to provide you with a service consistently and with good service.
The mail has been flowing through nicely, and it seems to have reduced the issues to start with, of spam, at the same time, allow me the access for relaying messages directly through the server, without turning it into an open mail relay, and doesn’t use Sorbs for their blocking (all dynamic IPs? Come on!), and seems to handle all email thus far rather nicely.
I’ll keep monitoring the logs though and if anything seems out of whack, will be able to revert the changes or update them.
SMTP servers are absolutely not the easiest to configure. They aren’t out of this world, but the particular one I was configuring this time was a little more difficult and the information, and the logging messages weren’t very helpful!
But through those hours of chopping into it, i’ve got the setup that is great, I get emails in and out, the spam is down to.. well, assumably 0.
Enjoy!
2 Responses to Spam Prevention – A different view