[ILUG] Advice on Anti-Spam Strategy/Blocking Software

Thu Nov 8 12:34:25 GMT 2007

Hi Kieran,

I went through this a while ago too. While I will admit I am not the 
hotest admin in the world, spamassin and the other various open source 
solitions for combating spam are easy enough to install and configure. 
They are great if all you want to protect is a few user accounts. In 
fact the would be great in protecting more that just a few but you need 
to think very carfully about it in larger environments.

I decided on outsourcing the whole lot to someone else due to the 
following reasons (in no order)

1. Volume - The required protection level and the volume of mail inbound 
and outbound meant running SA on the same host as the mail server would 
have a performance imapact
2. Manageability - I'm getting older and lazy, I did not want to have 
another box/service to admin
3. Redundancy/Scale - Will I need two, just in case one went down? What 
happens if I piss someone off and I all of a sudden am coping with 
multiple dict attacks or having a zombie army honed in on me
4. Users - They need a simple to use interface to control their mail 
settings. There are tonnes of them out there, but again all required 
admin time, something I did not have, on top of that the support calls 
because they can't read.
5. Users Part 2 - Users are not always bright people, especially in 
win32 land it appears. Someone breaches a policy, you have a compromised 
machine that is acting as a relay for a short amount of time before you 
detect it, someone reports you to spamcop.... more time clearing up the 
mess... not just after killing the user, but in sorting out spamcop etc

In short what I am saying is, if you have a low amount of users and 
time, by all means go with SA and any other combination of  filtering 
but challenge response is kinda a dead fish these days. You will learn a 
lot and have quite a lot of fun (yes SA is fun!!!! I promise). If you 
have low amounts of time and lots of users, make it someone elses 
problem. Sure they may even be running SA, but the point is, its their 
problem to then filter your mail. and do it well. There are tonnes of 
companies doing this these days, but I can only think of 2 that do it 
really well IMHO. I'm not knocking SA at all here, more stating that I 
am lazy these days, and while I run it for my own personal stuff, 
business wise, I let someone else have to worry about it.

my 2c

AJ

Kieran O'Sullivan wrote:
> I am looking for some advice on an anti-spam strategy.  I have looked up 
> spam blockers and from what I have read SpamAssassin seems to be prity 
> good.  However I am managing a webmaster and info account and I have come 
> to the conclusin that some kind of e-mail verification method will be the 
> best.
>
> I seen very good e-mail verification system a few years ago if you 
> e-mailed this address you were challenged with an e-mail to which you had 
> to reply.  Once you replied you were put into the "safe list" and never 
> got challenged again.
>
> I would really love a system like this especially if it would work with 
> sendmail.
> This system must run on linux.
>
> Another thought I had was to disable the info and webmaster accounts this 
> however is not an option I like but I know some people who have done it 
> and it certainly works.
> Thanks
>   