[ILUG] Advice on Anti-Spam Strategy/Blocking Software
aj.mckee at gmail.com
Thu Nov 8 12:34:25 GMT 2007
I went through this a while ago too. While I will admit I am not the
hotest admin in the world, spamassin and the other various open source
solitions for combating spam are easy enough to install and configure.
They are great if all you want to protect is a few user accounts. In
fact the would be great in protecting more that just a few but you need
to think very carfully about it in larger environments.
I decided on outsourcing the whole lot to someone else due to the
following reasons (in no order)
1. Volume - The required protection level and the volume of mail inbound
and outbound meant running SA on the same host as the mail server would
have a performance imapact
2. Manageability - I'm getting older and lazy, I did not want to have
another box/service to admin
3. Redundancy/Scale - Will I need two, just in case one went down? What
happens if I piss someone off and I all of a sudden am coping with
multiple dict attacks or having a zombie army honed in on me
4. Users - They need a simple to use interface to control their mail
settings. There are tonnes of them out there, but again all required
admin time, something I did not have, on top of that the support calls
because they can't read.
5. Users Part 2 - Users are not always bright people, especially in
win32 land it appears. Someone breaches a policy, you have a compromised
machine that is acting as a relay for a short amount of time before you
detect it, someone reports you to spamcop.... more time clearing up the
mess... not just after killing the user, but in sorting out spamcop etc
In short what I am saying is, if you have a low amount of users and
time, by all means go with SA and any other combination of filtering
but challenge response is kinda a dead fish these days. You will learn a
lot and have quite a lot of fun (yes SA is fun!!!! I promise). If you
have low amounts of time and lots of users, make it someone elses
problem. Sure they may even be running SA, but the point is, its their
problem to then filter your mail. and do it well. There are tonnes of
companies doing this these days, but I can only think of 2 that do it
really well IMHO. I'm not knocking SA at all here, more stating that I
am lazy these days, and while I run it for my own personal stuff,
business wise, I let someone else have to worry about it.
Kieran O'Sullivan wrote:
> I am looking for some advice on an anti-spam strategy. I have looked up
> spam blockers and from what I have read SpamAssassin seems to be prity
> good. However I am managing a webmaster and info account and I have come
> to the conclusin that some kind of e-mail verification method will be the
> I seen very good e-mail verification system a few years ago if you
> e-mailed this address you were challenged with an e-mail to which you had
> to reply. Once you replied you were put into the "safe list" and never
> got challenged again.
> I would really love a system like this especially if it would work with
> This system must run on linux.
> Another thought I had was to disable the info and webmaster accounts this
> however is not an option I like but I know some people who have done it
> and it certainly works.
More information about the ILUG