Security Basics mailing list archives
RE: Mail relay question
From: "Ric Messier" <kilroy () WasHere COM>
Date: Fri, 22 Feb 2008 12:51:27 -0700
Be grateful it's only 5000 in a month. I typically discard 2000-3000 e-mails a day. I use postfix with a set of rules to discard incoming connections that might appear to be spam (can't look up hostname, host is on an rbl, malformed requests, etc). After postfix is postgrey which is a nice piece of grey-listing software. Finally, I use amavisd with clamav and spamassassin. There is a nice little log parsing utility for postfix which will tell you how many messages it discarded, how many it accepted, the hours it accepted them, the size of the messages for each recipient, etc, etc. I run it nightly and generally try to keep an eye out for anomalies. Of course, I'm not in a particularly usual situation when it comes to a personal domain. As you might expect, my e-mail address is pretty popular for people who want to use a fake. I've also had this address for a long time so it's gotten around a bit. I would strongly recommend reading a good tutorial on how e-mail and SMTP in general works. There are several around. I'm sure google could turn something up for you. The various books on sendmail, postfix, even Exchange should provide an overview of how things work. You could also read the STMP RFC for the answers from the authoritative source. I used to find that books like Evi Nemeth's System Admininstration series were helpful for giving an overview of protocols. Hope this helps. Ric
Current thread:
- FW: Mail relay question Nick Vaernhoej (Feb 22)
- Re: Mail relay question 0x90 (Feb 22)
- RE: Mail relay question Nick Vaernhoej (Feb 22)
- Re: Mail relay question 0x90 (Feb 25)
- Re: Mail relay question Aaron Howell (Feb 25)
- Re: Mail relay question Ansgar -59cobalt- Wiechers (Feb 25)
- RE: Mail relay question Nick Vaernhoej (Feb 22)
- Re: FW: Mail relay question Ansgar -59cobalt- Wiechers (Feb 22)
- Re: FW: Mail relay question Aaron Howell (Feb 22)
- RE: Mail relay question Ric Messier (Feb 22)
- <Possible follow-ups>
- Re: FW: Mail relay question rafael . almeida (Feb 25)
- Re: Mail relay question 0x90 (Feb 22)