« Who changes the light bulbs? | Main | In Stock? »

February 08, 2007

Anti-Spam

Spam is a big problem, blah blah, everyone knows that by now. I had a chance recently to work on an anti-spam solution implementation. I thought I'd share some of the results. We implemented the solution with all open source products. Postfix was used up front as the MTA. The first line of defense was the Spamhaus SBL and XBL lists, dropping approximately 50% of incoming messages. From there, we used SQLgrey to implement greylisting, knocking out roughly a further 40% of the incoming messages. Next the MTA was setup to reject mails to invalid recipients where it could determine validity (Exchange severs are set by default to give moot answers to vrfy requests). Then the remaining messages got passed through SpamAssassin. We configured SpamAssassin to use the RBL tests, the Razor hash system and some custom rules, scores and RBLs. There were some false positives and negatives, most of the false positives were removed with tweaks to the rules. Approximately 0.3% of the incoming messages were delivered to the end recipient. The peak traffic day saw around 1,300,000 incoming messages which resulted in around 4,000 actual messages delivered to user accounts. The solution we implemented was a front end anti-spam filter for several different domains. We noticed that each domain had a unique set of spam directed towards it and each of the anti-spam measures varied in effectiveness for that domain.

Comments

Post A Comment




Remember me?






Created By: Steven Nikkel (steven_nikkel@ertyu.org)
This webpage and others materials are Copyright © 1997-2016 Steven Nikkel, All Rights Reserved
counter