I am involved in a very personal war … a war on Spam not because I must, everybody else lives with it, but just because it makes me mad!  Spam has made me so mad I have gone on a personal goal to cut the Spam on my servers to 0%…realistic, probably not.  Die trying…yep that’s me.

I have to admit that some of my anger with Spam is the number of robo calls I received during the recent election…I mean wow I started casting my votes against the ones that called….yep the candidates that called me more than 6 times all got a vote against them. Really it is all basically the same thing, people are using you and your resources to get ahead.

So in this “adventure” of finding as many ways as possible to combat spam I continue to work with the excellent mail server Postfix.  The more time I spend with Postfix the better I like it and the more features I find I can use and create unique ways to attack the Spam issue.

One of the things I like about Postfix is many options to deal with Spam.  Using a combination of configuration options I have made huge inroads to meeting my goal of 0%. It was not really rocket science but more of making some additional effort to deal with several smaller issues. header checks is just one of the options available.   One of the reasons that header checks can be so effective is that Postfix allows you to drop mail before you waste server resources on it.  Yes…that is very important when you realize that between 70-95% of all mail you get is trashed.  As a mail server administrator and as a person who must purchase the hardware for the server, that makes me frustrated because 70-95% of my costs are based on Spam.

Here are some ways I have dealt with SPAM:
( I will continue to document my war with Spam at Postfixmail.com a blog dedicated to Postfix.)
Content Filters
Address Verification
Blackholes
Networks
Block Country Subnets

Header checks with Postfix can be used to deal with unwanted mail before your server wastes time with it.  Created the file /etc/postfix/header_checks and then add this line in your main.cf.

header_checks = pcre:/etc/postfix/header_checks

The format line for each header check follows this pattern:

/^HEADER:.*content_for_review/   ACTION

The HEADER that you usually will act on is the Subject header.  However, you can also filter headers based on the X-Mailer.  One idea is to DISCARD all mail that comes from typical X-Mailers that a Spammer will use.  Here is a list of X-Mailers that you could place in your header_checks file.  Note that often you will use REJECT to send a message back to the user but with these known mailers you probably do not want to send anything back to them.  Note also, that this method is bound to create some false positives, so test it for yourself before you make any final decisions.

# Following is a list of known mass mailer programs.
/^X-Mailer: 0001/                               DISCARD
/^X-Mailer: 007 Direct Email Easy/                          DISCARD
/^X-Mailer: Advanced Mass Sender/                          DISCARD
/^X-Mailer: Aristotle /                          DISCARD
/^X-Mailer: Aureate Group Mail/                          DISCARD
/^X-Mailer: Avalanche/                          DISCARD
/^X-Mailer: commercialmail /                          DISCARD
/^X-Mailer: Copia emailFacts /                          DISCARD
/^X-Mailer: Crescent Internet Tool/             DISCARD
/^X-Mailer: CyberCreek/                          DISCARD
/^X-Mailer: DiffondiCool/                       DISCARD
/^X-Mailer: Dynamic Opt-In Emailer /                          DISCARD
/^X-Mailer: DMailer /                          DISCARD
/^X-Mailer: eGroups Message Poster /                          DISCARD
/^X-Mailer: E-Mail Delivery Agent/              DISCARD
/^X-Mailer: Emailer Platinum/                   DISCARD
/^X-Mailer: E-mail sender /                          DISCARD
/^X-Mailer: e-Merge  /                          DISCARD
/^X-Mailer: Entity/                             DISCARD
/^X-Mailer: Extractor/                          DISCARD
/^X-Mailer: Floodgate/                          DISCARD
/^X-Mailer: GMail2 /                          DISCARD
/^X-Mailer: GOTO Software Sarbacane/            DISCARD
/^X-Mailer: Inet_Mail_Out /                          DISCARD
/^X-Mailer: jfmailer /                          DISCARD
/^X-Mailer: Mail Bomber /                          DISCARD
/^X-Mailer: MailWorkz/                          DISCARD
/^X-Mailer: MassE-Mail/                         DISCARD
/^X-Mailer: MaxBulk.Mailer/                     DISCARD
/^X-Mailer: MailKing /                          DISCARD
/^X-Mailer: Mailloop /                          DISCARD
/^X-Mailer: MailXSender /                          DISCARD
/^X-Mailer: MassE-Mail /                          DISCARD
/^X-Mailer: MultiMailer /                          DISCARD
/^X-Mailer: NetMasters SMTP /                          DISCARD
/^X-Mailer: Opt-In Lightning /                          DISCARD
/^X-Mailer: PersMail /                          DISCARD
/^X-Mailer: PLAUZIUM /                          DISCARD
/^X-Mailer: Power CGI Bulk /                          DISCARD
/^X-Mailer: Prospect Mailer /                          DISCARD
/^X-Mailer: News Breaker Pro/                   DISCARD
/^X-Mailer: SmartMailer/                        DISCARD
/^X-Mailer: Sparc12 /                          DISCARD
/^X-Mailer: StormPort/                          DISCARD
/^X-Mailer: SuperMail-2/                        DISCARD
/^X-Mailer: Super-Duper-FastMail/                          DISCARD

  • Share/Save/Bookmark