Re: proposed postfix changes

On Tue, Mar 30, 2010 at 05:32:11PM -0400, Jeff Schroeder wrote:
> So lets start off with good job christer for starting this ball
> rolling. Here are a few deliverables and some possible steps to move

Yeah, thanks. I am usually very short and to the point. I do appreciate
this and other stuff.

> forward. Please chime in with your thoughts positive OR negative.
> You (Olav) mentioned sometime ago that the spamassassin rules updating
> cronjob was broken or needed some attention. It looks like
> /etc/cron.d/sa-update is simply commented out. From reading the

Because it wasn't updating it was commented out. We also have something
like rules-du-jour or something. There are some highly used but
non-standard Spamassassin rules which block a lot.

> spamassassin docs it seems the only real "downside" is that it will
> overwrite existing rules. I'll backup the existing rules and run it
> manually to see if everything still works ok. If mail still flows fine
> and there are dramatically more false positives, we can enable the
> cronjob. In other distributions, this cronjob is actually enabled by
> default.

It was only disabled because the update process broke, not because of
the rules breaking stuff or anything.

> I'll backport the Fedora version of postgrey to EL5 and throw it in
> the gnome yum repos. We can create a puppet module for it to be
> installed and all happy-like. Christer is willing to set it up and we
> will all carefully watch it. If it starts eating mail we'll revert it
> all.

Should auto set itself up using Puppet.

> Chances are, that will cut down a lot of the spam we're getting to
> gnome email. If not, we can look into the more postfix specific
> filtering suggested at the start of this thread. Perhaps it is wrong
> to say it, but if people are using crappy mail clients, they should
> change them. The majority of users shouldn't have to submit to more

If you run into crappy mail clients that you reject too early, some will
DoS your mailserver. Not ok. Anyway, it doesn't matter at all, just
check & reject everything at the RCPT TO stage.

> spam because a small minority of users use buggy clients such as
> Outlook. In the end, it does more harm than good as gnome
> infrastructure is seen as ill maintained and full of spam.

I'm not talking about Outlook. I'm talking about other SMTP servers
(which connects like a client to our Postfix server).


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]