I have a dedicated server, and I'm drowning in spam. What's the best way you've found to stop spam at the server? Ideally I'd like to bounce back spam so it looks like my e-mail address is no longer valid. Thanks for any suggestions!

We use Postini, http://www.postini.com/ and it seems to work very well. They also offer virus filtering.

Another one is BrightMail - http://www.brightmail.com

One thing to do is make use of rblsmtp, to block servers that are blacklisted if you use qmail. I'm not sure if there is an equivilent for sendmail. wirehub (http://basic.wirehub.nl/spamstats.html) has some good info on running against RBL's as well.

-Dan

I've found that using ORDB works best for me.

You can incorporate in more or less every mailserver out there (also sendmail).

Check out: http://www.ordb.org/

Thanks, everyone. Any other suggestions?

I know that the Ensim control panel allows you to add e-mail addreses/domains to reject e-mails, not sure about Plesk though.

I know that the Ensim control panel allows you to add e-mail addreses/domains to reject e-mails
I can do that with Webmin and I have closed server access to specific IP addresses and blocks, but doing it all by hand takes too much time. My options are either automating the process or changing my e-mail address on a regular basis, which would be a PITA but would probably work. I'm looking for a freeware solution as the dedicated server is just for one resource-intensive website.

I got an account with spamcop.net.
I then set it up to check my other pop mailboxes. This way it filtered the mail and I can retrieve it using my pop mail client.

Works good so far and they have a good automated method to report spam.

deb

we just added alot of the black lists to our exim config, it cut spam by about 99%, which do u use? sendmail..exim....??

There are different types of blacklists:

- Blacklists that list only IP addresses that relay unauthorized mails (open relay). Example: ORDB, MAPS RSS, ORBZ.

- Blacklists that list IP addresses that are friendly to spammers. Example: MAPS RBL

- Blacklists that lists IP addresses pool used by dial up users. Example: MAPS DUL

- Blacklists that list IP addresses that doesn't do fully verified opt-in mailing list. Example: MAPS NMP

- Blacklists that list IP addresses that sell spamware or related material. Example: SBL.

Now, the question is which ones are the most effective against spam without interfering with legitimate email traffic?

I personally use open relay blacklist only.

Thanks for your replys; and for that list, priyadi.

.qmail is installed on the server, its ability to block e-mail by domain name or specific e-mail address doesn't work reliably but otherwise I'm happy with it. I get several dozen spams for every legitimate e-mail, and have deleted some legitimate e-mails by accident as a result.

Of the blacklists, which ones do y'all use and which have you found to be effective? My inclination would be to use almost all of the ones priyadi listed!

Originally posted by Deb Suran
Thanks for your replys; and for that list, priyadi.

.qmail is installed on the server, its ability to block e-mail by domain name or specific e-mail address doesn't work reliably but otherwise I'm happy with it. I get several dozen spams for every legitimate e-mail, and have deleted some legitimate e-mails by accident as a result.

Of the blacklists, which ones do y'all use and which have you found to be effective? My inclination would be to use almost all of the ones priyadi listed!

Well, I would call that overkill. Remember it takes a certain amount of time to do a RBLCheck, doing 20 of them takes 20 times as long.

I use just ORDB and nothing else.

Originally posted by Deb Suran

Of the blacklists, which ones do y'all use and which have you found to be effective? My inclination would be to use almost all of the ones priyadi listed!

I think that's not a good idea. You need to selectively choose a blacklist. Some blacklists are not responsible, take a look at the ongoing SPEWS thread. Also, by blindly using all blacklists you risk losing legitimate emails.

I use SpamAssassin on my personal e-mail and it effectively keeps out about 80-90% of the spam I get. I don't think it's filtered out any non-spam mail by mistake either.

http://www.spamassassin.org/

I agree with most that you shouldn't use more than say two RBLs at once, or you'll greatly increase the duration of your SMTP connections.

I loved ORBS, but they went down, and the first to replace them I think was ORBZ. Well, it's who we're using now.

It blocks SOOOOO much spam, and never a complaint from a customer about anyone legitimate being blocked.

Hi All. Sorry to drag up an old thread but I wanted to report on my final decision since I started this discussion. It did seem to me that http://www.spamassassin.org/ would be the best solution but my sysadmin coudn't get it to play nice with qmail, the mail system used by my host. This week he installed http://www.ordb.org/, and it has cut the spam I'm getting by about 85%. Thanks to everyone for your suggestions.

Originally posted by Deb Suran
Thanks, everyone. Any other suggestions?


Messagelabs (http://www.messagelabs.com)

I will agree that Postini is pretty nice. I've never used Brightmail, but I do know that it is much more expensive than Postini (at least from the quotes that I received), and that users are unable to review blocked mail or configure their blocking levels.

If you're going to do it yourself to save some money, SpamAssassin is probably the way to go.

The ORDB (http://ordb.org/) and DSBL (http://dsbl.org) DNS blocklists both do a good job of listing misconfigured or compromised machines. You can use either of them with little to no false positives. Spamhaus (http://spamhaus.org) lists many high-profile spammers, and I'd recommend also using it.

I wouldn't be so paranoid about using multiple RBLs. The first failure will cause it to stop there and not check further. Also, since these checks are regular DNS lookups they can be cached just like any DNS request, and aren't really that slow... the most important thing is the order that you check -- put the largest DNSBL first so that it catches most spams initially.

Also, for a good list check here: http://openrbl.org/zones.htm

aside from RBLS, i still got alot of spam, until i found ASK (Active Spam Killer)

I can HONESTLY say i get ZERO spam these days, from 100+ a day (across allll accounts) to NOTHING, NADA, ZERRRRROOO

Check it out @ http://www.paganini.net/ask/

Its very easy to install (RPM) and install on each users acct, configuation takes about 20 minutes, after that ur all set to go