The software update icon was jumping in my dock again after a longer time then expected. This time I was a bit more carefull after the unexpected Postfix issues with the last update. The updates are mostly security related and I think you need to apply this asap. I didn’t notice any problems after the reboot and everything is working. Read more about the update here.
I’ve been reading up on the topic of greylisting and the techniques behind it and found out that it doesn’t quite work if you have a backup MX mailserver that does not have the same policy as your primary server. That is the situation I’m in and I think most of you as well.
If you have greylisting implemented on your primary server any email arriving will be checked against a stored list of previous encountered mailservers and mailadresses. If the combination is not known the sending mailserver will be asked to try again later. Most spammers will leave it at that. If you have received an x amount of mails from the same mailserver and mailaddress that combo will be whitelisted and always accepted directly.
The problem with backup MX servers is that they will be whitelisted and you need to accept all mail from that server because it will keep trying (as it is intended to do) ! If you don’t have control over the backup MX server and they don’t have a greylisting policy like you have or don’t do spamfiltering you have a backdoor that is wide open for spammers.
Read more on the subject in this whitepaper which describes it all in more detail.
Before we can use/implement greylisting we need to turn of our current backup MX and find someone else who will use the same policies and will want to be our backup MX, or just live without a backup mail server…
I would like to know your thoughts on this. What can I/we do to work this out ?
As promised when delivering the DSPAM documentation I’ve finished how to setup maildrop today. I’ve got it running for a few days on my own server and I must say it works perfectly. All spam found by DSPAM is now put into a mailfolder of my choice and not in my inbox. I haven’t setup any fancy filtering yet just plain spam/nonspam filtering but it’s a start.
Next up is to have maildrop create folders that not already exist in your inbox when needed and to have users have their own filtering rules. Hope you like it as it is currently…
I once thought about the possibility of cramming Mac mini’s into a 1U server rack and co-locate it when I had problems with my DSL connections again. Jan commented that that was impossible. Today I’ve stumbled onto an old blogpost from 2005 where someone went out and actually did it ! He crammed two mini’s and 4 disks into a 1U server rack. Now where was that screw driver, I know it was here somewhere…
After installing DSPAM again on a different machine (someone else’s) I found there where some minor errors in the install documentation. Also other people left some comments in the blog about problems they had and posted questions in the DSPAM forum.
The things I’ve changed where:
- adding the ‘
sudo chmod o+x /usr/local/bin/dspam‘ command to prevent the error ‘
fatal: pipe_command: execvp /usr/local/bin/dspam: Permission denied‘.
- I’ve change the DSPAM startup documentation, there was a problem with starting DSPAM if MySQL wasn’t running yet. So I set the correct dependancies in the StartupParameters.plist and now that works. I also added the complete startup scripts as a downloadable file.
- The DSPAM training script is now working without any errors, sorry about that one…
Next up is maildrop and to write a script that will take care of false negatives (mail indicated as spam that really isn’t). When that is done we’ll pickup on greylisting as that seems to be something people really want.
While installing the DSPAM software at one of the people who use my setup (yes I will help you install if the task might look to daunting for you) I considered making the training script more dummy proof. In the first version of the script you had to separate out the tagged spam from the false negatives (missed spam email) because the script didn’t separate them. But the new version does, you can just use the Junk filter in your mail program to move everything to the Junk folder and only the unidentified spam will be fed to DSPAM for retraining.
Read all about it on the script training page.
Next up will be to deliver the identified spam email into a quarantine folder which will empty all email after a certain time. As we still need to check if DSPAM was too eager in to identify regular mail as spam, although I haven’t seen this happen on my server.
Just finished writing the next part of the DSpam documentation that was needed. It still needed a proper startup and shutdown procedure. So I started in writing a shell script that would take care of it and use that in the launchd scripts which would take care of starting DSpam at boot time.
It turned out to be simpler than I thought, I only needed to uncomment:
ServerPID /var/run/dspam.pid in the dspam.conf file to get a proper pid file which I could use to feed the kill command as Mac OS X hasn’t got the killproc command. When I had this figured out the rest was simple. Read the results on the starting DSpam page and use it to your liking.
I’ve decided to go public with my current version of my installation guide for DSPAM. Although it’s not quite finished and it still has some rough edges and I still need to add some features. It’s polished enough to get you a working version running on your mail-server which will eliminate quite a surprising amount of spam. You’ll need to train DSPAM to get some good results, use it a week and you’ll be amazed by it’s performance.
For instance: almost all stock selling spam (the ones with the image spam) get’s tagged as spam . If a new version of spam appears I just need to train DSPAM with a few examples and from then on they are identified as spam.
The setup I’ve currently chosen is to include DSPAM as a content filter for Postfix. This means that mail enters Postfix, is then fed through DSPAM which tags the emails and feeds it back into Postfix to have the emails delivered into the users maildir. Spam is indicated by some header tags but also the tag [SPAM] is added to the subject to be able to use a filter on my email client. DSPAM is trained by putting the missed spam messages into the users Junk folder on the IMAP server. A script that runs overnight feeds them to the DSPAM training program.
One of the features I want to add in the near future is to use maildrop to drop spam messages into the users Junk folder.
Read all about installing DSPAM using my existing mailserver setup in the documentation.
I hope you enjoy the benefits of DSPAM as well as I do.
Just got an email telling me that the XCode developers tools have been update to release 2.4.1. It’s not a major upgrade, just some small improvements and bugfixes:
- Stability and security fixes in the Xcode IDE, cctools, debugger, and compiler
- CHUD has been updated to version 4.4.3. CHUD also releases independent from the Xcode Tools releases. Current versions of CHUD can be found at: http://developer.apple.com/tools/download/
- The 10.3.9 and 10.4u SDKs have been updated.