Spam and Postfix
From Zanecorpwiki
The two main tools in your anti-spam toolkit are RBL lists and content analysis via Spamassassin.
RBL Lists
Real Time Blackhole List lists are the first line of defense.[notes 1] They are relatively quick and keep bad mail from getting in the queue. Setting up an RBL is easy enough, just add a declaration to 'smtpd_recipient_restrictions' and reference the RBL source:
smtpd_recipient_restrictions = ...reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net...
Where the '...' indicates additional options. With this, you should see messages like rejected by zen.spamhous.org start showing up in the mail log. As with any spam software, there's the possibility of false positives (denying good mail). However, in the best case, mail which is denied will try again at a later time and the sender will have been removed from the RBL if they don't properly belong there.
Content Analysis and SpamAssassin
TODO: previous versions of this page describe how to set up spamassassin via 'spampd', which is no longer supported and started giving me trouble. I've since set up spamassassin via my distro, but foolishly didn't take any notes. Maybe because it was so straightforward... ?
Commentary
In my experience, I got more false positives from RBL than from Spamassassin. However, when I say "more", I should also point out that I haven't noticed a false positive from either in quite awhile. (Like over a year.) This doesn't mean there haven't been some false positives, just that nothing important enough to notice ("Did you get my email?") has been lost.
Spamassissin can be time consuming, and the way I had it originally set up, it would incur minutes of delay and, during the occasional spam flood, would start to back the system up. This has been less an issue with my newest setup, so it's likely the problem was due to my configuration more than a fundamental flaw in Spamassassin itself.
It is nice to be able to redirect your spam to a spam user on the mail server, which can be reviewed for false positives from time to time. This was one benefit of my original setup with Spamassissin, and I didn't ever actually lose any mail. With the simple RBL setup above, however, mail delivery is denied entirely. This is efficient, but means that false positives result in total loss.
Notes
- ↑ Due to trademark issue, the better name is DNS Blackhole List, or DNSBL. It's much harder to say and pretty much all postfix docs and the settings themselves use the RBL abbreviation.
