Spam. Enough?

RT Users
1

What would you guys suggest for handling spam?

I mean, I don’t want it even to get a ticket opened.

There are some known characteristics, like:

  1. fixed subjects: “A special exite game”, “CELLPADDING”, “A new website”
  2. fixed senders: "big@boss.com", "marketing44@disney.biz"

etc.

What would be the best approach? Procmail? Scrips?

I would like to hear your ideas…

p.s. I use Sendmail, RT3, Perl 5.8.0, Linux Kernel 2.4.18-27.7.x (from RH)

Best regards,
Shimi

“Outlook is a massive flaming horrid blatant security violation, which
also happens to be a mail reader.”

“Sure UNIX is user friendly; it’s just picky about who its friends are.”

2

shimi escribi�::

What would you guys suggest for handling spam?

SpamAssassin

It comes with amavis ( http://www.ijs.si/software/amavisd/ )
that also scans the mails with the antivirus.

But I think you can install SpamAssassin alone.

3

shimi escribi�::

What would you guys suggest for handling spam?

SpamAssassin

It comes with amavis ( http://www.ijs.si/software/amavisd/ )
that also scans the mails with the antivirus.

But I think you can install SpamAssassin alone.

It’s what we’re using here too, to filter mail to our hostmaster queue
(because spammers LOOOOVE hostmaster.) It works really well.

Cheers.

Mick

4

What would you guys suggest for handling spam?

I mean, I don’t want it even to get a ticket opened.

What would be the best approach? Procmail? Scrips?

SpamAssassin is a good first approach. We use an alternate method I
thought I’d throw out:

When a message first comes into our qmail mail server (destined for RT or
not), we check it against several RBLs, and append an “X-RBL” header for
each RBL where IP addresses in the headers of the message are blacklisted.
(This is nice for user-level filtering too.)

We then use TMDA http://tmda.net/ to confirm any sender with an RBL
listing before their message is inserted to RT. The end result is that
anyone can get through to RT if they want to (well, unless they’re on our
TMDA blacklist), but senders from known spam-related IPs have to take one
extra step to confirm that they’re legit.

These policies could obviously be tweaked according to your needs:
everyone has to confirm themselves first, relax the criteria for requiring
confirmation, etc.

Chris

5

“FG” == Francesc Guasch frankie@etsetb.upc.es writes:

FG> It comes with amavis ( http://www.ijs.si/software/amavisd/ )
FG> that also scans the mails with the antivirus.

it doesn’t require you use an antivirus, just supports using one.

6

shimi wrote:

What would you guys suggest for handling spam?

Using spambayes ( http://www.spambayes.org/ ) with procmail here.

Rob

Rob W.W. Hooft || rob@hooft.net || http://www.hooft.net/people/rob/