Orxonox

Hey,

I think it'd nice if we had spam assassin or some other spam filter for mail.orxonox.net. Thunderbirds filter is pretty neat, but after two weeks of not checking the orxonox account it took a long time to download 3000 spam messages (well, well... ok, maybe it's been 3 weeks ).
What do you guys think?
Unfortunately I have no idea how much work it is to set up SA, got no experience with it...

It depends, on what MTA we are using... I did install in on another server, and we had postfix installed. It was pretty easy.

In addition, I'd install some sort of greylisting - I know, it's not as good as it used to be - and maybe install some additional scripts, which make the server look like a tar pit (I have to check the current issue of linux mag for details, but i guess it doable.)

cheers
nico

nicolasc you seem to have a good understanding of Gentoo and it's services. Do you want to take over the administration job on Nautilus?
I just don't have the time anymore to spend nights configuring new services If I take time for Orxonox I would prefer to do some coding instead of administration tasks

btw: I get almost no spam at all. The spam that gets on my account is already marked as SPAM!

Another server?! Why not...

But I won't promise anything till my exams are over.

I send you a ssh-pubkey by mail. (I guess thats what you want next)

cheers
nico

Perfect.

No worries, I don't expect anything. But if you want to, you may add as much services for the orxonox community as you want

I installed postgrey - postfix greylisting plugin - and as far as I can tell it works. Any mails coming from the outside get delayed, but I whitelisted the eth-smtp servers.

spamassassin is installed, but I had no time to configure it properly - esp because it won't to add my spam list...

cheers
nico

I'm really looking forward to less spam. Right now the load of garbage in my mail box is overwhelming.

(My account is clean for the moment, so I cannot tell how much it will improve. please send some feedback)
From the other server I maintain, the spam rate dropped from several mails every day to a few every week.

I do the best I can, wonders take a little longer

cheers
nico

Hehe

Good luck!

nicolasc wrote:please send some feedback

08.01. - 41 Spammails
09.01. - 34 Spammails
10.01. - 75 Spammails
11.01. - 38 Spammails
12.01. - 18 Spammails
13.01. - 5 Spammails
14.01. - 1 Spammail
15.01. - none
16.01. - one so far

So yeah.. it seems to work...

Well, blocking is only one half... but does it pass all (!) non-spam mails?

Greylisting delays all mail - except those which are white listed. Delaying happens by rejecting all first attempts to send a mail (421 error - service not available). If the sending server is an "average" mail server, it will try again later, if it is a spammer, it probably wont, because retrying would mean saving the mail somewhere - and that space is normally not available to a spammer.

So if the sending mailserver is configured correctly, which most commercial ones are, all non-spam mail should be delivered.

I hope this explains the basics of greylisting. I still have to look at spamassassin.

cheers
nico

Well, it's an easy way to mess the spammers plan up. On the other way it's an, let's say unclean way. We had a lecture about spam and the spam assassin of the ETH was there and explained how the spam filter of the ETH works (unfortunately his slides are not available due to security measures). He intentionally does not want to use grey listing because he wants to deliver the mails quickly and has his own opinion about it.
Hey, I don't mind. And I know and see how it works.. so I don't nag anymore and feel lucky about my spam free mail box. thx, nico.

Yes, it's nice that all "good" mails get delivered, but it looks to me like a very unclean way to get rid of the spam. A spam-server could easily resend spam mails if it's configured correctly, because it sends the same mail to millions of adresses, so it doesn't have to store every single mail.
But as long as it works there's nothing to complain about.

True...

And I mentioned it above: greylisting is getting less ans less effective. I am looking into some alternatives: spamassassin (as addition), turning the server into a virtual tar pit (c't has a pretty promising solution)

I mainly installed greylisting, as I knew that it has some effect, and is easy to install. took me 15 min to install (alone 10 to get the packages installed)....

cheers
nico