From: Niels Dettenbach <nd@syndicat.com>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Anti-spam changes: proposal to drop spammy mail
Date: Mon, 11 May 2015 12:09:08 +0200 [thread overview]
Message-ID: <1626925.WQM6IekEy6@gongo> (raw)
In-Reply-To: <robbat2-20150511T030343-086083177Z@orbis-terrarum.net>
Am Montag, 11. Mai 2015, 04:26:01 schrieb Robin H. Johnson:
> This was a good early policy, as Gentoo was a much more reliable host than
> email providers a decade ago. This isn't true anymore, with the meteoric
> rise
> and success of gmail.
This is not true at all - but email service "reliability" was and is not a
primarily question of the hosts OS nor some kjind of basic standard
configuration of a mailer "package" (or ebuild).
> As past long-standing practice, @Gentoo.org system-level mail handling for
> incoming mail was officially to tag everything, and delete nothing.
This is - for a public internet Mailer / MX - a VERY bad option - at least
mail not fulfilling basic email standards should be blocked (as usual by the
very most professional level mail services), because it could be (used)
abusive by thirds.
> A LOT of developers forward their mail now, to systems that
> refuse/temporarily blacklist the forwarding system because there is a lot
> of spam. Gmail is particularly strict in this regard, throttling mail to
> any recipient from the forwarding source.
Gmail is crap (from my opionion) - at least for really professional email
users or at least users which need a reliable email service (includes the
possibility to recieve or send out higher frequent emails or emails from more
"exotic" sources).
We - as a email provider - recognized the development of the rate limiting
policy by Google as well and it seems that Google is adapting that limits by
the amount of mail which is send from google users into that "domains" (as far
as this is correctly locatable for them, because by specs it is not
really...). This works OK for source mail servers / domains which still have
"typical" email users and their regular traffic (or what googles thinks about
- i.e. what some kind of user deletes without reading or is (i.e. false)
marking as "spam") going to different recipients at google too, but not very
well for more specialized email systems (like mailing list weighted mail
systems / MTAs or systems handling some kind of notifications for a larger
amount of users / customers - (widely) independent from what type of mail they
transport and how high the part amount of spam within is).
For mail ISPs there is a contact where they can "complain" or "discuss" about
limits with a mail server, but i did not know any case wher any answer was
coming from them (does not mean that google did not recognizes it).
But if someone decied for google as his primarily email provider - he has to
live with that policies from google, which might work OK for most peoples and
their "most peoples traffic".
> Unless there are any major objections, as of May 17th, Infra will start
> dropping mail that scores more than 10.0 points in Spamassassin.
>
> If that is successful, I propose to drop the score point by 1 point every
> month until it hits a score of 5.0 (so by mid-October, it will be dropping
> mail that scores more than 5.0).
This will work (depending form some of your SA setup details and how far you
use all of the features, channels and possible extensions / third party
services - i.e. DCC, Razor, Pyzor, "all" the different update channels, Bayes
- while disabling DNSBLs and doing that still before in your mailer) until you
go down 5.
On 6 you typically will still get a lot of spam through (enough to make users
work to sort it out regularly) while on 5 you definitely will loose ham - even
if you still use the "usual" DNS based spam blocking lists (would let do this
the mailer before SA usually because of performance/ressource reasons).
So typical "working" values are between 5 and 6.
But even then you will get spam, as long if you won't loose any ham "from time
to time" - installing a filter solution like SA alone is just one part of a
modern and working anti spam gateway with a zero false positive target policy
(but might be enough to help your moderators here ß).
Most important tasks are to set up the MTA/MDA far enough to block email which
are not fulfilling the specs and/or coming from machines which doesnt it - the
very most of spam should be catched here usually, but is is a dynamic tasks to
know and/or find out which parts of the standards are important and which
less, because there are still many used mail systems out which are not
configured properly, but have a significant user base.
But there are very good reasons why more and more admins of smaller otherwise
focussed admins decide to route their email traffic over a gateway mail
service. Setting up a "just working" email system is a simple job today, but
running a reliable internet email service on a more professional level is a
real job which takes time and knowledge in maintaining that service - far over
the setup details of a SMTP daemon (i.e. a proper DNS setup with PTR, DKIM,
SPF, abuse contacts and so on) which often are out of scope of a typical
admin.
hth a bit.
cheerioh,
Niels.
--
---
Niels Dettenbach
Syndicat IT & Internet
http://www.syndicat.com
PGP: https://syndicat.com/pub_key.asc
---
next prev parent reply other threads:[~2015-05-11 10:09 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-11 4:26 [gentoo-dev] Anti-spam changes: proposal to drop spammy mail Robin H. Johnson
2015-05-11 7:29 ` Eray Aslan
2015-05-11 9:15 ` Tobias Klausmann
2015-05-11 19:31 ` Michael Orlitzky
2015-05-11 19:35 ` Kristian Fiskerstrand
2015-05-11 20:01 ` Michael Orlitzky
2015-05-11 20:08 ` Robin H. Johnson
2015-05-11 20:47 ` Michael Orlitzky
2015-05-12 5:19 ` Eray Aslan
2015-05-12 10:26 ` Rich Freeman
2015-05-12 10:39 ` Peter Stuge
2015-05-12 12:56 ` Niels Dettenbach
2015-05-11 9:38 ` Tony Vroon
2015-05-11 10:09 ` Niels Dettenbach [this message]
2015-05-11 20:36 ` Robin H. Johnson
2015-05-12 7:18 ` Niels Dettenbach
2015-05-11 12:39 ` Andrew Savchenko
2015-05-11 12:47 ` Niels Dettenbach
2015-05-11 20:27 ` Robin H. Johnson
2015-05-11 13:27 ` Charles Nérot
2015-05-11 13:37 ` C Bergström
2015-05-11 13:59 ` Rich Freeman
2015-05-11 14:44 ` C Bergström
2015-05-11 14:59 ` Rich Freeman
2015-05-11 15:21 ` C Bergström
2015-05-11 16:17 ` Alexis Ballier
2015-05-11 16:20 ` Ciaran McCreesh
2015-05-11 16:32 ` Alexis Ballier
2015-05-11 16:38 ` Michał Górny
2015-05-11 16:25 ` C Bergström
2015-05-11 16:19 ` Matthew Thode
2015-05-11 16:55 ` Rich Freeman
2015-05-11 17:06 ` C Bergström
2015-05-23 6:18 ` J. Roeleveld
2015-05-23 6:24 ` C Bergström
2015-05-23 11:05 ` Andrew Savchenko
2015-05-23 6:39 ` Niels Dettenbach (Syndicat.com)
2015-05-23 7:54 ` [gentoo-dev] " Duncan
2015-05-23 8:01 ` [gentoo-dev] " James Le Cuirot
2015-05-23 11:16 ` Rich Freeman
2015-05-23 12:32 ` Andrew Savchenko
2015-05-23 13:07 ` Rich Freeman
2015-05-23 13:34 ` Niels Dettenbach (Syndicat.com)
2015-05-23 14:20 ` Rich Freeman
2015-05-23 14:32 ` Niels Dettenbach (Syndicat.com)
2015-05-23 15:36 ` Rich Freeman
2015-05-23 14:23 ` Ciaran McCreesh
2015-05-23 14:29 ` Niels Dettenbach (Syndicat.com)
2015-05-23 16:24 ` Mike Frysinger
2015-05-11 21:10 ` Robin H. Johnson
2015-05-12 8:37 ` [gentoo-dev] Re: [gentoo-project] " Mike Frysinger
2015-05-12 8:58 ` [gentoo-dev] " Amadeusz Żołnowski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1626925.WQM6IekEy6@gongo \
--to=nd@syndicat.com \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox