From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-49002-garchives=archives.gentoo.org@gentoo.org>)
	id 1GFN18-00007a-AG
	for garchives@archives.gentoo.org; Tue, 22 Aug 2006 03:33:30 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.13.7/8.13.6) with SMTP id k7M3UblX007962;
	Tue, 22 Aug 2006 03:30:37 GMT
Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.185])
	by robin.gentoo.org (8.13.7/8.13.6) with ESMTP id k7M3SHPD005081
	for <gentoo-user@lists.gentoo.org>; Tue, 22 Aug 2006 03:28:17 GMT
Received: by nf-out-0910.google.com with SMTP id m19so2430112nfc
        for <gentoo-user@lists.gentoo.org>; Mon, 21 Aug 2006 20:28:17 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
        s=beta; d=gmail.com;
        h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        b=gbAjpi15VIUHeZmqxckE+jhvICy/hASxshLgHbgbynbpRk5BTAdMMA5jLPnb4d7221nhviwsxnj6YldIzdMx0DpRHluyzFesfwbxMYyreekPLSyHAIi3NSxIRjnBwxcqX/EY+cLJ+VYPffBO0j/fgXZdB+GFoTxRdlNi9RHiHLs=
Received: by 10.49.75.2 with SMTP id c2mr429209nfl;
        Mon, 21 Aug 2006 20:28:17 -0700 (PDT)
Received: by 10.48.241.1 with HTTP; Mon, 21 Aug 2006 20:28:16 -0700 (PDT)
Message-ID: <49bf44f10608212028x751e304erddda1e8647d81d56@mail.gmail.com>
Date: Mon, 21 Aug 2006 20:28:16 -0700
From: Grant <emailgrant@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Greylisting vs. reject_rbl_client
In-Reply-To: <44EA5282.9080906@badapple.net>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <49bf44f10608211655o50036eaak582cc61f177f8578@mail.gmail.com>
	 <44EA5282.9080906@badapple.net>
X-Archives-Salt: c430ee75-4309-4b89-ad3c-9d0869b7bac8
X-Archives-Hash: b88899e8a3b146544225e714e8dd2aad

> > Do you think the reject_rbl_client stuff is safer than greylisting?
> >
> > - Grant
>
> 1. Blacklists have the HIGHEST false positive rate of any anti-spam
> technique other than sending all mail to /dev/null. 34%
> http://www.paulgraham.com/falsepositives.html
>
> 2. Blacklists block the least amount of spam. 24%
> So it's wrong more often than right.
>
> 3. All Blacklists are run by jackasses. Yes, even the ones you like.
> http://www.internetnews.com/xSP/article.php/8_1143551
> http://www.peacefire.org/anti-spam/group-statement.5-17-2001.html
> http://www.networkworld.com/research/2001/0910feat.html
>
> and far too much personal experience*
>
>         In my experience over the past two to three years greylisting and
> simple header checks have blocked 99% of spam before it gets to the
> queue and generated less admin overhead with false positives and other
> nonsense. I'd call its accuracy a solid 99.9% since I've only had to
> whitelist three sets of servers over the years, YMMV. It might not be
> 99.9 for everyone, but it will be far better than blacklisting. There
> are some quirks with greylisting, but overall it's been very effective
> without much downside.
>
> I can't say enough bad things about blacklisting.
>
> kashani
>
> * The first ISP I worked for actually hosted public.com which has
> probably been the most hijacked domain ever. It's a fun Monday morning
> when some moron decided to block your entire ISP without actually
> looking at the headers. It gets slightly less fun the fifth and sixth
> time it happens. Homicide is considered when they assume they are
> automatically right, are as rude as possible to you, and then stall for
> a day before they grudgingly remove you.

Do you think this postfix anti-spam configuration is OK:

smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions =
        permit_mynetworks,
        reject_non_fqdn_hostname,
        reject_invalid_hostname,
        permit
smtpd_sender_restrictions =
        permit_mynetworks,
        reject_non_fqdn_sender,
        reject_unknown_sender_domain,
        permit
smtpd_recipient_restrictions =
        permit_mynetworks,
        reject_non_fqdn_recipient,
        reject_unknown_recipient_domain,
        reject_unauth_destination,
        permit

Would it be OK to remove the following aliases since I never use them:

# Well-known aliases -- these should be filled in!
root:           grant
operator:       grant

# Standard RFC2142 aliases
abuse:              grant
ftp:                grant
hostmaster:         grant
news:               grant
noc:                grant
security:           grant
usenet:             grant
uucp:               grant
webmaster:          grant
www:                grant
-- 
gentoo-user@gentoo.org mailing list