You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Dana Holland <da...@navarrocollege.edu> on 2004/02/12 17:16:50 UTC

use access.db or sa-mimedefang.cf?

When blocking certain addresses (spammers), is it better to use 
access.db in sendmail, or use the blacklist feature in sa-mimedefang.cf?

Re: use access.db or sa-mimedefang.cf?

Posted by David B Funk <db...@engineering.uiowa.edu>.

On Thu, 12 Feb 2004, Theo Van Dinter wrote:

> On Thu, Feb 12, 2004 at 10:16:50AM -0600, Dana Holland wrote:
> > When blocking certain addresses (spammers), is it better to use
> > access.db in sendmail, or use the blacklist feature in sa-mimedefang.cf?
>
> "better" is a relative term.  I would vote that if you know the access.db
> entries are always going to be correct (ie: no false positives), then
> block at the MTA.
>
> Otherwise, make it a blacklist/etc.  (SA, BTW, supports access databases ...)

Agreed. When blocking at the MTA level it is low overhead and
no "Joe-Job" bounces, however higher potential for collateral damage
in the case of an incorrect entry.
(Heck, I've even resorted to router filtering on rare occasion to block
seriously obnoxious pests ;)

One thing that you should do to reduce the collateral damage level
is to enable the "delay_checks" feature and put Spam-Friends entries in
your access.db file for "postmaster" "administrator" and other such
system management type addresses.
That way if somebody is erroneously blocked, they can get an appeal
thru to "postmaster@your.site".
Also customize the reject error message telling them to send mail
to postmaster for more info.

One other thing to consider, if you use SA+sendmail+miter, you can
do SMTP rejects based upon the spam score. This gives you the
advantage of SMTP reject blocking combined with the power
of SA scoring.

-- 
Dave Funk                                  University of Iowa
<dbfunk (at) engineering.uiowa.edu>        College of Engineering
319/335-5751   FAX: 319/384-0549           1256 Seamans Center
Sys_admin/Postmaster/cell_admin            Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{

Re: use access.db or sa-mimedefang.cf?

Posted by Theo Van Dinter <fe...@kluge.net>.

On Thu, Feb 12, 2004 at 10:16:50AM -0600, Dana Holland wrote:
> When blocking certain addresses (spammers), is it better to use 
> access.db in sendmail, or use the blacklist feature in sa-mimedefang.cf?

"better" is a relative term.  I would vote that if you know the access.db
entries are always going to be correct (ie: no false positives), then
block at the MTA.

Otherwise, make it a blacklist/etc.  (SA, BTW, supports access databases ...)

-- 
Randomly Generated Tagline:
"I want to live forever, or die trying."      - Me