Mailing List SIMS@mail.stalker.com Message #10111
From: Tod Fitch <Tod@FitchDesign.com>
Subject: Re: Rules and Router questions to eliminate spam
Date: Wed, 30 Jan 2002 08:15:35 -0800
To: SIMS Discussions <SIMS@mail.stalker.com>
X-Mailer: QUALCOMM Windows Eudora Version 5.1
At 07:23 AM 1/30/2002, Robert Ameeti wrote:
Using SIMS 1.8b8 and CommuniGator 3.2.1 with little to no real understanding of how to properly use these. I'm trying to find the best place to get a better understanding of the following areas.

For Server/Rules...      I have nothing

-

For Server/Router...     I have:

<*@ameeti.net> = *;
<UNKNOWN> = robert@ameeti.net;

-

I'm getting a ton of spam, with 'All Messages' showing many of the 'From' to be 'NULL@NULL'

-

How should the Rules or Router items be set so that I have a minimum of spam?


I use the web interface so I am not sure where these controls are under Communigator...

1) I know of no "server/rules" on SIMS, I suspect this is a Communigator specific control.
2) The router is not the best first step for reducing spam. The SMTP settings area is where you should start.
3) The NULL@NULL you see in the From: field has nothing to do with how the mail is delivered nor, I think, can you set up a routing rule to deal with it.

In you SMTP controls:
A) Make sure you have "relay for clients only" on. This will not affect the spam you receive but will help make sure you are not part of the problem.
B) Turn on "verify return paths". This will make SIMS check out the "from" value that is in the envelope to verify that it is a plausible address (it checks that the host address exists). Based on my logs, this will get rid of maybe 10 to 25% of your spam.
C) Find one or more RBLs that you like and enter it/them into the RBL server list. Set "enable blacklist DNS servers" on. I current have the following in my list:

relays.osirusoft.com     "See http://relays.osirusoft.com/"

Sometimes this server is slow to respond, so you might want to consider using others. When receive spam, copy the IP address that SIMS says the mail came from into this web page <http://relays.osirusoft.com/cgi-bin/rbcheck.cgi> and check to see what if any RBLs declare it bad. That might help you decide which RBLs to use.

D) Enter the appropriate values for your RBL into the "black listed" hosts list. I currently use (no collateral damage that I know of yet):

127.0.0.2             ; orisoft verified open relay
127.0.0.3             ; orisoft dialup line
127.0.0.4             ; orisoft Confirmed spam source

For me this seems to filter out about 80-90% of the spam. Your mileage may vary.

If you are using blacklists, then you should "whitelist" at least the postmaster and maybe the abuse accounts so that people who are part of the collateral damage can get a hold of you and you can work out the fix (probably getting them to put pressure on their ISP). You whitelist accounts using the Router. The following lines are in my router to do this:

<abuse%*@blacklisted> = abuse@*
<postmaster%*@blacklisted> = postmaster@*

Good luck and I hope this helps some.
Tod

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster