Mailing List SIMS@mail.stalker.com Message #15572
From: Michael Heth <mlr@serversmiths.com>
Subject: Re: spam routing question
Date: Fri, 18 Jan 2008 11:31:48 -0800
To: SIMS Discussions <SIMS@mail.stalker.com>
X-Mailer: Apple Mail (2.752.2)

On Jan 16, 2008, at 7:33 PM, Bill Cole wrote:

At 1:38 PM -0600 1/16/08, billc  imposed structure on a stream of electrons, yielding:
<*@blacklisted> = spamtrap

No.

SIMS 'spamtrap' is not what the word 'spamtrap' has evolved to mean since the last SIMS update. Routing an address to spamtrap means that it is accepted at the RCPT stage but the message is rejected entirely at the DATA stage, preventing delivery to any of the addresses given in RCPT commands, even the ones that were legitimate.

<*@blacklisted> = spamtrap


Well, I added the above to the top of my router table in my backup server and my spam dropped to a trickle and I seem to be getting all my email just fine at my primary server.

After I blew out my router and rebuilt it I had lost some spamtraps and my spam went up 10 fold. Now it is lower than it was originally.

I do not have the
<*@blacklisted> = spamtrap

in my primary router table.



I'm confused.

<*@blacklisted>  matches any mail coming from IP addresses in the local blacklist or in any of the DNSBL's you are using. The only reason to have ANY router rule matching any @blacklisted pattern is to exempt specific addresses or address patterns from those blacklists.

If you have NO such rules, you simply never accept mail from the blacklisted IP's, and it should never be seen by anything else of yours, since you never even see the data.

What sort of setup do you run that causes mail rejected by SIMS to go to some other machine of yours?


The primary server would reject the email and it would be sent to my secondary which would receive it and then route it to the primary which would accept it because it came from a client IP. When my backup server was offline the spam was being routed to my listserver which did throw it away but the drawback to that is that to the spammers it looks like it might be an open relay and so it was get hammered occasionally.

So for what it is worth, it seems to be working fine for my needs.

Bill Cole, do you have a preferred method to do what I enumerated above?

Thanks for any tips/info.

M./
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster