Suggestions to block big spam messages

Jason Voorhees jvoorhees1 at gmail.com
Wed Jan 28 14:02:15 GMT 2009


Hi there:

I'm running a Linux box as a gateway AntiSpam with SpamAssassin &
MailScanner. I think my antispam system works very nice. I use some
techniques like:

- UCE control at postfix level
- SMTP delay greeting at postfix level
- Greylisting at postfix level
- Custom MCP checks with MailScanner
- razor plugin with SpamAssassin
- SPF checks with SpamAssassin
- A 'relayed by dialup' plugin in SpamAssassin
- RBL checks with SpamAssassin
- SpamAssassin learning trough reading a shared spam folder with fetchmail
- Maybe something else I don't remember...

The problem is that I'm receiving some spam not detected by all these
techniques because the size of the message is about 300KB, bigger than
"Max Spam Check Size" in MailScanner.conf
By now I only detected that all those spam messages come always from
*.info domains, so I included *.info in my MailScanner blacklist
because I never receive valid messages from those domains. However I
don't feel this is a good way to solve the issue.

What recommendations could you give me to block this kind of spam
efficiently? It would be neccesary to increase the value of "Max Spam
Check Size"? I don't believe it, right?

I hope someone can advice me a little in this antispam battle. Thanks, bye :)


More information about the MailScanner mailing list