About Archive Tags RSS Feed

 

I gotta be cool relax, get hip

30 August 2007 21:50

Fighting Spam

Lots of people get spam and don't want to fight it themselves.

Many of those people elect to use a service such as Google Mail, which does an adequate job of filtering most of the time.

For people who wish to host their own mailservers, and off-load their anti-spam support to another entity, there are big companies such as MessageLabs.

But if you can't/won't pay for somebody else how would you handle it?

Right now I run my own mailserver and mostly it rocks.

However I also manage a couple of servers for other people, and this mostly means that I have identical configuration(s) scattered across other machines. (Or as I recently discovered "mostly identical" setups scattered across N hosts.)

After viewing a recent thread upon the forums of my employers I'm wondering how hard it would be to setup an anti-spam mail host.

The idea being that users of domain example.org would continue to run their own mailserver (+optional POP/IMAP server). However this server wouldn't be listed in an MX record.

Instead the MX record would point at the antispam server, which would then process and forward the mail on. (I'm assuming that the mailserver at example.org would be firewalled such that it would only accept SMTP connections from the anti-spam host).

The only challenges I see would be:

  • The anti-spam server knowing where to forward mail for domain X - since there would be no MX record. Maybe a A record 'incoming.example.org'; maybe a hardwired list.
  • Having enough resources on the anti-spam server.
  • The pain that would ensue if legitimate mail were dropped.

The last one is the killer point which makes me wonder if I'm wasting my time on the general case; I don't believe I could persuade people to pay for such a service (on the grounds that I wouldn't!) and if ever a mail were dropped I'd be the first person who would be blamed. And probably rightly so.

The simple solution would be to always accept mail - but just tag it. Then you still have the same issue, but you have the excuse that "I still delivered your mail; just tagged wrongly". The downside of that is that the recipient still has to filter the mail; and still eats the bandwidth cost. The main gain is the lack of spam-processing CPU that is eaten locally.

Anti-spam, and to a lesser extent anti-virus, topics are very interesting to me, and I'd love to hear any thoughts - or even what you use for yourself.

Right now I'm 50/50 on setting up my main mailserver as the proxy for a few domains I have to manage (family, friends) to see how it works, but I'm not quite convinced yet. (Single point of failure == bad. Though centralised configuration == good.)

Tags: anti-spam, anti-virus | No comments

 

 

Created by ephemeris.

© Steve Kemp