Spam Filtering for Mail Exchangers

Spam Filtering for Mail Exchangers
		Next

Spam Filtering for Mail Exchangers

How to reject junk mail in incoming SMTP transactions.

Tor Slettnes

<tor@slett.net>

Edited by

Joost De Cock

Technical Review

<joost.decock (at) astrid.be>

Devdas Bhagat

Technical Review

<devdas (at) dvb.homelinux.org>

Tom Wright

Language Review

<tom (at) maladmin.com>

Table of Contents

Introduction

1. Purpose of this Document
2. Audience
3. New versions of this document
4. Revision History
5. Credits
6. Feedback
7. Translations
8. Copyright information
9. What do you need?
10. Conventions used in this document
11. Organization of this document

1. Background

1. Why Filter Mail During the SMTP Transaction?

1.1. Status Quo
1.2. The Cause
1.3. The Solution

2. The Good, The Bad, The Ugly

3. The SMTP Transaction

2. Techniques

1. SMTP Transaction Delays

2. DNS Checks

2.1. DNS Blacklists
2.2. DNS Integrity Check

3. SMTP checks

3.1. Hello (HELO/EHLO) checks
3.2. Sender Address Checks
3.3. Recipient Address Checks

4. Greylisting

4.1. How it works
4.2. Greylisting in Multiple Mail Exchangers
4.3. Results

5. Sender Authorization Schemes

5.1. Sender Policy Framework (SPF)
5.2. Microsoft Caller-ID for E-Mail
5.3. RMX++

6. Message data checks

6.1. Header checks
6.2. Junk Mail Signature Repositories
6.3. Binary garbage checks
6.4. MIME checks
6.5. File Attachment Check
6.6. Virus Scanners
6.7. Spam Scanners

7. Blocking Collateral Spam

7.1. Bogus Virus Warning Filter
7.2. Publish SPF info for your domain
7.3. Enveloper Sender Signature
7.4. Accept Bounces Only for Real Users

3. Considerations

1. Multiple Incoming Mail Exchangers
2. Blocking Access to Other SMTP Servers
3. Forwarded Mail
4. User Settings and Data

4. Questions & Answers

A. Exim Implementation

1. Prerequisites

2. The Exim Configuration File

2.1. Access Control Lists
2.2. Expansions

3. Options and Settings

4. Building the ACLs - First Pass

4.1. acl_connect
4.2. acl_helo
4.3. acl_mail_from
4.4. acl_rcpt_to
4.5. acl_data

5. Adding SMTP transaction delays

5.1. The simple way
5.2. Selective Delays

6. Adding Greylisting Support

6.1. greylistd
6.2. MySQL implementation

7. Adding SPF Checks

7.1. SPF checks via Exiscan-ACL
7.2. SPF checks via Mail::SPF::Query

8. Adding MIME and Filetype Checks

9. Adding Anti-Virus Software

10. Adding SpamAssassin

10.1. Invoke SpamAssassin via Exiscan
10.2. Configure SpamAssassin
10.3. User Settings and Data

11. Adding Envelope Sender Signatures

11.1. Create a Transport to Sign the Sender Address
11.2. Create a New Router for Remote Deliveries
11.3. Create New Redirect Router for Local Deliveries
11.4. ACL Signature Check

12. Accept Bounces Only for Real Users

12.1. Check for Recipient Mailbox
12.2. Check for Empty Sender in Aliases Router

13. Exempting Forwarded Mail

14. Final ACLs

14.1. acl_connect
14.2. acl_helo
14.3. acl_mail_from
14.4. acl_rcpt_to
14.5. acl_data

Glossary

B. GNU General Public License

1. Preamble

2. TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION

2.1. Section 0
2.2. Section 1
2.3. Section 2
2.4. Section 3
2.5. Section 4
2.6. Section 5
2.7. Section 6
2.8. Section 7
2.9. Section 8
2.10. Section 9
2.11. Section 10
2.12. NO WARRANTY Section 11
2.13. Section 12

3. How to Apply These Terms to Your New Programs

List of Tables

1. Typographic and usage conventions
1.1. Simple SMTP dialogue
A.1. Use of ACL connection/message variables

		Next
		Introduction