Tungsol Filaments

Addressing spam is a complex problem. I recommend postfix with spamassassin for starters. Vigorous use of client, sender, and helo access are recommended. There are many examples of this on how-to websites including postfix and spamassans own websites.

Once you create a spam mailbox (I usually do this with procmail example below), you can examine spam email headers and see where the spam is coming from.

You will find most is coming from 1) countries you have no need to receive mail from, or 2) an IP subnet from hosts that do not monitor their users for spam (a key is an unusual domain-name that resolves but seems meaningless). You can block specific countries with postfix sender_access files or helo_access file. I recommend disallowing spam IP host by brute force blocking the IP or IP range with IPTABLES. If you observer multilple IP’s from a subnet, block the whole subnet.

It is a tedious process however, you can eliminate almost all spam with careful analysis.

MAILDIR= /var/mail
:0fw
* < 256000
| /usr/bin/spamassassin
:0e
EXITCODE==$?
:0
* ^X-Spam-Flag: YES
spambucket

Where spambucket is the spam mailbox you need to create user spambucket (or whatever you want)