Episode Details

Back to Episodes
197: Relaying the good news

197: Relaying the good news

Published 8 years, 9 months ago
Description

We’re at BSDCan, but we have an interview with Michael W. Lucas which you don’t want to miss.

This episode was brought to you by

iXsystems - Enterprise Servers and Storage for Open SourceDigitalOcean - Simple Cloud Hosting, Built for DevelopersTarsnap - Online Backups for the Truly Paranoid

Headlines

We are off to BSDCan but we have an interview and news roundup for you.

Interview - Michael W. Lucas - mwlucas@michaelwlucas.com / @mwlauthor

  • Books, conferences & how these two combine ***

News Roundup

In The Name Of Sane Email: Setting Up OpenBSD's spamd(8) With Secondary MXes In Play

  • “The Grumpy BSD Guy”, Peter Hansteen is at it again, they have produced an updated version of a full recipe for OpenBSD’s spamd for your primary AND secondary mail servers

Recipes in our field are all too often offered with little or no commentary to help the user understand the underlying principles of how a specific configuration works. To counter the trend and offer some free advice on a common configuration, here is my recipe for a sane mail setup.
Mailing lists can be fun. Most of the time the discussions on lists like openbsd-misc are useful, entertaining or both. But when your battle with spam fighting technology ends up blocking your source of information and entertainment (like in the case of the recent thread titled "spamd greylisting: false positives" - starting with this message), frustration levels can run high, and in the process it emerged that some readers out there place way too much trust in a certain site offering barely commented recipes (named after a rare chemical compound Cl-Hg-Hg-Cl).

  • 4 easy steps:
    • Make sure your MXes (both primary and secondary) are able to receive mail for your domains
    • Set set up content filtering for all MXes, since some spambots actually speak SMTP
    • Set up spamd in front of all MXes
    • Set up synchronization between your spamds

These are the basic steps. If you want to go even further, you can supplement your greylisting and publicly available blacklists with your own greytrapping, but greytrapping is by no means required.
Once you have made sure that your mail exchangers will accept mail for your domains (checking that secondaries do receive and spool mail when you stop the SMTP service on the primary), it's time to start setting up the content filtering.

  • The post provides links if you need help getting the basic mail server functionality going

At this point you will more likely than not discover that any differences in filtering setups between the hosts that accept and deliver mail will let spam through via the weakest link. Tune accordingly, or at least until you are satisfied that you have a fairly functional configuration.
As you will have read by now in the various sources I cited earlier, you need to set up rules to redirect traffic to your spamd as appropriate. Now let's take a peek at what I have running at my primary site's gateway.

  • The articles provides a few different sets of rules
  • The setup includes running all outgoing mail through spamd to auto-populate the whitelists, allowing replies to your emails to get through without greylisting
Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.

Support Us