Incoming Mail Servers - Grey Listing

What's Up With Eskimo's Community!

Moderators: Nanook, carl

User avatar
Senior Member
Posts: 93
Joined: Tue Jun 25, 2013 10:08 pm
Location: Shoreline

Incoming Mail Servers - Grey Listing

Postby Nanook » Thu Aug 31, 2017 7:28 pm

The old mail servers which were based upon CentOS6 and five year old versions of postfix and spamassassin, have been replaced with new Ubuntu 17.04 based servers with the current versions of spamassassin, postfix, razor, pyzor, dcc, and clamav anti-virus software. In addition we've added gray listing.
Gray listing delays e-mail from an address it's never seen before, refusing the initial delivery with a temporary failure. RFC compliant mailers will re-queue the mail and retry delivery after a period of time and the mail will make it. When this happens the address is added to the database and any subsequent e-mail from this address will be received without delay.
In addition, clamav anti-viral database is now updated hourly instead of daily. This reduces the period of time for which a new virus may be in the wild but not yet in the database.
Another new thing is that now spamassassin rules are updated nightly, so when spammers figure out how to get around them, that won't remain open until the next time we upgrade the computers, instead it will be fixed within a day of new rules becoming available.
Bayesian filtering is till in place. There is a minor issue right now in that occasionally it gets "stuck" because of incompatible locking methods between the old server that is the client mail server and the new incoming servers. I will be upgrading the client server as well shortly. So your help in training Bayesian filters by bouncing spam to "", and legitimate e-mail to "" will still be helpful at stopping spam that gets through all of the other facilities.
One last advantage of moving these to Ubuntu 17.04, is that CentOS provides no online upgrade paths for major releases. To get from CentOS 6 to Centos 7 requires a complete new installation and so it didn't happen. Ubuntu by contrast can be updated while operational without re-installing the entire server. This will allow us to keep these servers totally current from here on out.

Who is online

Users browsing this forum: No registered users and 3 guests