postscreen / postgrey ok list world's top 1500 orgs updated 3x/week #3589
Replies: 4 comments
-
If you have a product to sell, this is NOT the place for it. |
Beta Was this translation helpful? Give feedback.
-
Disable the Postgrey service or if you want those benefits you observed and the delay is too long for users... use the power of configuration? Checking the docs to realize you could reduce the delay would have been simpler than your solution that you're pitching here.
I could be mistaken, but what are you doing differently? We fetch the postgrey whitelist during image builds, those should be used just like the custom one you're selling a subscription to. If Postgrey is still not adequate for you, I'd suggest trying out the Rspamd greylisting support as an alternative, it's planned as a future replacement in DMS (not that your ad seems in anyway relevant to DMS, we don't use SQL). |
Beta Was this translation helpful? Give feedback.
-
I not only searched but actively used everything in the *nix world I could find before building this. Have you looked at the list postgrey downloads? It's short roster of a few favored senders. I did try to get by with it but just wasn't ok. Just way too much got by it. All the 'detection methods' advertised above are willing to play the 'cat and mouse' game of ever-better bad-guy-invents latest-release-catches cycles, the result as anyone who's been in this space for any amount of time knows is: some good email gets landed in user spam folders or rejected outright, and some spam gets accepted as ok until the next update, the next entry into spamhaus or related lists, etc. Then there are the 'bad guy list everything as bad unless you pay us' so-call 'bad lists'. This is entirely different as it affirmatively checks the official corporate dns of the world's major senders, chases all that down through whoever it is they may have hired to manage email or their own servers, finds those addresses and puts those on an 'instant fast pass' through the 'bad guy checking system'. I've been using it of course myself for months now and for my clients and wow does is zip along what they care about. And it allows me to employ tighter screening on 'everything else'. Even better is 'permanent blacklisting until manual review' whole ip ranges that send spam after checking against the whitelist, so those don't even hit the fail2ban / related detections. Those packets get dropped right at the router entry. Of course the major good thing it does, the thing that beats nearly all spammers, is it lets you use the 'hey, try again in a little bit' greylist feature that most active email clients can't tolerate owing to the unpredictable time in re-send delay of 'that new client we're anxious to impress with our rapid response'. If you're not on the 'known good list' then that traffic has to pass postscreen and that -- that is something most spammers just can't abide. Lots of artful faking of creds and so on... but 'retry in a bit' is a wonderfully effective deterrent, atop the rest of the 'deep analysis spam' well known systems. As we've seen in this space, keeping that list current takes man-hours fairly often. Not a lot, but not nothing. If there's some way to get the kind of thing they swap for food at the grocery store some other way, please do tell! |
Beta Was this translation helpful? Give feedback.
-
Hi! I found the anti-spam solutions were taking lots of resources especially during 'spam attacks', and such approaches as sql/postgrey and other solutions did a great job fighting spam but delayed messages from 'first time' senders to 'make sure they were real'. The delays generated complaints from our users. So I tried to find a way to keep the benefit without the delay. Also I wasn't too happy revealing to the offsite services how many emails were being sent to and when to our organizations which is a side effect of what many spam fighting systems do.
The result is that I did a 'data science' thing and produced a system that compiles the latest approved IP sender addresses of the 'Fortune 1,000' world's biggest companies, and also the world's top 500 visited websites. It parses all the MX, dnssec, spf, dkim, dmarc and so on (often companies hire out email to third parties) then resolves that down to ip4 and ip6 addresses. Then it eliminates duplicates and publishes the list in both postscreen cidr format and plain 'list of networks' format that gets updated every three days.
It's not perfect, but it is very good. The big organizations protect their source IP addresses so at least email servers using this can check almost instantly whether the further expensive anti-spam efforts are worth it. The nice thing is this test happens without having to look at the content of the email whatsoever, so it defeats many spam vectors. Link Removed (unsolicited ad, unrelated to DMS) Comments welcome!
Beta Was this translation helpful? Give feedback.
All reactions