spamassassin-sysadmins mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kevin A. McGrail" <kmcgr...@apache.org>
Subject SPAM & RBL issues for Apache.org
Date Wed, 09 Aug 2017 14:20:23 GMT
Hi Infra,

I wrote this email a few months ago and wanted to poke about the issue at Greg's recommendation
a week or so ago because some attention to it is happening on the SA users' list.


I love our dogwood policy at the ASF.  However, the SA installation is a bit in need of help
for ASF's implementation. Certain lists are awash
with spam.

There are two light lifts for your consideration:

1 - My firm maintains a ruleset called KAM.cf which we have published
open source for a long time (Anyone know how long? Certainly previous
iterations back to 1999).  Please consider adding it for the SA install
at Apache.

Wget it about once a day
https://www.pccc.com/downloads/SpamAssassin/contrib/KAM.cf 
<https://www.pccc.com/downloads/SpamAssassin/contrib/KAM.cf>

2 - Also, would like to know from your infra gnomes to use RBLs with
your own rsync'd dataset.  Basic work:

- Install rbldnsd (likely only source available, very stable, used by a
LOT of major players) - lightweight DNS agent made for RBLs.

- Setup rsync to our dataset which iswild.pccc.com <http://wild.pccc.com>

- Setup the DNS servers the machine(s) you have running spamassassin to
forward queries forwild.pccc.com <http://wild.pccc.com>  to the IP for rbldnsd.

- Add rules for ourwild.pccc.com <http://wild.pccc.com>  RBL.  NOTE: These rules were
in use by
MILLIONS of cPanel installations with very minimal issues but the sheer
size of their installation overwhelmed us.

- By getting this done, you will then have all the infrastructure
necessary for other RBLs which I'll ask for free datafeeds.

NOTE: I already use spam that gets through on SA lists to go into our
queue for processing.  So it will have a real-time effect on ASF and we
are a commercial service who understands FPs and not interrupting mail
flow.


Additionally, as pointed out on the SA Users Mailing List today, the known issue that the
ASF is exceeding free for some RBL queries is publicly being discussed which could be considered
a security concern: https://lists.apache.org/thread.html/0ad12d5216122939ea8544601a5e87961ff8812e319cda78caf3bd8e@%3Cusers.spamassassin.apache.org%3E

Regards, KAM

-- 
Kevin A. McGrail
Asst. Treasurer & VP Fundraising, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message