spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Cole" <>
Subject Re: SpamAssassin Rules Regarding Abuse of New Top Level Domains
Date Wed, 14 Oct 2015 14:36:22 GMT
On 13 Oct 2015, at 15:08, Larry Goldman wrote:

> My experience to date is that GoDaddy doesn’t really support the 
> internals of CPanel, and CPanel doesn’t provide end-user customer 
> support either.

Cheap is indeed cheap. Skilled individualized MTA & anti-spam support is 
NOT cheap.

> I figured I would try to solve the problem myself (with this mailing 
> list’s help), or consider hosting my own (OS X) email server so I 
> have full control of SA. I’m a Mac OS X house and don’t really 
> want to deal with the Exchange-hosted email GoDaddy offers as its only 
> alternative.

Self-hosting email is feasible if you have a proper business-fit 
Internet connection: static IP, rDNS in your own domain, no filtering or 
DNS hijacking. MacOS X Server isn't a horrible (any more... ) mail 
server and if you're willing to manage it in Terminal, any old Mac can 
take a Postfix installation much like any other Unix-flavored OS and use 
SA via AmavisD (most common) or MIMEDefang (my preference). If your own 
connectivity isn't suited for self-hosting, there are specialist MacOS X 
hosting operations out there.

FWIW, I've been hosting my heavily-spam-targeted personal domain for 20+ 
years on MacOS, originally on System 7.5 and evolving through many 
different MTAs and MacOS versions. That's far from a full-time task, it 
takes less work than any of the multiple mail systems on multiple 
platforms that I help manage for others who fund my paychecks, and all 
together my mail admin toil doesn't constitute most of my work. So 
unless you have a large complex mail system (i.e. unfit for cheap 
hosting anyway) you're not committing to a new full-time position or a 
second full-time job for yourself by self-hosting. It's a substantial 
bit of effort to stand up any solid mail system, but not really much to 
keep one working well.

> What are DNS  “free limits”?

For details, see the URL provided in the URIBL_BLOCKED rule description: and the 
specific details at the URIBL page linked from there.

> Since CPanel is a shared-hosting setup, is it obvious that I am using 
> a shared DNS server?

I'm unclear on why that would matter or even exactly what you're 
asking... CPanel is used to manage virtual and real dedicated private 
servers and I know in the past it has been possible to manage an 
autonomous DNS server with it, so CPanel doesn't necessarily mean that 
you must use a shared DNS server.

The DNSBL's that work on a free-for-some+big-boys-pay business model 
don't specifically target shared DNS servers per se, they target large 
users and can't readily tell the difference between large single 
organizations and providers of shared DNS resolution. However, there are 
strong incentives beyond DNSBL blocking of shared DNS for any MTA to 
have a caching DNS resolver which is configured with MTA usage in mind 
on the same host or at least on the same LAN. DNS performance can be a 
bottleneck for MTA operation and an MTA should avoid any use of a 
resolver that is actively managed to protect web browsers from 
themselves or mask/mitigate external DNS problems in any way.

View raw message