Summary: mail server changes, Jan 2007

[This replaces a few earlier posts, as well as a message sent to local users mailboxes]

Several mail server changes this weekend.

SpamAssassin, our spam filter, has been upgraded. Lots of new rules added. 2000+ rules now being checked (at some cost, too - 0.6 to 0.8 CPU seconds for every 1 message). Due to the cost of such rules, we do lots of other things to slow things down before it reaches the spam filtering step. A reminder, you can tweak spam filter scores at mail.gigo.com.

Greylisting. While this is not new, there is a slight behavior change. Previously, the first time a sender contacted a recipient from a distinct IP addres, we would tell them “try later”. Legitimate servers do that, usually 10-20 minutes later. We’re only introducing this delay for “new” connections. Reminder, if you don’t like greylisting, send me email, and I’ll put in a pattern to bypass your mail. (We have been greylisting for 2 years now..).

The actual change to the behavior is thus: If the mail goes to our primary receiver first, then to our backup mail receiver, we’ll accept it on the spot. That means the mail application is in general following the rules. We’ll reward this by not delaying it any further. (This may increase the spam some, for spam applications that actually follow the rules).

Secondary mail receiver: A second mail receiver is now running. This is running on the same host, and the purpose really is to act as a decoy to the spammers that go after secondary mail receivers. If we don’t recognize the sender+recipient+host combination, we’ll simply say “try later”. Legitimate servers will retry the primary later. Hit and run spammers that try only back up mail receivers when found, will hopefully be decoyed.

Attachments: Spam includes trojans and virii. We are now blocking many types of ‘executable’ attachments. We are still allowing zip files, image files, and the like. Config files can be perused if you wish at pcre.jimsun.header_checks.txt and pcre.jimsun.body_checks.tx. Regretfully this can only be applied globally (or not) - a few of you who are whitelisted on spam filters is still having this filter applied.

Messages with such attachments will be refused. Legitimately sent mail by people you know with these attachments should still notify them (the sending mail server however is responsible for that).

ZIP files are still allowed. However, they are not 100% safe. Do you have antivirus software installed? Why not? Espcecially those of you running any version of Windows..

[permalink] · Announcements ·