worrbase

spamd on Linux

23 Jun 2013

Somehow, I became a mail administrator for CSH several years ago. I don’t know why I did that to myself.

Regardless, I started deploying a secondary MX earlier this week and I ran into a problem - greylisting.

We use greylisting to greatly reduce the amount of spam amavis needs to process. We used gld on Debian, quite successfully might I add, for the last few years.

Greylisting, in case you don’t know, is a simple technique to reduce the amount of spam you receive. Your mail server responds to any connection from an unknown mail server with a temporary failure, and makes a note of the ip, mail from and rcpt to that the mail server sent.

Now legitimate mail servers, upon seeing a temporary failure, will try again. Many spam mail servers, on the other hand, won’t (why? I don’t fucking know). This is surprisingly successful. There are graphs all over the internet showing the spam reduction, and I’ll leave finding them as an exercise to the reader.

Anyway, back to gld. gld is a simple greylisting daemon (hey, I wonder where the name gld came from…) that’s backed by a postgresql db. That’s fine, but the only solution for managing greylists across multiple MX’s is postgresql replication. That feels a little hacky to me…not to mention that gld seems pretty unmaintained.

So I looked at postgrey, which is a postfix milter that does greylisting. Well, that’s not a great solution because we have even fewer options for greylist replication across MX’s.

Now, I run my own mail server (surprise! @worrbase.com) on OpenBSD using OpenSMTPD and spamd. spamd is the OpenBSD greylisting solution, and it’s by far the best I’ve used.

Features include:

  • all the normal greylisting features (blacklists! whitelists! greylists!)
  • replication
  • it saps spammer’s resources
  • there’s basically no configuration
  • greytrapping
  • the SMTP conversations are hilarious

Well, armed with this knowledge, I ported spamd to Linux. I can’t promise that it’s terribly stable yet, but you’re welcome to test it and file bug reports.

Here’s the github page.

Comments

blog comments powered by Disqus