Ok, I got sick of the spam, changed the mailer back

About a month ago, I altered our SMTP daemon to not be so picky about mail. Previous to this, I had turned on and tweaked many anti-spam things. One of my favorites so far has been spf.

Turns out, that lots of mailers are incorrectly configured. That is being generous. Lots of mailers are on the internet, and not complying with RFCs, which makes it real hard to distinguish spam sources from real mailers.

We implement spam filtering as a deep tagging pipeline. Long story, it just makes being able to handle inbound mail bombing much easier. We have had our share of these. Recently, someone tried knocking us over with a little mail bomb.

mail graph showing 100k rejected mails in a short window

Well, I am finally sick of continuously tuning the pipeline, and updating the various filters. We have email targets to analyze mails for spam content, and normal content (if it was mis identified as spam). But these filters aren’t as effectual when the content are images. But all of the other checks, you know, the ones that cause broken mailers to exhibit their broken-ness, do work.

So I put all the filters back into place. I’ll whitelist the customers who have broken mailers (a number of them, all running MS Exchange … go figure).

But enough is enough.

[update] I should point out that our mail pipeline runs on a JackRabbit. As do our websites. This means, until we get a 10GbE line in, I am not worried about the amount of mail that can be pushed through our box. Our network connection to the outside world is the slow link here, but you’d have to work pretty hard to fill it up. The are off by more than an order of magnitude.

Viewed 7556 times by 1554 viewers