With my new server, I switched from sendmail to postfix. I also upgraded spamassassin.
The spam count dropped quite a bit, but I was still getting a heck of a lot of it.
Then my friend Bil told me I should be greylisting.
Greylisting is a pretty simple concept. When an email server contacts my server to deliver an email, my server tells it that it is busy and to come back later. It then stores the email information in a database and waits for the originating server to come back.
If the server comes back again, the database gets updated and then the mail is accepted.
The trick is that most spamming engines are fire-and-forget. If they get told to come back later, they don’t bother.
So I setup SQLGrey on my server.
Ho-ly Shit!
The spam has dropped to almost zero. Before I switched to my new server I was getting between 50 and 100 spam messages a day.
Now with the new server and using greylisting, I get maybe 5 a day. And spamassassin is catching 99% of the ones that make it though.
I also installed the sgwi web interface to SQLGrey that lets me look into the database. There are currently around 1100 emails that are waiting for the originating server to make a second attempt. Of those 1100 – 100% of them are obviously junk!
It’s a beautiful thing.