I am using an issue here to discuss the possibility to have a more restrictive _Postfix_ configuration to block spam before it is even looked at by Spamassasin etc.
I recently switched to docker-mailserver and I observed an increase in daily spam mails that actually land in my INBOX. Looking at the diff between the container's postfix configuration I noticed that the container's configuration doesn't impose many restrictions on the sending server. But there are some configurations option which block many typical spam sending server (dynamic IPs etc.) using some more restrictive configurations options as described here: https://www.webstershome.co.uk/2014/04/07/postfix-blocking-spam-enters-server/.
In production I noticed that configurations described as those in the blog post actually the number of spam mails that hit the server and thus don't need to be processed by Spamassasin (and eventually getting in the INBOX).
Does something like that makes sense as a default configuration? I think we could figure out some settings which should work for most mail servers. And optionally this could be made an startup option?
Thanks!
I am using an issue here to discuss the possibility to have a more restrictive _Postfix_ configuration to block spam before it is even looked at by Spamassasin etc.
I recently switched to docker-mailserver and I observed an increase in daily spam mails that actually land in my INBOX. Looking at the diff between the container's postfix configuration I noticed that the container's configuration doesn't impose many restrictions on the sending server. But there are some configurations option which block many typical spam sending server (dynamic IPs etc.) using some more restrictive configurations options as described here: https://www.webstershome.co.uk/2014/04/07/postfix-blocking-spam-enters-server/.
In production I noticed that configurations described as those in the blog post actually the number of spam mails that hit the server and thus don't need to be processed by Spamassasin (and eventually getting in the INBOX).
Does something like that makes sense as a default configuration? I think we could figure out some settings which should work for most mail servers. And optionally this could be made an startup option?
Thanks!