I just wrote what we are currently doing about spam, now I'd like to write about the things I'm considering doing in the future.

Probably the biggest spam we get right now is the random words, with a GIF attachment. I have tried to use the header_checks Postfix rules to block spam with GIF attachments, but I had no luck with that. I'm looking at switching to Postfix 2.3, which has support for milters, and implementing the GIF blocking there. I can't remember the last time I got a legitimate GIF attachment, most legitimate image attachments have been jpegs.

I'd like to move the SpamAssassin and ClamAV checking into a milter, so they happen at SMTP time, and this would eliminate the need for a confirmation message entirely.

We are starting to move our business e-mail, particularly support requests from clients, off onto another mail domain, which we will probably not publish very widely except directly to clients. In that way I hope to basically eliminate spam to that box, where it's most important that we have few false positives and that legitimate mail comes through. However, if the spammers get it, I'll probably consider only allowing white-listed addresses through, and the ability for a user to white-list their address if they are caught.

Our normal per-person addresses, which have been around forever, get a lot of non-support mail as well as a lot of community e-mail and spam. In general, the mail we need to have the fastest response to would be going to the new mail system, which could have fairly specialized anti-spam rules (since messages would mostly be coming from previously known senders). The hardest to filter addresses could be kept separate from the most urgent to respond to. The hardest to filter also don't need to be checked as frequently.

Those are the things we're looking at doing over the next 6 months to further decrease the amount of attention taken away from our clients by the spammers. In general I consider our current systems to be pretty good at blocking spam, but it's a continued battle so we've got some future battle plans. :-)
(Post Reply)