[BALUG-Admin] much better now: Re: /var space issues on balug VM, almost certainly from Internet miscreants & their bots

Rick Moen rick@linuxmafia.com
Mon Apr 26 17:46:26 UTC 2021


Quoting Michael Paoli (Michael.Paoli@cal.berkeley.edu):

> So, yeah, drain bamaged anti-spam ... I recall many moons ago, Rick Moen
> sent an email which had a http or https url which ended in
> linuxmafia.com ... probably just https://linuxmafia.com
> Well, silly rules in eximconfig would look at that and essentially says,
> oh my gosh, that's a URL to a .COM executable file, must protect those
> happless Microsoft Windows/DOS users from that, and can't allow that
> thorough, it's probably some malware binary anyway.
> Well, anyway, at this point shouldn't be getting tripped up by stuff
> like that.

Well, what can I say?  EximConfig (no longer maintained and too crufty
to even be a reasonable point of departure, any more) was in its heyday
a large and varied grab-bag of Exim and other rulesets that were
aggressive and effective with low system load -- and pioneered
innovative spam-evading techniques such as SMTP callouts/callbacks to
the delivering IP during the SMTP conversation to check RFC compliance.

It was always the case, however, that occasionally you would find that
some of the ruleset entries were overaggressive and unwise, so you would
comment those few out as you found them.

Pretty soon, I'm going to pick your brain on some parts of modern Postfix
antispam setup -- assuming you're current on that.  I'm fond of exim4,
but am thinking it might finally be the right time to bail.  Not decided 
on that.  I might instead pick your brain on some parts of modern exim4 
antispam setup.





More information about the BALUG-Admin mailing list