Greg Hewgill (ghewgill) wrote,
Greg Hewgill

another spam filter rendered ineffective

A while ago I turned up as much spam and junk mail protection stuff as I could find in my Postfix configuration. Specifically, I had the following options set:

smtpd_helo_restrictions =

Last week, Amy was contacted by somebody who had tried to send her an email but the email was rejected by my mail server. We hadn't yet got back in touch with him to try to find out what the problem was. I started to pay more attention to my spam rejection logs just in case something was amiss. Today, I noticed that my mail server rejected some sort of newsletter from Google. Upon further investigation, it seems that the Google server that sent the mail was using a HELO name that wasn't resolvable. This condition is checked by Postfix on the reject_unknown_hostname restriction.

I decided that if even Google can't always get it right, then I should probably stop rejecting email for an unresolvable HELO name. So I turned off the three restrictions listed above.

Later today, we got a phone call from the company here in New Zealand who is handling the import of our household goods. Apparently, they had tried to email me earlier but the mail had been bounced back, rejected. I looked through the mail server log and found that they, too, had sent from a server with a misconfigured HELO name (it even ended in .local). The mail had come through on a retry after I had removed the HELO name restriction.

That pretty much does it for that filter. If companies as small as a local goods importer and as big as Google can't get it exactly right, I run the risk of rejecting all kinds of legitimate incoming email. As much as I dislike getting spam, I dislike losing real email even more.

decibel45 keeps telling me I should be using one of those scoring filters that doesn't outright block a message for just one SMTP transactional failure. It might take a while for me to get motivated enough to mess with my Postfix configuration again.

Tags: spam

  • open source at work

    I was doing some quick egosurfing and found that some code I wrote six years ago has been incorporated into the TWiki project. Cool!

  • positive feedback

    It's really cool to get email like this. This is the first feedback that I've got regarding my NOAA Weather Radio feed for the Austin, TX area.…

  • feliĉan naskiĝtagon al mi

    Mi naskiĝtagon ne tro gravas al mi. Ĝi estas nur alia tago, mi ne malfeliĉas se iu ajn malmemoras ĝin. Tamen, mi recevis bonvolojn de mia gepatroj,…

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded