Hacker News new | ask | show | jobs
by finnjohnsen2 4002 days ago
Yea but technical strong people like yourself are always able to handle themselves better in all aspects of computing.

This is why you end up fixing your aunts printer. And why you have a more secure e-mail account than her. And why you can handle backing up your photos.... etc

It's not Google's fault entirely.
1 comments
larrys 4002 days ago
"but technical strong people like yourself"

I like the sound of that. I actually have run my own mail servers since the mid 90's [1] but I am more of a business guy who knows computers than a strong technical guy the way that I see it. I don't use gmail (for anything important I do use it for unimportant things) I don't like the idea of my mail sitting on their servers.

[1] Actually if you include non internet mail dates back to the mid 80's on a Unix system V.

link
finnjohnsen2 4002 days ago
How do you deal with spam when self hosting?
link
larrys 4002 days ago
I don't filter any spam at all.

I have found it helpful and have done deals with people that would normally be considered spammers. Wish I could provide details but let's just say that some people who spam actually are legitimate buyers of certain products or services and respond quite well to reply emails.

How much spam do I get and have to go through? Easily 3000 messages per day. You will have to trust me when I say I have not regretted not doing any filtering in terms of what I do [1]

[1] And no I do not sell a product or service to spammers...

link
kazinator 4002 days ago
I self-host my own mail server, and deal with spam amazingly well. I deal with it so well that I'm able to have "old school" public mailing lists that don't require registration in order to post.

There are various options for dealing with spam, if you're doing it by yourself.

My number one defense is a simple DNS check. SMTP servers that do not have valid and matching forward and reverse DNS are almost always spammers, with very little false positive identification. Spammers almost never have a server whose reverse DNS address is a domain name that resolves back to the same IP. Most of the time when spammers do have such a thing is when they compromise someone else's (e.g. Yahoo or whatever).

After that, it's a few DNS-based checks of black-listing databases.

Then some pieces of custom logic in the Exim configuration.

Of course, SPF: if the apparent sender's domain publishes an SPF record, I check it to see whether the server connecting is authorized to handle mail for that sender.

Finally, I also have scripts that monitor the mail server's log and implement IP banning (like fail2ban but home brewed). For instance, if the server reports suspicious SMTP commands, this will be ferreted out of the log in real-time and turned into an iptables-based ban that stays in effect for some time.

Oh, plus I have geographic banning in effect. Periodically, I download the latest IP netblock list from ARIN and other autonomous systems and block certain parts of the world (e.g. China) from connecting to my port 25.

link
mpnordland 4002 days ago
spamassasin, or like me, dspam.
link