I had originally written this for my personal blog and reposting here with some updates.

Wow, there are a lot of bad documentation links out there on the interTRON.

For the $ayjob, I have been battling spam for quite some time and continue to look for new ways to put a stop to this abuse. The hard part? One persons spam is another persons legit email, it is so completely difficult to do something that makes everyone happy.

What can be done to make everyone happy? Nothing, unfortunately.

There are many things that can be done, most of which require per user training to become completely effective and create the largest amount of happiness in terms of ‘customers who are happy with the solution’.

But..and you knew there was a ‘but’ coming…

Most users do not want to train! They just want the junk mail stopped in its tracks, never making it to the INBOX or a JUNK folder.  The ISP or email provider should be able to figure all of this out!

How do you build the all encompassing antispam policy that makes everyone happy? I am beginning to think that the answer is ‘you do not‘. I don’t like that answer at all.

How do you do this, then? That is the question that has been plaguing me for years and this question, so far, has no definitive answer.

We have antivirus that is accurate, we have URI scanners that can pick out a bad site out of a ton of random gibberish, but 100% accurate spam determination seems to be the unattainable holy grail.

IP reputation systems…this could be the new killer antispam act.  I am still researching.

I am considering doing a series of posts that discuss using Postfix with many different configurations that can be quite effective at stopping spam, building up the complexity of the system for more and more user configurable components.  I had posted this on my personal blog before and never followed up on it.  This time I’ll do better.

Some good sites: