Challenge Response Spam Blocker


#1

Does anyone have any luck using any challenge response spam solutions with Dreamhost? Any ever try ChoiceMail? Help!!


#2

I personally don’t recommend using such a service (see some past threads on the forum for some reasons I don’t encourage c/r systems)[1]. We’re unlikely to implement such a system for our customers, though there are some third party systems which may work for you.

If you’re really sure you want to do a c/r type thing, TMDA is by far the best system to use from what I’ve heard. I believe a few people have gotten it to work on our servers, despite the fact that we don’t currently support user+foo style addressing within our MTA.

[1] Here’s at least one such post; the rest of this thread may have some useful stuff too:
http://discussion.dreamhost.com/showthreaded.pl?Cat=&Board=forum_offtopic&Number=7009&Search=true&Forum=All_Forums&Words=tmda&Match=Entire Phrase&Searchpage=0&Limit=25&Old=allposts&Main=6825


#3

I would still like to see it as a supported option on selected email addresses, even if Will doesn’t think it is a good idea.

Go vote for it in the new features survey.

Zilch.


#4

Would DreamHost be willing to enable the recipient_delimiter setting for Postfix and let those users install TMDA themselves who wish to do so? Without getting into a debate on what is and what isn’t the proper way to combat SPAM, TMDA is the right thing for at least one of my email addresses at the moment.

I dearly love DreamHost and I would be very reluctant to leave, but the lack of foo+bar@domain support is becoming a surprisingly vital issue to me… and it would cost you virtually nothing to tweak this setting once you make sure it doesn’t break anything.

Please. :slight_smile:

Zell


#5

I think this has been mentioned in earlier posts here.

  1. recipient_delimiter doesn’t work with virtual domains in Postfix v1. We should be upgrading the mail machines to Postfix v2 within the next few months, and at that point, we’re likely to set recipient_delimiter to something (probably “+”). I have tested it with Postfix v2, and it works fine.

It would work for user+foo@machine.dreamhost.com (if it were set, which I don’t think it is currently), but we don’t encourage people to send mail from "user@machine.dreamhost.com", since individual machines may come and go.

  1. I am pretty sure that some people have gotten TMDA to work entirely within procmail, so it’s /possible/ to get TMDA working right now.

#6

I’d be curious how the procmail solution would work. TMDA could be invoked that way as a black/whitelist, but everything that’s response-based uses delimited tagging.

That said, I’m hardly an expert. I can wait a few months for the upgrade. Many thanks for your prompt response!

Zell


#7

I believe the only way to do it would be with a catchall, which obviously presents its own set of problems. Check the “archives” here for TMDA - I think there was someone who got it working successfully - you could maybe contact them.


#8

The idea of a catchall was so beautifully ugly that I had to try it. It does indeed work just fine. To save time for anybody else who searches these forums, I suggest:

http://mla.libertine.org/tmda-users/2003-03/msg00030.html

which contains an unpolished but basically functional Python script to parse the recipient address and construct some fake environment headers for .procmailrc to extract and send along to TMDA.