I woke up this morning to about 50 spam emails and some notifications from my host that my CPU usage was about 200% over the past four hours. Turns out
spamd was going mental. Not sure what caused it but it seems to be working again after I restarted it.
One of the worst things about running your own mail server is spam. I don't much about how to do it properly. I have SpamAssassin running, I tweaked the settings and trained it well, and it works OK. Of 8,000 spams in the past week or two, I think only two made it through to my inbox. But I keep thinking there must be a better way.
For a while I tried greylisting. Greylisting means you pseudo-bounce every email you get, and force the mail server to resend it. Once it's resent, that server is added to a whitelist. The idea is that spam servers won't bother resending and genuine mail servers will.
I ran this way via Postgrey for a couple months. The good thing is that it works pretty much as advertised. I went from hundreds of spam emails per day, to fewer than a dozen. SpamAssassin caught all of those dozen and I never saw them. It was nice.
The problem with this, however, is twofold.
All mail from people you've never heard from before is delayed 5-10 minutes. This is very annoying in certain circumstances, e.g. registering for an account at a new message board or buying something from an online store you never used before. I'd rather like to see the receipt or user registration right away. So to get around this I had to go add them to a whitelist on the server every time, which was ridiculous.
Not all genuine mail servers bother resending after the temporary bounce, so you lose mail. You need only look in
/etc/postgrey/whitelist_clientsand see the enormous list of mail servers that Postgrey knows NOT to greylist, to be scared into never using Postgrey again. This includes yahoo.com, ebay.com, a bunch of airlines, and so on. The list goes back to 2005 and obviously is an incomplete list, since it only includes servers that people reported having problems with. I had to add gmail.com to it myself to avoid losing mail from my wife (domains that use large pools of mail servers will always be greylisted, it seems).
Losing mail is the reason I stopped using Postgrey. So I'm back to SpamAssassin alone and dealing with an occasional spam or two, while my spam inbox balloons.