Luckily the my server both don’t need much attention. From time to time I need to run some security updates. That is mostly it. The only part that I check more frequently is my mail server setup. In the last months the amount of spam being successfully delivered to my inbox increased drastically. Time to something about it.

So I reviewd my mail system settings. Until lately I ran a pretty standard mix of Postfix, Dovecot and Amavis-New with Spamassassin and ClamAV. All communication is TLS protected if both partners can do so and outgoing mails are DKIM signed. On top I use Postscreen to check via DNSBL if the sender is malicious.

First step was to increase the hit rate of Postscreen. Beside the standard Black- and Whitelists I used some that are listed at Intra2Net Blacklist Monitor. Beside Spamhaus.org, Mailspike.net and Manitu.net I chose Uceprotect.net, Abuseat.org and DCC-Servers.net. This improved the situation drastically.

postscreen_dnsbl_sites =
[...]
  bl.mailspike.net=127.0.0.2*10
[...]
  ix.dnsbl.manitu.net*2
[...]
  ubl.unsubscore.com*2
  dnsbl-1.uceprotect.net*2
  cbl.abuseat.org*2
  dcc1.dcc-servers.net*2