How to protect against outbound spam?

Hey Guys,
It made a long time since I posted here.

So here is an interesting question for you.

How can you protect against outbound spam filtering.
I saw that a few services like SpamAssassin exist but I don’t know if it filters outgoing spams too or not.

Is there any way to correctly protect against outbound spam? Maybe there is even someone who did it with a clean interface, and some stats?

I am planning to do the following :

Web Server → SMTP Relay (with spam protection) → AWS SES

I wanted to use a service similar to mxroute.io but it doesn’t exist anymore…

Proxmox mail gateway? Never used it but looks interesting.

I’ve used mailchannels - that works well.

You could also just setup the mail server to filter outbound mail via rspamd/spamassassin itself before it even leaves the server.

Mailcow filters outgoing messages via rspamd but it defaults to adding MAILCOW_AUTH (-20) which would affect the score - if you tweaked it so it didn’t add this that could work too.

Damn true forgot that proxmox did that I gonna try that first thanks for your reply @Mr_Tom

1 Like

I’ve just Proxmox Mail Gateway for years, in a small cluster. Works very well indeed, though I must add that I only have like 10 domains going through it.

Mhmm I am not understanding something.

How do I set in the relay server that I accept to send mails to any domains (and to recive the request from any domain). I want rather filter by IP address (to allow an mail) than by domains.

I also quite don’t understand the “Transport” section?

Transport and relay domains are for incoming.

Under “Networks” you add the IPs and networks of servers you want to allow relaying through PMG.
After this, just set your mailserver/webserver to send to pmg.domain.tld:26.
My Postfix looks like this:

relayhost = [smtp.domain.tld]:26

Outgoing is the easy part IMO.
For incoming you need to add the domains under “Relay Domains”.
You can set up a default receiving server under Relaying → Default relay, or you can specify different incoming servers for different domains under “Transport”.
Edit: this has to be done manually AFAIK. There is an API also, but I suck at those things, so never got around to setting up something automagical from Virtualmin, whenever adding domains there. That’s the dream, but for my small setup - and since I control all domains anyway - it works for my needs.

I wish I had an answer that lets you sleep at night. I’m collecting log data to process through AI to alert to any anomalies. I write new rspamd rules every day on my outbound filter server. I monitor a list of senders every hour of every day and continually adjust scripts to ping Pushover if certain criteria is met.

And then, I’ll do it all over again tomorrow. And the next day. And the next. If I rest, they’ll find a way through.

There is no rest unless you pay someone to handle it.

2 Likes

Ah shit hahaha.
Do you plan to offer any smtp relays?

1 Like

I’d like to but I struggle with how I’d effectively manage outbound spam without access to the servers that are sending to the relays. It can be difficult to stop some events without just blocking the whole other server from the relays, depending on the level of security deployed by the sending server.