It’s been a busy week for cock.li.
Policyd and Outgoing E-mail Limits
Policyd is a daemon that serves to impose limits on incoming and outgoing E-mail. I had enabled this in the past, but due to a bug, every E-mail was being delayed by 1-3 seconds. This basically broke the mailing list, because a single post could take between 3 and 9 minutes to send and show in peoples’ mail clients. When this event happened with the spammers, though, I decided to enable it and ask the mailing list’s patience while I try to fix it.
It turns out the issue was fixed in a later version of policyd (which cbpolicyd –help told me I was running, but rpm -qa said otherwise). Fixing this means that the mailing list and policyd can coexist peacefully. This also means that cock.li now enforces outgoing mail limits. I’ve set the limits high enough that normal users™ likely won’t hit the limit, but low enough to hopefully deter spammers from abusing the service. If you ever hit this limit you can send me an E-mail (which bypasses the quotas) asking for it to be increased, and I’ll gladly increase it for you.
Spamhaus ZEN Spam Filtering
SpamAssassin was disabled a while back for delaying E-mail all of the sudden, and I didn’t have time to troubleshoot it. It never got re-enabled, and I’ve decided to take a different approach to filtering spam. Cock.li now queries the Spamhaus ZEN blocklist to determine if an E-mail came from a known-spamming IP address. All spam I seem to be getting personally seems to be coming from IPs blocked by ZEN, so I figure it’s worth a shot. Unlike spamassassin, this will block the message from reaching the user’s inbox. The check is based only on the IP address the E-mail is coming from, so you shouldn’t have to worry about E-mail disappearing randomly. E-mails will also be rejected with a message confirming it was rejected because they’re listed in ZEN, so there shouldn’t be any confusion on the sender’s end, either.
Please forward any spam you receive to me. I will look into it, see if there’s a popular blocklist that would have caught this before getting to your inbox, and add it if it’s worth it.
New Backup MX Server
I recently ordered am in the process of configuring a backup MX server for cock.li. This means that in the event of downtime, due to my own idiocy or DDoS, mails will be delivered to the backup MX server, and forwarded once the main mail server is accessible again. That is the only function of this server, and does not maintain a backup of any email once it’s been delivered. E-mail servers, when they are unable to deliver a message (soft fail), will typically hold the message and retry a number of times. While this will save most E-mails, some E-mails may be lost, depending on how long the server is down for. The installation of a backup MX server means that a server is always online to accept E-mail (provided both aren’t attacked or otherwise down at the same time). This incurs a $4.07 increase in monthly expenses.