Aaron Poffenberger

My talk "Fighting Spam at the Frontline: Using DNS, Log Files and Other Tools in the Fight Against Spam" was accepted for BSDCan. I also have a BoF session, "Amateur Radio and SDR (BoF)".

Conference dates are June 8 - 9, 2018.

N.B. Tutorials are the two days before, June 6 - 7.

Fighting Spam at the Frontline: Using DNS, Log Files and Other Tools in the Fight Against Spam

Schedule

I don't know, yet, which day it will be scheduled.

Abstract

After more than 20 years of fighting, the spam problem isn't getting better. Spam has system costs, people costs, and organizational costs. The costs go up the further along the delivery path it progresses. We can't prevent spammers from spamming, but we can prevent much of it from entering our mail handler.

Fighting spam at the frontline (firewall and MTA) is the earliest and cheapest place we can wage the war. Tools and strategies like greylisting (along with whitelisting and blacklisting), and tar-pitting have their place, but are we using them effectively? Is there more we can do?

In this talk we'll look at the various strategies we can take to improve our ability to block spam at the MTA without blocking or delaying (or delaying for long) legitimate senders.

Full description

One of the biggest complaints about greylisting and blocking is impact on legitimate mail. For low-traffic email domains delayed delivery and the odd-lost email might be acceptable. For higher-traffic domains, or those where timely delivery is critical, effective blocking requires a more active, but automatable, approach.

In this talk we'll look at the current state of ip-x-listing (whitelisting, greylisting, and blacklisting), additional tools and strategies we can use to improve the accuracy and effectiveness of our lists, while ensuring timely delivery of email from legitimate senders.

We'll also discuss strategies for keeping groups of mail servers in sync with the latests lists.

Some of the tools and techniques we'll look at:

  • MTA-specific features like postscreen
  • Using SPF records to whitelist well-known senders
  • Using the mail logs to whitelist outbound recipient domains
  • Integrating feedback from SpamAssassin
  • Using log files to identify bad actors
  • Effectiveness of third-party lists

Points to cover

Most of the strategies discussed come from running mail servers on OpenBSD. Most of the strategies will apply to any BSD with a version of pf(4) that supports tables. MTA strategies are based primarily on experience with OpenSMTPD. Many are applicable to any MTA or tools available in the MTA (rspamd, postscreen).

Amateur Radio and SDR (BoF)

Schedule

I don't know, yet, which day the BoF will be scheduled.

Abstract

Amateur radio users and those curious about radio and SDR meet and discuss hardware, software, triumphs and challenges with pursuing the hobby on BSD.

Full description

Come talk all things amateur radio, SDR and porting. We'll have a short presentation about amateur radio and SDR and open the floor to questions, presentations on works-in-progress and hack.