Re: Every spam is sacred
On Sun, Jun 15, 2003 at 02:17:23PM +0200, Santiago Vila wrote:
> Read a previous message by Duncan Findlay. He said that 39.2668% of
> all the spam might be blocked by using the DSBL, but doing that you
> would block 0.0185% of ham.
I just ran a quick test on my current email folders. At the moment I
have very little email stored in my Debian folders (198 messages
actually). I extracted IP addresses of machines connecting to master
or murphy like this:
$ cd path/to/debian/mail
$ find -type f |
while read f ; do
formail -c -x Received < $f
done |
egrep 'by (murphy|master).debian.org' |
perl -lne '/\[([0-9.]+)\]/ && print join(".", reverse (split /\./, $1))' |
sort -n -u |
grep -v '1\.0\.0\.127'
That outputs 103 IP addresses. Adding
perl -pe 's/$/.list.dsbl.org/' |
while read s ; do host $s ; done
to that command I get a match for 175.90.65.4.list.dsbl.org
Searching for the matchin message I get:
Subject: Someone for you.
Message-Id: <hgsagnqxna@mails.ch>
X-Spam-Status: No, hits=3.5 required=5.0
tests=HTML_30_40,HTML_MESSAGE,MIME_HTML_ONLY,REMOVE_PAGE,X_LOOP,
X_MAILING_LIST
version=2.55
I'm sure I don't have to show you the email to convince you that it's
spam. Looking at my spam folder, I can extract 203 unique IP addresses
(311 received emails) out of which 71 are *not* listed by
list.dsbl.org. I call that impressive.
Feel free to come up with your own numbers using your own received
email.
Now the question again: why does debian-admin and/or listmaster oppose
to running this in warning mode? That'd be a much more accurate
statistic since post-facto I can't tell if the IPs were added after
observing the spam I'm testing with now, or if they were already
present at the moment of reception.
Marcelo
Reply to: