Re: Spamassasin over RBL, was Re: rblsmtpd -t?
On Thu, May 02, 2002 at 06:52:33PM +1000, Jason Lim wrote:
> Well, they are not exactly comparable, as the rule-based Spamassassin
> does things based on "keywords and "keyphrases" and that kind of
> thing, while RBLs do things based on actual spam activity. In my view,
> the collateral damage of using Spamassassin's rule based blocks is too
> great.
your view isn't based on much experience, then.
i've been using and developing anti-spam systems for years. in my view,
spamassassin is probably the best thing since sliced bread - it does an
EXCELLENT job of identifying spam using a scoring system based on
detecting patterns seen in many spams over the years. if the score gets
too high (user configurable) then it is flagged as spam. what happens
to it then is up to the user's delivery filter (or up to the system if
there's a system-wide filter).
this causes far less collateral damage than even decently run RBLs like
osirusoft and ordb.
> The only RBL a business should really use is the Spamcop.net RBL,
> because is blocks only when actual spam occurs, and not just blocks
> "all of Asia" as some other RBLs do. I'm not going to get into the
> whole RBL comparison thing, but just wanted to point out the
> "collateral damage" point.
actually, spamcop is about the worst RBL anyone could use if they wanted
to avoid collateral damage.
spamcop's automation sucks. all it takes for a postmaster to get
mailbombed by spamcop is for some cretin to send in a spam complaint
because they're too stupid to figure out how to unsubscribe from a
mailing list they voluntarily subscribed to. btw, that would be
confirmed opt-in subscription because ALL of the lists i run for
customers require subscription confirmation...the list software has been
hacked so that it isn't an option, it's mandatory.
or because they're too stupid to realise that a certain mail server is
forwarding spam to them BECAUSE they used to have an account on the
system and the alias or .forward file that they asked for is still
working as requested. yes, this DOES happen - the last one of these i
got was today (and that wasn't even about a mail server i have any
control over...not that there was a problem with it, it was a
well-maintained postfix server which certainly was NOT an open relay).
these aren't even the stupidest examples of spamcop's lameness.
that's all it takes to get listed in their RBL too.
i've seen these and many other stupid complaints from spamcop over the
years. i am so sick of getting bullshit reports from spamcop that i've
been on the verge of adding spamcop's domains & servers to my own block
lists on dozens of occasions over the years....the only thing that
stopped me is the fact that their intentions are basically good even if
their method is idiotic.
i wouldn't use their RBL even for testing purposes, let alone on a live
server...and certainly not when collateral damage (i.e. false-positive
rejections) was unaceptable.
craig
--
craig sanders <cas@taz.net.au>
Fabricati Diem, PVNC.
-- motto of the Ankh-Morpork City Watch
--
To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: