Re: About spam in the list archive

[MJ Ray <mjr@phonecoop.coop>]

Raphael Geissert <atomo64+debian@gmail.com> wrote:
> I administer some servers with customers and these are some of the facts
> I've found:
> * Many spam emails do not comply with the specs
>    Meaning: enforcing the RFC's when receiving emails could block some spam

I agree entirely.  Also, Exim's acl's seem to allow a flexible
score-based way to set these things up.  If the sender matches an RBL,
you add a bit to the score; if it botches its HELO, add a bit to the
score and so on.  After dealing with the obvious failures and passes,
you can take stuff in the "grey area" and behave a bit oddly, such as
slower responses, and see if that makes the remote end breach
protocol.  Many spammers will breach protocol if you do anything even
a little unusual and I'm happy to reject the email then.

Last time I checked, I was rejecting well over 50% of send attempts
even before they reached the expensive content checks and I'm pretty
confident that they were junk.  I should document my setup soon...

Regards,
-- 
MJ Ray http://mjr.towers.org.uk/email.html tel:+44-844-4437-237 -
Webmaster-developer, statistician, sysadmin, online shop builder,
consumer and workers co-operative member http://www.ttllp.co.uk/ -
Writing on koha, debian, sat TV, Kewstoke http://mjr.towers.org.uk/