also sprach dman <dsh8290@rit.edu> [2002.01.06.2015 +0100]:
> > the exim setup proposed it surely interesting as it allows SMTP
> > level filtering, but you can only really do this on a single-user
> > system. after some experience with anti-spam filtering, i have
> > decided that system-wide filtering isn't adequate if you have a
> > number of users, it should be user-based (spamassassin or
> > spambouncer). you just can't trust your users enough to have
> > direct influence on the way the MTA works. and you can't impose
> > your anti-spam rules on others.
>
> The setup I posted (same thread level as martin's post) does it's
> filtering by checking the user's blacklist. Each user can have their
> own (but it is not an error if they don't). (It must be readable by
> the mail group, though)
yeah, but if i as a user decide that noone on the system should get any
more mail from someone@microsoft.com, i'll add that address to my
blacklist and effectively DoS'd all other users...
> > aside, filtering on the sender address doesn't usually help...
> > spammers don't reuse addresses...
>
> Some do. The constant spammers on the gadfly list (hosted by
> yahoogroups) do, which is what prompted me to actually implement a
> mechanism that has morphed into what I posted. For example there are
> several addresses @*.pm0.net that are repeated spammers. I think the
> whole pm0.net site is just a commercially availble spam relay.
my point was more that this is far from a universal solution... it's
nice though. but you probably need some content filtering on top.
spamassassin is nice, i am checking (and packaging) spambouncer these
days...
--
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
"if beethoven's seventh symphony
is not by some means abridged,
it will soon fall into disuse."
-- philip hale, boston music critic, 1837
Attachment:
pgpxXOjDLVcRW.pgp
Description: PGP signature