Re: SPAM fiiltering - spam breakdown
hi ya jesus
On Fri, 1 Nov 2002, Jesus Climent wrote:
>
> From my experience i would say: Do not use RBLs to reject mail, but to
> tag it.
a good reason against rbl's
http://www.ifn.net/rblstory.htm
and i agree... and i also disagree
if i was gonna tagg an email ( spam ) for later processing ...
i might as well have spent the 1 second to check it the first
time and hit the "D" key ... instead of looking at that email twice
- spam is counter productive for many reasons..
- for personal stuff ... everything is spam... unless i
explicitly allow it
- for work stuff ... dont know who or where email will come from
it is spam if it meets the following rules
- my "spam" rules/definition ...
Deny access from all open relays
use Global RBLs and localized RBLs
Reject all emails from servers with bad/missing reverse DNS
Reject all emails from fake users
Reject all emails addressed to non-existent users on your server
Reject all emails with bad/malformed/faked headers
Reject all emails with bad/malformed/faked mesgID
Reject all emails with missing/bad subject lines
Reject all emails from known "spam generating software"
last .. kill those "properly addressed emails" that are still spam
Reject all emails with "spam content" - not easy to do
== notice ... most of the above is just properly configured boxes
== and not even counting words or sequences of words yet in
== the body of the message
-
- checking the status of the 2100 spams received at just 1 email address
- in October
i was curious of the breakdown of the anti-spam filter...
--->> - about 1000 have bad message_id <<<--- notice !!
- about 250 have bad reverse dns
- about 250 trip over check_eoh ( header errors including rbls )
- about 100 using known spamware
- about 100 sending email requiring license for those activities
- about 100 relaying denied ( not a real spam )
- about 50 to unknown recepients
....
-- worrying about rbls is NOT a major issue
- and yes... i depend on 3rd party software to determine if its spam
sendmail is my choice of mta
- rbls since i do NOT want to make my own access list
- and for those that do make it thru that is not in any RBLs yet
i deny it in my list wheni get around to it
- 3rd party software works great ... when used properly???
c ya
alvin
Reply to: