Go for it. It's a fast UI for end users but it goes directly to the tool. http://www.houseoffusion.com/spam/pop.cfm
> Michael; > I can't wait to test it! :-) > > Doug > > ====================================== > Stop spam on your domain, use our gateway! > For hosting solutions http://www.clickdoug.com > ISP rated: http://www.forta.com/cf/isp/isp.cfm?isp_id=772 > ====================================== > If you are not satisfied with my service, my job isn't done! > > ----- Original Message ----- > From: "Michael Dinowitz" <[EMAIL PROTECTED]> > To: "CF-Community" <[EMAIL PROTECTED]> > Sent: Thursday, June 12, 2003 6:57 PM > Subject: Re: iMS CFUG Edition > > > | I feel that banning an IP or domain is a last resort type thing. It is a total > | failure in communications and should only be done as a last resort. This is > why > | I don't use outside RBLs or the like. If someone is going to be banned, I have > | to be sure the reason is good. The process I take may be a long one, but it > | results in a sure ban. > | Every spam message I get results in a message to the TRUE domain the spam came > | from. In many cases I have to hunt down the true domain and in some I can't > find > | them. In a few cases I've got personal messages telling me that the account > has > | been closed or the relay fixed. In most I get an automatic response which I > | ignore. In a few I get error messages telling me that one or the other account > | is not in existence and I basically take it on trust that it'll be looked at. > | When I get a message of both accounts being non-existent, that's when I start > | doing more investigations. In a very few cases this results in a banning. In > | most it does not. It takes more time, but it's better to be sure. > | Anyway, I rely on the pattern machine a lot more than any banned list. :) > | As for links within a spam message, I ignore them. I've been sent spamcop > | messages because a site I was working with was in a message wrongly flagged as > | spam. I'm against draconian rules like they have. > | > | The point of all this is to be very light on the admin side, totally self > | contained and very processor light. The rules I have now are ONLY for the > | headers of the message. If you put in body scan rules as well, then you'll get > | almost 100%. All that's needed is 1 person generating proper rules for all and > | then an admin just to look over the spam subjects/results. I've got an admin > for > | myself that allows me to look at 20 spam messages at a time, show why its > spam, > | what the subject/to/from was and allows me to do something with it. One step > | operation to process the spam and email the spamming domains. Not perfect yet, > | but.... > | Ah, if only I trusted the other spam fighting tools to do the job I wanted. :) > | > | > | > If I understand that correctly, that is pretty arcane, especially if the > | domain > | > is either spoofed or "joe-jobbed" which would put them in an innocent > | bystander > | > category. Operating against the IP number, while not always perfect, is > more > | > perfect that using a domain name. > | > > | > However, there is something else to consider too, and that is reporting the > | > spamvertised web sites, which requires deobfuscating the URL encoding that > | some > | > of the more clueless spammers do. > | > > | > I also have found that most of the open relay/open proxy block lists only > | > actually offer a partial listing of actual relays. This is the reason that > | for > | > a blocker to be effective, one must choose several from a long list of > | databases > | > in order to do the job you want to do. Most of them allow access at no > | charge. > | > some are self-updating, and others never update and consequently get > stricter > | > and stricter, which is not a good thing. > | > > | > Now, filtering rules, are something else again, and that is a good thing to > | > spend effort on, to score the subject and content, and when a threshold is > | > reached the mail is isolated. The open relay stuff is checked first, and if > | an > | > IP appears on one of them then that mail is not even allowed a connection. > | For > | > rules to apply, the email must be downloaded to apply the rules, and once > | > downloaded, either dumped into dev/null (deleted) or routed to a spam > folder. > | > for periodic review to guard against false positives. > | > > | > I have been involved in anti-spamming for several years, and I recognize the > | > yeoman's job you are doing to create a workable application, and hopefully > | will > | > not require a heavy administrative burden for the user. > | > > | > The one good thing that can come from the occasional good email that has > been > | > blocked is the pressure the ISP's customer can directly apply to them to > | rigidly > | > enforce their Terms of Service. The most effective tool for reducing the > | > endless spew of spam will be when the ISP can no longer make a profit by > | either > | > hosting it or allowing it to pass through their systems at the expense of > | losing > | > their regular customers. > | > > | > My experience is that the smaller, regional service providers are the most > | > responsive to spam complaints and are pretty quick about terminating > accounts, > | > whereas the larger providers are so swamped with complaints, they are, for > the > | > most part, unresponsive. Another problem is misconfigured mail servers that > | are > | > operating as open relays, mostly off shore, that do not follow the RFC's > which > | > require them to report accurately the origin of email transiting their > | servers. > | > The cause may be that so much software overseas is pirated, it is not kept > up > | to > | > date, but I am only guessing here. The result in those cases is that one > can > | > never trace all the way back to the origin the source of the spam. > | > > | > > | > ====================================== > | > Stop spam on your domain, use our gateway! > | > For hosting solutions http://www.clickdoug.com > | > ISP rated: http://www.forta.com/cf/isp/isp.cfm?isp_id=772 > | > ====================================== > | > If you are not satisfied with my service, my job isn't done! > | > > | > ----- Original Message ----- > | > From: "Michael Dinowitz" <[EMAIL PROTECTED]> > | > To: "CF-Community" <[EMAIL PROTECTED]> > | > Sent: Thursday, June 12, 2003 5:41 PM > | > Subject: Re: iMS CFUG Edition > | > > | > > | > | As a side note, this is one of the reasons for banning a domain. When I > get > | > spam > | > | from a domain I email both their postmaster and abuse accounts. When I get > | an > | > | email like this, the domain gets flagged as needing a once over. If, after > a > | > | once over, I can't get any response from them (even a recorded message), > | then > | > | it's banned. > | > | This place happens to be a substance abuse center. I'll then go into the > | spam > | > | message to see if they were sending it or if they have an open relay. If > | they > | > | sent it, then they're spammers and are blocked. If it's a relay, I'll try > to > | > | hunt down their admin to report it. > | > | > | > | <[EMAIL PROTECTED]>: host posti.a-klinikka.fi[193.64.139.107] said: 550 > | > 5.7.1 > | > | Unable to relay for [EMAIL PROTECTED] > | > | > | > | <[EMAIL PROTECTED]>: host posti.a-klinikka.fi[193.64.139.107] said: > | 550 > | > | 5.7.1 Unable to relay for [EMAIL PROTECTED] > | > | > | > | > | > > | > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=5 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=5 Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5
