>> This is one of the reasons I don't use any RBL for my spam checker. I >> wrote it myself and let me tell you that while it takes a few moments to >> review some of the subjects, my success rate is 100% blocked with the >> only mistakes coming from people who send mail without a subject. (red >> flagged, not deleted, but sometimes deleted by the human eye process.) > > You've got a lot more time on your hands than me, apparently =) Actually, I don't. The anti-spam package I wrote is about 3 years old and based heavily on proper headers and regex patterns in subjects. Alone, it will remove at least 75% of spam while labeling another 23% (or more) as possible spam with different ratings. This, combined with a few extra rules is what keeps the lists safe even from spam that comes from a forged address. If I had time I'd add in the large site (LS) module which will set some specific sites (google, paypal, ebay, amazon) and their expected received domains, message-id domains and the like. If a message comes in that is not from an expected domain in the received or message-id, then it's trashed. If it looks legal, it'll check a table of expected IPs. If it's not there (an extreme case), then it'll do a fast ip lookup. I'd say 95%+ of the spam that says its from these domains will die in the first check easily. The few that forge the proper received and message-id will die in IP lookup. exceptionally few will hit the third test. It's a simple module and rather foolproof. As LS mail is always coming from a proper location, it'll really reduce phishing attacks.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:232871 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
