Re: SPAM fiiltering - spam breakdown

Fri, 01 Nov 2002 02:10:39 -0800 

hi ya jesus


On Fri, 1 Nov 2002, Jesus Climent wrote:

> 
> From my experience i would say: Do not use RBLs to reject mail, but to
> tag it.

a good reason against rbl's
        http://www.ifn.net/rblstory.htm

and i agree...  and i also disagree


if  i was gonna tagg an email ( spam ) for later processing ...
i might as well have spent the 1 second to check it the first
time and hit the "D" key  ... instead of looking at that email twice

- spam is counter productive for many reasons..

- for personal stuff ... everything is spam... unless i
  explicitly allow it 

- for work stuff ... dont know who or where email will come from
  it is spam if it meets the following rules

  - my "spam" rules/definition ...

       Deny access from all open relays 
       use Global RBLs and localized RBLs
       Reject all emails from servers with bad/missing reverse DNS 
       Reject all emails from fake users
       Reject all emails addressed to non-existent users on your server 
       Reject all emails with bad/malformed/faked headers 
       Reject all emails with bad/malformed/faked mesgID  
       Reject all emails with missing/bad subject lines 
       Reject all emails from known "spam generating software" 

       last .. kill those "properly addressed emails" that are still spam 
       Reject all emails with "spam content" - not easy to do 

        == notice ... most of the above is just properly configured boxes
        == and not even counting words or sequences of words yet in
        == the body of the message

-
- checking the status of the 2100 spams received at just 1 email address
- in October
        i was curious of the breakdown of the anti-spam filter...

--->>   - about 1000 have bad message_id <<<--- notice !!

        - about 250 have bad reverse dns
        - about 250 trip over check_eoh ( header errors including rbls )
        - about 100 using known spamware
        - about 100 sending email requiring license for those activities
        - about 100 relaying denied ( not a real spam )
        - about  50 to unknown recepients
        ....


        -- worrying about rbls is NOT a major issue

- and yes... i depend on 3rd party software to determine if its spam
        sendmail is my choice of mta
        - rbls since i do NOT want to make my own access list

        - and for those that do make it thru that is not in any RBLs yet
          i deny it in my list wheni get around to it

- 3rd party software works great ... when used properly???

c ya
alvin


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to