RE: [Declude.JunkMail] Understanding Return Codes

[Andy Schmidt]

Title: Message

>> ISP mail servers that get used by spammers <<   Uhuh - so?  Which ISP is permitting/tolerating/mis-configuring their servers to be abused in that way?   I have seen very FEW spammers that MX mail from their "own" mail servers (as they would be shut down and/or blocked too easily). Nearly everyone is using proxies, open relays or otherwise hi-jacked machines - and the smaller once use consumer broadband accounts. Best Regards Andy Schmidt H&M Systems Software, Inc. 600 East Crescent Avenue, Suite 203 Upper Saddle River, NJ 07458-1846 Phone:  +1 201 934-3414 x20 (Business) Fax:    +1 201 934-9206 http://www.HM-Software.com/ -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Colbeck, Andrew Sent: Wednesday, September 24, 2003 12:47 PM To: '[EMAIL PROTECTED]' Subject: RE: [Declude.JunkMail] Understanding Return Codes (sigh) Again I'm the voice of dissent... I find that CBL merits no higher than a weight of 5 out of my HOLD weight of 20.  I find that it includes a lot of ISP mail servers that get used by spammers.  They do seem to work at removing them, but meanwhile, it's throwing the baby out with the bath water.  I'm sure glad that Declude gives me a weighted system to work with.   Andrew 8) -----Original Message----- From: Matthew Bramble [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 23, 2003 9:23 PM To: [EMAIL PROTECTED] Subject: Re: [Declude.JunkMail] Understanding Return Codes Maybe it was just down on the day I tested it... I like pure spamtrap RBL's because clean ones have no false positives.  CBL is a good one to add if you haven't checked it out, and it produces a lot of hits (with no FP's in a week of monitoring). Bill Landry wrote: ----- Original Message ----- From: "Matthew Bramble" <[EMAIL PROTECTED]> Maybe other "unlisted" entries reflect similar circumstances (not available under normal circumstances)? All of the DNSBLs (ip4r) and RHSBLs listed on the Declude spam databases site (http://www.declude.com/Junkmail/support/ip4r.htm) are publicly accessible, unless it has been noted otherwise in the comments (e.g., MAPS tests). The "SBBL" spam database can be access by using: SBBL ip4r sbbl.they.com * 3 0 So far today I have flagged over 900 messages as spam using the SBBL test. Bill