Sorry all, I was posting to the domains list, email defense list is now working, and I'll continue over there.
Kim Begin forwarded message: > From: Kim Phelan <[EMAIL PROTECTED]> > Date: March 9, 2007 4:03:01 PM EST (CA) > To: Chris Scott <[EMAIL PROTECTED]> > Cc: [email protected] > Subject: Re: [domains-gen] Email Defense (or lack thereof) > > Hi All. > I have been absent on the list so far, and I wanted to wade in and > give you guys some updates and some background on where we are at: > > (BTW, I am Kim Phelan, the director of product management, and also > the acting product manager of Email Defense) > > I am sure you have all read Elliot's note about how we got to this > place with Email Defense. > I echo his sentiments, this launch has been a nightmare, and we are > trying to clean up the mess we made as fast as we can. > > A couple of administrative notes before I talk about spam filtering: > 1- All real time updates will be done via status.tucows.com- at > minimum these will be done 2 times a day, more if there are more > updates > 2- If you are seeing a problem, please log a ticket with support, and > the more specific examples the better > 3- Our entire team is working this weekend to fix problems, and to > answer your support requests, and to keep you updated > > Onto some background stuff: > > First off, I wanted to update you with what we do when we filter. We > filter things 3 times: > 1- RBLs- we use RBLs from Spamhaus and augmented by our abuse team > and every message is checked against this list before it is even > accepted by the system- > this stops a boat-load of spammers. We did use RBLs with MXLogic, but > it was not as efficient as this implementation is. > 2- Then, we check standard email format checks- these are things like > "do we get a helo?, is there angled brackets around the sender/ > recipients?, are the domains they are sending from valid ?"etc. This > removes more there. > 3- Then, we filter using our spam filter engine. > > When we were preparing for this launch, we ran side by side MXL, > Mailshell (which is our new filter engine) and Brightmail. Mailshell > did very well. It was on par or better than both those vendors on > average. Now, I say on average, because it's like an arms race, one > day brightmail updates their filters, the next day it's mailshell > etc. The one thing we were really winning at was false positives-- > aka: newsletters that people opted in for. MXL stank at recognizing > that stuff, Mailshell is pretty good at it. > > (side admin note: if you have a missed spam, or a false positive, > please send it, with full headers to [EMAIL PROTECTED] and > they'll make sure it gets fed into the filtering improvement side of > the house) > > Next topic: current issues, the low-down on the open issues, and > where we are at. > > Kim > > > Kim Phelan > Director, Product Management > Tucows Inc. > [EMAIL PROTECTED] > 416-538-5476 > > > > On 8-Mar-07, at 4:13 PM, Chris Scott wrote: > >> Brian Curtis wrote: >>> Hello, >> >> <snip> >> >>> On to the issues I attempted to address with my phone call. >>> >>> 1) We're seeing an increase in UCBE that is bypassing the EDS system >>> altogether. I realize that this is indeed a possibility as one only >>> needs to use the final destination MX record. However, as I >>> mentioned >>> above, we've been using EDS since it's availability from Tucows, and >>> prior to that we were on a test platform directly with MX Logic >>> for at >>> least two months. >> >> Same thing here and also reported by our customers. Even worse is >> that >> they see *less* spam being quarantined than before and are worried >> messages are being lost and/or rejected. >> >> At first, we thought this was due to the migration setting all >> domains >> to deny high likelihood spam. But even after we went through each >> domain and set them to quarantine we're not seeing much change. >> >>> I don't understand why there would be an increase in UCBE that is >>> being delivered directly. We have not made any changes to our MX >>> record in some time, and the only record listed for our domains with >>> EDS is that of the EDS system. Also, the increase of direct >>> delivery >>> UCBE seems to coincide with the migration to the Tucows-provided >>> platform. >> >> One thing I've noticed is that many actual opt-in newsletters that >> were >> being quarantined before are now being delivered. For some of our >> domains, this is a noticeable source of the increase. Unfortunately, >> there is still more spam getting through than before. Even worse, >> much >> of that which gets through would be handled by two simple tests: >> making >> sure the sending server HELOs as a hostname and checking against a >> DNSBL >> that lists dynamic addresses. >> >>> >>> 2) Much of the UCBE that is going through the EDS system, but not >>> being tagged as spam, is marked with a spam score of 2. I'd have to >>> say at least 20-25% of the UCBE let through the EDS system has this >>> exact spam score value. >>> >>> None of these messages show any similarities. >> >> I thought it was just me that noticed this... Even a few Tucows >> communications have had a score of 2. >> >>> 3) Will attachment filtering be added back into the product? >>> Many of >>> our customers appreciated this feature and put it to good use in the >>> past. Needless to say, it's one of the first questions I'm asked >>> when >>> one of our customers call about the new system. >>> >>> >>> I've been pursuing alterative / competitive services. So far the >>> only >>> hold-back is the feature to price ratio of the product provided by >>> Tucows. However, we're starting to ask ourselves if all the >>> problems >>> that have been occurring and the calls we continue to handle as a >>> result (for the better part of a week now) are worth the price >>> difference in the end. >> >> If you're not set on a hosted service and want to run it yourself, >> check >> out Can-It from Roaring Penguin. >> >> >> -- >> Chris Scott >> Adaptive Hosting Solutions, Inc. | Blogzerk - blog hosting >> http://www.adaptivehostingsolutions.com/ | http://www.blogzerk.com/ >> _______________________________________________ >> domains-gen mailing list >> [email protected] >> http://discuss.tucows.com/mailman/listinfo/domains-gen > > Kim Phelan > Director, Product Management > Tucows Inc. > [EMAIL PROTECTED] > 416-538-5476 > > > _______________________________________________ > domains-gen mailing list > [email protected] > http://discuss.tucows.com/mailman/listinfo/domains-gen Kim Phelan Director, Product Management Tucows Inc. [EMAIL PROTECTED] 416-538-5476 _______________________________________________ domains-gen mailing list [email protected] http://discuss.tucows.com/mailman/listinfo/domains-gen
