On Fri, 14 May 2004 21:09:51 -0400 Neal Richardson <[EMAIL PROTECTED]> wrote:
> I am looking for recommendations for spam filtering. The current > situation is this. Our current ISP told us that spam is our problem not > theirs (this I believe to be fair except they are hosting our email). We > are looking for some sort of a gateway/filtering system to try and stop > the hemorrhaging. > > Any ideas would be greatly appreciated. > > -Neal I have tried half a dozen automated approaches, and every one has had unacceptable drawbacks. Spam is an ugly problem, and the more automated and easier the "solution" appears to be the more obnoxious the side effects threaten to be. (The mirror 'bot "Answer this automated mail and my 'bot will believe you're not a spammer" technology being the worst.) That said, SpamAssassin is pretty good. OTOH, my honest answer is that only after I 'fessed up to myself that there's no free lunch have we been able to be in control of the spam mess. A set of filtering rules, plus a little bit of personal time, yields almost no false positives. Essentially the leverage of this approach turned out to be that it doesn't take very long to manually trash every one (or almost every one) of the messages in a "black spam" mailbox. We just couldn't seem to get out of manual intervention of one kind or another, and "training" the automated assistants turned out to be a more irritating kind of time sink than just meeting the problem head on. So my personal recommendation, based upon unsatisfying experience, is to be chary of cost vs. benefit of "automated" answers. There are two other approaches which we might want to watch, though. 1. Thunderbird. The "training" interface is presented in a streamlined way - perhaps that makes it better. Any field experience from the group? 2. SPF. This seems to be promoted as something we should really want - tightening the loose SMTP rules which permit spammers to pretend to be sending from arbitrary addresses (including yours). If it works the kind of spam which it stops never needs to clutter your bandwidth, MTA, or inbox - it cannot be sent at all. I've been meaning to ask the group about SPF. As a non-sysadmin I can only wonder if it's a real prospect. It sounds great that domain administrators and MTAs could gang up and strangle the spammers - a lot easier than filtering and/or manual reviewing. But I haven't heard a thing about it locally, including from my ISP (who I think would have to be involved if it's to become successful). Any comments from the group? -Bill to forge _______________________________________________ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss