On Sat, 2008-12-20 at 13:13 -0600, Brad Knowles wrote: > Unfortunately, milters are not widely supported outside of modern > versions of sendmail and postfix.
Courier's maildrop implements a perl-like structured scripting language that's about as flexible as anything I'm aware of for this purpose. Any program that generates output and an exit code can be executed from a maildrop script and the results analyzed and appropriate action taken. > > BTW, as I mentioned, about 80% of the spam _I_ (personally) get is > > rejected by courier based on RBL lookups, and I assume the percentage is > > similar for other system users. I have a cron job which generates a > > daily report on these rejections for me, and anyone else who wants one. > > I have my own scripts that I've written for the same purpose. Your > statistics do not accurately describe the situation that I personally see. Well I'm probably not doing as effective a job of pre-filtering as you are at UT. I've looked a bit at the stats for other users on FMP's servers and what I see for myself is in the same ballpark. Mind you, I'm only using about 6 RBL lists. _Most_ of the catches are from the CBL, <http://cbl.abuseat.org/>. > At UT Austin, we reject ~95% of all incoming mail at the SMTP dialog > level, because we use Ironport e-mail security appliances that check the > incoming connection against the SenderBase reputation system, and > SenderBase has several hundred different inputs that are used to > calculate an overall score for that sender. They monitor all the major > RBLs (and a lot that you've never heard of), but they also consider what > the registered nameservers are for the sending domain, who the > registered owner of the network is in whois, and all those other things > that you might want to check. I'm just running a couple of colo'd Linux boxes running F/OSS software, for family, friends and several dozen commercial clients. I'm a small fish. Every now and then I need to revisit mail filtering issues and re-think what I'm doing and make sure it's compliant with the current situation. Nothing ever stays the same on the Internet. > Do some research on the economics of spam, and how these guys get their > money. It is an entire black economy, and they get paid based on their > deliverability, just like any other bulk mail service. I either have to make decisions out front about rejecting spam based on content, or I need to accept it and pass it on to users for them to analyze and reject it, and if they set their filtering levels too high and their SA Bayes data store isn't properly "well educated", they get false positive hits and have to fish stuff out of their spam mail folder. I think the idea of picking a SA level of, say, 10 and rejecting outright anything at or above this is probably a sound policy. I'm not doing this now, but using maildrop and SA it's pretty easy to do. > If more people rejected spam outright during the SMTP dialog, we would > make a measurable impact on the spammer economy. So long as there are > plenty of people who are happy to just throw it away after-the-fact, > then the spammers continue to win. As always, your advice and concerns are well-considered, Brad. I do need to accept a certain amount of this stuff, consistent with the requirement that 100% of legitimate email be delivered (and SA is far from perfect), and because I'm a SOHO business, and a small one at that, I can't afford dedicated analytical appliances and proprietary software for this, most of which is outside my budget. There's doubtless more I can do. It's a beautiful day, and I'm wasting it sitting indoors in front of a computer. I'm outa here!!! -- Lindsay Haisley | "The voice of dissent | PGP public key FMP Computer Services | was arrested before the | available at 512-259-1190 | president cleared his | http://pubkeys.fmp.com http://www.fmp.com | throat to speak | | of freedom" | | (Chris Chandler) | ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9