Re: 3 quickies!

[lbudney-lists-qmail]

Paul Schinder spake unto me and said:
> At 10:24 AM -0500 12/23/99, [EMAIL PROTECTED] wrote:
> >
> >Check out  for a good example of spam
> >filtering which is _customer_ approved.
> 
> ...the example is poor, IMHO.  I have a pobox account for non-work 
> related mail, and I had their spam filtering on for a while before 
> finally turning it off.  It tagged things as spam that weren't. It 
> missed tagging most real spam.  In short, it wasn't any help at all. 

Oh, I agree completely! I let pobox mark my "spam" emails, and it's
hideously inaccurate. All I meant was that their bad spam "protection"
is truly optional, which is good.

> ...what I'd pay extra for, and what they don't offer (at least the
> last time I checked), is RBL+DUL+RSS on my incoming mail stream...

Agreed; that might be handy. What I've been doing for a while is sending
BCCs to a separate folder. Once a month or so I glance through the
folder. It usually contains about two dozen emails, almost all spam. No
fuss, no muss, and I've only seen about half a dozen pieces of spam get
through it in about 2 years.

I guess spam doesn't send me into a killing rage, when I get to meet it
on my own terms. (But if you're lynching spammers, do invite me along.)

Len.

Re: 3 quickies!

[Paul Schinder]

At 10:24 AM -0500 12/23/99, [EMAIL PROTECTED] wrote:
>"Marc-Adrian Napoli" spake unto me and said:
>  >
>  > What i'm after is a solution that falls into place at the
>  > qmail-send/qmail-local stage that will quickly check the
>  > headers of the message to be delivered locally first for
>  > any particular strings. (Silly email addresses or anything
>  > with the word "buy now" or "sell now" etc)
>
>I recommend that you be _VERY_ careful with this idea,
>especially if you are an ISP. In particular, bouncing
>emails may anger your customers, and destroying emails
>can get your butt sued off.
>
>Suppose one of your customers is sent an email from his stock
>broker, saying "Sell Now" Your customer never gets the
>email, and loses his shirt, because of your spam "protection".
>You will deserve whatever happens to you.
>
>Other than RBL-blocking, and making sure _your_ relay is closed,
>I recommend that you only use filters which are _explicitly_
>approved by _each_ affected customer. Deciding for your
>_customer_ which emails look "bad" to _you_ is very foolish.
>
>Check out  for a good example of spam
>filtering which is _customer_ approved.

I agree with your sentiment completely.  I don't want *my* ISP making 
*any* of these decisions without my knowing, and I'd certainly want a 
way of creating my own "tunnels" through any of their blocks.

But the example is poor, IMHO.  I have a pobox account for non-work 
related mail, and I had their spam filtering on for a while before 
finally turning it off.  It tagged things as spam that weren't. It 
missed tagging most real spam.  In short, it wasn't any help at all. 
What I want them to offer, what I'd pay extra for, and what they 
don't offer (at least the last time I checked), is RBL+DUL+RSS on my 
incoming mail stream with the ability to tunnel selected IP's 
through, and the ability to find out what was blocked.  (Which is 
exactly what I do use on my work machines with rblsmtpd.)  DUL by 
itself would catch most of the spam I get through my pobox account.

So since I can't RBL+DUL+RSS the mail passing through pobox in any 
convenient way, I pass it through some maildrop filters on one of my 
home machines and access it from there.  In the end, only I know what 
is spam and what is not, so I prefer dealing with the problem at the 
end of the chain which I control rather than at the points in between 
over which I have little or no control.  Unfortunately, that means I 
have to accept the spam in the before programmatically discarding it.

>
>Len.

--
Paul J. Schinder
NASA Goddard Space Flight Center
Code 693
[EMAIL PROTECTED]

Re: 3 quickies!

[lbudney-lists-qmail]

"Marc-Adrian Napoli" spake unto me and said:
>
> What i'm after is a solution that falls into place at the
> qmail-send/qmail-local stage that will quickly check the
> headers of the message to be delivered locally first for
> any particular strings. (Silly email addresses or anything
> with the word "buy now" or "sell now" etc)

I recommend that you be _VERY_ careful with this idea,
especially if you are an ISP. In particular, bouncing
emails may anger your customers, and destroying emails
can get your butt sued off.

Suppose one of your customers is sent an email from his stock
broker, saying "Sell Now" Your customer never gets the
email, and loses his shirt, because of your spam "protection".
You will deserve whatever happens to you.

Other than RBL-blocking, and making sure _your_ relay is closed,
I recommend that you only use filters which are _explicitly_
approved by _each_ affected customer. Deciding for your
_customer_ which emails look "bad" to _you_ is very foolish.

Check out  for a good example of spam
filtering which is _customer_ approved.

Len.

Re: 3 quickies!

[cmikk]

On 23 Dec 1999 10:06:42 - , "Petr Novotny" writes:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> On 23 Dec 99, at 18:19, Marc-Adrian Napoli wrote:
> > [rblsmtpd]
> > As far as I can see, this only blocks certain mail servers - I could do
> > this at my border routers and save myself from installing any software.
> > (Blocking from certain IP's on port 25).
> 
> That's right but you wouldn't get the on-line feed you're getting from 
> RBLish services. You'd have to type in that million IPs by hand. 
> Yuck.

Actually, you can subscribe to the original MAPS
RBL via [e?]BGP.
f
-- 
Chris Mikkelson  | The genius of you Americans is that you never make 
[EMAIL PROTECTED] | clear-cut stupid moves, only complicated stupid 
 | moves which make us wonder at the possibility that
 | there may be something to them we are missing. 
 |   -- Gamel Nasser 

Re: 3 quickies!

[Petr Novotny]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 23 Dec 99, at 18:19, Marc-Adrian Napoli wrote:
> > > 1. anyone have any suggestions as to what to use for anti-spam
> > > measures? there seems to be a number of options.
> >
> > http://cr.yp.to/rblsmtpd.html
> 
> As far as I can see, this only blocks certain mail servers - I could do
> this at my border routers and save myself from installing any software.
> (Blocking from certain IP's on port 25).

That's right but you wouldn't get the on-line feed you're getting from 
RBLish services. You'd have to type in that million IPs by hand. 
Yuck.

> What i'm after is a solution that falls into place at the
> qmail-send/qmail-local stage that will quickly check the headers of the
> message to be delivered locally first for any particular strings. (Silly
> email addresses or anything with the word "buy now" or "sell now" etc)
> 
> Is there something that can do this?

Have you been to www.qmail.org lately? There's links to such 
packages.

-BEGIN PGP SIGNATURE-
Version: PGP 6.0.2 -- QDPGP 2.60 
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBOGICXFMwP8g7qbw/EQK0vACfXB348pGniI8pPWGSGft66o5+y9EAn0Vi
bHWLpcsXnLG92DGmmjO8MEbD
=2tgi
-END PGP SIGNATURE-
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
 [Tom Waits]

Re: 3 quickies!

[Marc-Adrian Napoli]

Hi all,

> > 1. anyone have any suggestions as to what to use for anti-spam
> > measures? there seems to be a number of options.
>
> http://cr.yp.to/rblsmtpd.html

As far as I can see, this only blocks certain mail servers - I could do this
at my border routers and save myself from installing any software. (Blocking
from certain IP's on port 25).

What i'm after is a solution that falls into place at the
qmail-send/qmail-local stage that will quickly check the headers of the
message to be delivered locally first for any particular strings. (Silly
email addresses or anything with the word "buy now" or "sell now" etc)

Is there something that can do this?

Appreciating all the help.

Regards,

Marc-Adrian Napoli
Connect Infobahn Australia
+61 2 92811750

Re: 3 quickies!

[Todd A. Jacobs]

On Wed, 22 Dec 1999, Marc-Adrian Napoli wrote:

> 1. anyone have any suggestions as to what to use for anti-spam
> measures? there seems to be a number of options.

http://cr.yp.to/rblsmtpd.html

-- 
Todd A. Jacobs
Network Systems Engineer

3 quickies!

[Marc-Adrian Napoli]

hi all!

1. anyone have any suggestions as to what to use for anti-spam measures?
there seems to be a number of options.

2. anyone have any ideas on putting restrictions on the size of
incoming/outgoing mails to certain mailboxes?

3. anyone on the list have details on the up and coming ezmlm-idx 0.40? :-]

Regards,

Marc-Adrian Napoli
Connect Infobahn Australia
+61 2 92811750