Anyone,
I need a little deeper understanding on setting up SIMS to help stop incoming junk mail. I threw together a little FileMaker Pro file to extract the derivative IP address in junk mail.
That seems like an awfully fat tool just to pull out the connecting IP from email. It makes me wonder if you are getting the right one. The only IP address in a Received header that makes any difference to SIMS is the one in the header it has added, i.e. the top Received header. Anything else you might come up with by any means is meaningless as far as blacklisting goes.
Can we enter those IP addresses into the "Black Listed" feature under SMTP to stop incoming junk mail ...or just how does that feature work?
You just enter the addresses in the blacklist, one address or range at a time.
I strongly recommend that you simplify your task by starting with an entry for 127.0.0.2-127.0.0.4 and add sbl-xbl.spamhaus.org to what SIMS calls its "RBL Server List" to use the Spamhaus SBL and XBL lists. You can see what these are at http://www.spamhaus.org and the individual lists have pages at http://www.spamhaus.org/sbl/index.lasso and http://www.spamhaus.org/xbl/index.lasso. Thje Spamhaus XBL is essentially a replica of the CBL, and the full details of the list are at http://cbl.abuseat.org
A bit of background: Spamhaus is run by Steve Linford, a former SIMS user who may still be subscribed here and who has become the most effective spam-fighter in the world over the past few years. His SBL lists address space directly controlled by professional spammers, meaning that there is essentially no collateral damage from using it to reject mail. Just last week he also started serving out what he is calling the XBL, which is a replica of the older CBL. The CBL lists addresses that have behaved like compromised machines in how they send mail, and while some of the details of its criteria are vague, the effectiveness and safety of the list is very well proven. It consistently catches a very large fraction of mail aimed here, but has not once in over 4 months caused the rejection of legitimate mail. work with larger systems as well and converse with postmasters on spam issues quite regularly, and I have yet to hear of any site where the CBL/XBL has ever rejected mail from a machine that was not in fact being used for heavy spamming and have heard of only a handful of cases where a listed machine was also a legitimate mail server sending non-spam mail.
In short, by using the SBL-XBL combined blacklist you will be using the world's best-managed spam blacklists, covering the bulk of the worst sources of spam without any significant risk of ever rejecting any legitimate mail, and you won't need to worry about managing the list yourself.
One reason this is significant for a SIMS site is that the SIMS blacklist is limited. If you look at my local blacklist at http://www.scconsult.com/blacklist.shtml you can get a sense of how big a list can get, and if you look for the entries without numeric timestamps on them you'll see where I was when it got too big for SIMS.
-- Bill Cole [EMAIL PROTECTED]
############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
