On Thu, 16 Aug 2012, Jim Schueler wrote:
To restate the question: My mailbox contains between 10-20 false positives
every morning. Before reporting them, I pass them through the spam
assassin filter again. About 20-25% are flagged as spam the second time
through.
The most obvious explanation, which I should've raised the first time, is
that these entries get added to the BL databases during the intervening 6-8
hours. If so, this understanding will be very helpful.
Can anyone weigh in?
That's the most likely explanation.
One approach to minimize the leakage from this is to institute greylisting
with a sufficient delay.
Greylsting by itself also cuts down the spam to a degree where the spambot
doesn't retry delivery.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
USMC Rules of Gunfighting #20: The faster you finish the fight,
the less shot you will get.
-----------------------------------------------------------------------
8 days until the 1933rd anniversary of the destruction of Pompeii