[EMAIL PROTECTED] wrote on Tuesday, January 11, 2005 2:41 PM: Hi, thx for your answer
> It is a good idea, however... >=20 > Here are a few things to know about what you would like to do: >=20 > 1) You could create your own Received: headers before passing > the email =3D > on > to SA. No problems. Then I would suggest you strip them > back off after =3D > you > get the results back from SA... Yes, that is right. I'll have to strip it afterwards. > 2) I suspect XMail's author doesn't write the Received: header at the > post-data stage because of a couple reasons... > a) Here you can get the untouched original email. > b) What would you put in the "for" section if there > were multiple > recipients? (More than one RCPT TO)? Right. > 3) If you reject a SPAM after it has been sent to you, you didn't gain > anything... the time and bandwidth has already been wasted. Because simply deleting the message is not possible (justice and some customers), a real sender would get back a 5xx error and he knows that = his mail has'nt been read. The Problem with marking as ****SPAM**** is that = 99% of our spam-protected customers don't know anything about it and so it's besser that the don't get the spam. I want to realize it as option, if = spam is deleted or is being marked and forwarded. > 4) Rejecting spam often means the sending server will attempt > endlessly again and again even if you pass a 554 or other similar > fatal error.... meaning that the one 40KB spam now can take up 400KB > or more bandwidth =3D as > the spammer keeps trying to resend. Nope, 5xx is permanent - the client should not try to resend it. 4xx is temporarly. > Personal experience tells me that you need to just accept it, > score it, > label it as "[SPAM]", and if you wish, delete it, or move it > to another > folder if it scores high enough (I use XMail-WAI web interface... so > =3D spams show up in a spam box folder). see above about my personal expirience. > When I did what you propose, my bandwidth use shot up over 10x! mhm I use spamcop and other blacklists and the other nice features of = Xmail so that 70-80% of the incoming mail is rejected in SMTP session before = it reaches any filter ;-) > Now, an idea I have would be to combine the SA scoring with perhaps a > greylisting? That's what I am looking at writing up right now... I think in a few month the spammers will have a solution against = greylisting so I don't think about implementing it. > 1) PRE-DATA: check triplets database, temp error if in list and not = =3D > enough time has past. > 2) POST-DATA: check SA score for email, if above a 5, then > temp error it =3D > and > add to greylist. >=20 > I like this modified form of greylisting because it allows > low scored =3D > emails > to be delivered immediately (which I often want when buying things =3D > online, retrieving lost password for websites, etc). Only > high-scoring emails =3D > get > delayed. SA autolearning (bayes) and auto-whitelisting is IMHO very effective and = a better solution as greylisting. - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
