Re: [9fans] /n/sources/patch/spamhaus

My mail server does not run Plan 9, so my own
setup would require some implementation work,
as I mentioned before.

how do you maintain content-based filtering without
spending time on it on a regular basis?

I typically see one or two spams a day that make
it through, and I save those into a mailbox named "spam"
that a cron job uses to retrain the filter (Spam Assassin).

I also see a lot of spam going to bogus addresses
at swtch.com (they are valid at swtch.com.au),
and I feed those in as spam samples. I don't know
how much that actually helps.

at work we have a barracuda box which seems to
be completely content based. it's false positive
rate is significant. so you actually need to skim
up to a hundred questionable messages per week.

i find that skimming through lists like this is very
error prone.

I don't have a false positive mailbox to skim.
I run Mail Avenger, which lets me run shell scripts
during the SMTP session to decide whether to let
it continue. (It was the inspiration for validateaddress
and validatesender.) In addition to checking the
sender and the recipient, I can run a program over
the body before accepting the mail, so that's where
I run Spam Assassin. If SA thinks the mail is spam,
SMTP rejects it rather than saving it or deciding to
reject it later and having to send a bounce. That
means my mail server doesn't contribute to someone
else's backscatter problems, and if someone does
send something that looks like spam, they get
immediate feedback about it not going through, rather
than hoping I will see it in a spam box. The reject
response in SMTP explains that the mail looks like
spam and gives a magic word to put in the subject
if it is not spam.

I've been using this setup for a few years now.
I have had exactly one real message that was falsely
rejected that I remember, and it was a big chain
forward that arguably was spam, although it was
a real person sending it. I have also had two
legitimate commercial emails (receipts) rejected
as spam, but I knew they were on the way so I looked
for them. (I do spool the rejected messages to a file,
both for my own peace of mind and to handle cases
like these.)

It's not perfect, but it is far better than having to watch
a spam folder.

Russ

.

Relevant Pages

  • Re: Blocking IP for eMail
    ... >an IP range to prevent SPAM. ... Does DEFAULT include eMail services? ... smtp connections from the spam originating / relaying ISP at ... your ISP's mail server. ...
    (comp.security.firewalls)
  • Re: MTAs,Antivirus software, Spam
    ... The setup that I inherited works well, ... >> about spam, and I want the setup to be secure and something I can forget ... > razor - checks the signature of the mail against a registered database ... Halifax Regional Fire and Emergency Service ...
    (comp.os.linux.security)
  • Re: Rules settings in server
    ... >Is there any way to setup rules and folders in each of the user's mailbox so ... Also users might have setup the rules and / or folder ... You haven't got any server or client application that processes spam ... Exchange with an instruction to place the software in a specific ...
    (microsoft.public.exchange2000.general)
  • setting up simple confirmation email
    ... I'm new to Sendmail & am trying to set it up to send out a confirmation ... the spam folder. ... Here's the setup: ... DNS with goDaddy, ...
    (comp.mail.sendmail)
  • Re: Rules settings in server
    ... >>Recently we have setup new firewall and it has filters for spam mail ... >>Is there any way to setup rules and folders in each of the user's mailbox so ... The user can delete the folder but the next spam ...
    (microsoft.public.exchange2000.general)