Thanks for the tips Kevin! Still a couple of follow-up questions though, if you don't mind.
> Spamlovers contribute to the corpus, NoProcessing does not. > You can also create spamlovers that bypass only a single or a set of > filters based on how you choose to set ASSP up. What's the difference then between the SpamLovers address and the SpamBucket addresses? >> 2) WhiteList section: "Only local or authenticated users contribute to >> the >> whitelist." I don't understand how a whitelisted user would be able to >> add >> to the whitelist? I know if I email someone (ex: >> [EMAIL PROTECTED]) their >> address automatically gets added to the whitelist. Does this mean that >> any >> emails from [EMAIL PROTECTED] will >> automatically add all the recipients on >> the email to the whitelist as well? > > It does not say that, so no, email FROM a whitelisted address will not > add whitelist entries. If the checkbox is not checked (default) then according to Fritz, emails coming in from whitelisted users will automatcially add the list of recipients to the whitelist. Although this might quickly build a "trusted" whitelist of addresses (under the assumption that a whitelisted user will only email other "safe" users), doesn't it give a spammer faster, and larger access to whitelisted users? (ie: more to guess from) >> 3) WhiteList Section: "Only users with a local domain in mailfrom >> contribute >> to the whitelist:" >> When spammers spoof the from address in an email (ex: setting the from >> address as my own address), wouldn't that just add the recipients to the >> whitelist? > > Never had an issue but Fritz would be the best one to answer this. Am still confused with this concept.... I still see a spammer that spoofs the from address as someone who is able to get emails through ASSP untouched (ie: gets whitelisted automatically). Am I mistaken? >> 5) ValidateLocalAddresses: "No-Valid-Local-User Reply" >> Am confused. Wouldn't indicating that all email addresses exist simply >> cause email harvesters to try to spam every address possible? Wouldn't >> this >> just increase the amount of traffic to the SMTP site, and give ASSP more >> spam to deal with? > > The default is an RFC compliant setting of "'550 5.1.1 User unknown". > You can change this if you choose to do so. > Oddly enough telling the spammer that the address does not exist will > probably cause more email because then they will know the ones that DO > exist. So you can choose to make their job easier by telling them if the > address exists OR you can say "Yeah sure, they exist" and then drop the > message and have it contribute to the spam corpus. make sense? it's not > exactly vaild no but it does to help build a corpus and slow the rate of > spam to real users. Relating to point #3 - if a spammer does a dictionary attack and gets back a whole bunch of "address exists", then next time they send an email, they may likely spoof the from address as being someone from the local domain. Wouldn't the email automatically make it through ASSP untounched in that case since both the from and the to would be on the local domain list? >> 6) RBL Options > Stop reading old documentation. It's very old. :) :) I had guessed as much, but it is nice to have the confirmation. Thanks. Thanks again for all the help! Eric ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
