On Sun, 6 Mar 2011, [email protected] wrote:
I noticed that 2.5% of wt-en1's spam was hitting DNSWL_HI. I asked him
about it, and it turned out that it was all cases where he had set up
forwarding from another server and not added it to trusted_networks
(he then deleted them). I suspect this is true of others:
RCVD_IN_DNSWL_HI:
SPAM%
2.0785 bb-jhardin
RCVD_IN_DNSWL_MED:
SPAM%
1.5012 bb-jhardin
0.3109 bb-jhardin_fraud
My corpora include messages from several different mail paths, and all of
my corpora masschecks are done against uploaded corpora on the SA/Apache
servers. How are we to provide trusted_networks data in that scenario?
(That's something I've been mildly curious about in the past - how the
heck does the uploaded masscheck _deal_ with setting trusted_networks etc.
for multiple disjoint corpora?)
I'm really curious how other people think spam from mailing lists should be
handled.
Should mailing list servers all be listed as trusted_networks?
As "trusted" means "does not forge headers", I'd say yes.
Or should spam from a mailing list be counted against the list server in
DNSWL?
Sure, it's spam. Do you want to whitelist a listserv that's relaying spam?
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
[email protected] FALaholic #11174 pgpk -a [email protected]
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Failure to plan ahead on someone else's part does not constitute
an emergency on my part. -- David W. Barts in a.s.r
-----------------------------------------------------------------------
7 days until Daylight Saving Time begins in U.S. - Spring Forward
