> Yes I am watching the list. I do have a lot of foreign > mail isp's blocked to get rid of the spam. Don't even > know this person. I will unblock the .ca but if I get more > spam from them, I will turn the block back on. I might > just have to leave the list.
I should probably preface my remarks by stating that, as a Canadian, I find it really offensive that anybody would see the .ca top level domain as a major source of spam. For my own inbox, only one Canadian ISP (sjrb.ca, if I remember correctly, or it might be srjb.ca) has been the source of more than one or two spam messages sent to me, so it would be a lot more discriminating to block that one ISP than a whole country. (I will grant you that blocking mail from Argentina, Brazil, China, Korea, the Philippines, and Russia would block a significant amount of spam, at least if my experience is anything to go by.) Besides all of which, in my experience, virtually all spam comes with forged headers, so filtering on the "From:" line is the next thing to useless. As it happens, I'm on the team responsible for defening a large-ish E-mail network against spam, viruses, and so on, and we have found it necessary to use multiple filtering rules to distinguish between genuine E-mail and spam, and we're having to adjust those filters all the time. A single strategy for filtering mail can only work for so long, and, as in this case, only at the expense of a high number of "false positives." (Of course, if you have all the business you can handle, false positives might not be a concern to you.) One strategy which I really like, but which might not work for mailing lists like this, is to use a service like, say, bluebottle.com, which sends first-time senders a message asking them to hit a web site and verify that they're a real person. Since spam is almost invariably sent with forged headers, the spammer never gets the message and thus can't whitelist themselves. (And if they did, you can almost blacklist them.) Unfortunately, bluebottle.com is one of the E-mail services which plays what I call "Cutesy Domain Games", and thus I can't pick up from it with an unpatched version of Emailer, and I have not yet found a version of Emailer which will patch successfully on my machine. (I am referring to the "double @" patch which Chris told me about. I sure hope he gets that dead machine fixed, so he can send me a prepatched copy, as it would make my life considerably easier.) Greg Greg Slade www.associate.com/camsoc/greg/ [EMAIL PROTECTED] www.associate.com/camsoc/ots/ "To the man who only has a hammer, everything he encounters begins to look like a nail." - Abraham H. Maslow ___________________________________________________________________________ To unsubscribe send a mail message with a SUBJECT line of "unsubscribe" to <[EMAIL PROTECTED]> or <[EMAIL PROTECTED]>
