Marc Perkel wrote: > These lists can be the biggest breakthrough in email processing in > years. The power of this system isn't just in the black list. The real > power is in the white lists and it's ability to reduce false positives > in your existing black lists.
My experiences so far. Since I setup this list on my server a few hours ago, 70 emails have been received where the sending host was on this list. Nearly all mail that this blacklist caught was on another blacklist, mostly sorbs. That's not a bad point, it's just an observation. There were 4 cases out of the 70 where this list was the only list to have the sender host on. 2 of these mails were from xe.com, and were NOT SPAM. This is bad - but the wiki claims '100% accuracy', not quite there yet :) 2006-07-22 08:30:08 1G4Bve-0004je-1Y H=(helium.xe.com) [216.220.38.19] Warning: [DNSBL] Delaying because host in dnsbl.junkemailfilter.com 2006-07-22 08:30:14 1G4Bve-0004je-1Y <= [EMAIL PROTECTED] H=(helium.xe.com) [216.220.38.19] P=esmtp S=11613 [EMAIL PROTECTED] T="Today's Currency Update (EUR) CUSA4B3447AA9A5" What systems are in place to see why this email was marked as spam? I can't see any. I am not using the whitelist or the yellow list. I'm a little confused about the whitelist, is there actaully such a thing as a mail server there *never* sends spam? This whitelist might contain gmail's mail servers for example, but I still want to content scan these emails as much as I would any other - but perhaps not everyone will agree with me there. As for the yellow list - this is potentially a good idea if it works. However, the wiki is suggesting that if someone's on the yellow list then don't bother with any other DNS lists - but... don't forget, one man's spam is another mans ham. Another concern of mine is how the list is going to regulate submitions of spam and ham reports from people. How do you decide who you can trust to accurately report spam/ham data? A fast responding system to hosts that only send spam (compromised end users for example) is defiantly something that's needed as it is hammering content scanners with stupid amounts of junk at the moment - however, personally I've pretty much eliminated this problem already with my own ACLs which will defer mail if a host has sent more then X points in Y period. In conclusion - I think that this is a useful list, and has potential, but it should not be used with ultimate trust, but as part of a scoring system in your ACLs along with other lists. Marc, thanks for your hard work - it's another line of defense I'm willing to use - but I'm not willing to trust it implicitly :) Kind Regards, Ian P. Christian ~ http://pookey.co.uk
signature.asc
Description: OpenPGP digital signature
-- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
