* Marc Perkel wrote (24/07/06 16:27): > > Chris Lear wrote: >> * Marc Perkel wrote (22/07/06 05:27): >> >>> Ok - so here it is. Give it a try and tell me what you think. Here's the >>> instructions on how to use my black list, white list, and yellow list. >>> >>> http://wiki.ctyme.com/index.php/Spam_DNS_Lists >>> >>> And - after you start using it I'm looking for a few good people to feed >>> information back into the system to make it better. This is working for >>> me. But - we will see if it works for anyone else. >>> >>> These lists can be the biggest breakthrough in email processing in >>> years. The power of this system isn't just in the black list. The real >>> power is in the white lists and it's ability to reduce false positives >>> in your existing black lists. >>> >>> So - try it out and let me know. >>> >>> >> >> I've been giving it a try, and logging hits for black, white and yellow >> lists before my existing blacklists and content scans. >> >> Like a few other people, I'm a bit unclear about the value of the yellow >> list. I'm not sure I'd want to use it to bypass my existing blacklists >> (I'd rather risk false positives in spamhaus or whatever than let mail >> through because one of the listed servers once sent ham). And I'm not >> sure what other purpose it serves. >> >> The blacklist seems to be about as good as sbl-xbl.spamhaus.org, except >> it has false positives. Eg this one, which is one of the mx's of the >> European Bank for Reconstruction and Development: >> H=mx1.ebrd.com [193.128.202.111] Warning: black - dnsbl - mx1.ebrd.com >> [193.128.202.111] >> >> The whitelist seems to be OK, and if I could rely on it 100% it could >> save some content scanning effort. But in my very small test, I had only >> 3 hits: one google server, one blackberry server, and >> sesame.csx.cam.ac.uk. On the other hand, some major bank servers >> (citigroup and state street for example) are listed as yellow. So the >> white list doesn't suit my (admittedly niche) purposes. >> >> Chris >> > > > It would work better if I had more data to work with.
Yes, indeed. Fair enough. > Right now a yellow > listing might eventually turn into a white listing once I get enough ham > messages from that host. Yellow doesn'r mean it's sending some spam - I > should clarify this - is means it's not had enough ham to make the > whitelist yet. But it would be enough to prevent it from being blacklisted. That clarification is useful. I didn't realise. > > I'm trying to get this developed enough that sharper people than me will > take off with the idea and do it right. I hope it goes well. I'll be interested to see whether the yellow list idea takes off. I must admit I'm sceptical at the moment. The whitelist might be nice if it gets reliable data in. I'm a bit sceptical about that, too, but if it turns out to be a success I'd use it to cut down on spamassassin time. Perhaps the way to know it's a success is if spammers try hard to get listed, and fail. Chris -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
