On 16-08-29 05:40 PM, Michelle Sullivan wrote:
Don't you just hate these threads that can start arguments on what is an
FP and what is not? :P
You know what we could use more of?
https://www.intra2net.com/en/support/antispam/
https://www.sdsc.edu/~jeff/spam/Blacklists_Compared.html
There isn't much like this any more..
Might be something that we can encourage universities, and/or large
organizations with large email volumes who have the capability to check..
Not saying Google should do this ;)
But for example, tag incoming emails somehow with a hash of which RBL's
would be triggered, and compare it to their internal spam/ham systems.
Any one else know some hidden gems on the 'net that might not be on the
search results of real world results that can be shared around?
Of course, the problem really stems from what Michelle alluded to..
While we can probably all agree on 99% of the content, it is that last
1% that different operators have different opinions on..
The small little WISP in rural Texas might have different opinions on
what type of email they think their users want, than the large email
provider in Turkey.. different RBL's can serve different purposes..
(oh, and you should see the Clinton/Trump divide on what is spam and
what isn't)
We used to do this with some friendly ISP's (course we didn't use direct
RBL lookups, we created a caching system) in logging mode to identify
UNIQUE and MULTIPLE RBL hits in the early days, but it really should be
tied into some form of customer definition as well. (This is junk/not
junk) but even then, take the case of the large provider who has a
temporary really bad spam outbreak.. was the RBL who listed them wrong
when a couple of good messages from the same source where also tagged?
However, I think that data would be useful to help others make informed
choices on which RBL's they might like to implement.
RBL's are still one of the most efficient and effective way to reject
the worst/most of the current spam outbreaks. (Followed by other simple
DNS checks..talking to you 'static.vnpt.vn' and 'broadband.actcorp.in')
But open comparison sources of the accuracy/validity of the data is
something that would help everyone. I do suggest it needs to be based
on demographics though. Which RBL's are most effective for email
servers based on continent they operate might be a great start.
(For instance, lists that identified sources of the CUT-WAIL outbreak
for a while could claim to block 80-90-99% + of all attacks, if you
happened to be one of those targeted by those attacks, doesn't mean in
the long term it is the most accurate RBL for others)
And I am sure that Gmail, or Yahoo, or AOL each would have a different
opinion, based on the attackers who prefer targeting them, on which RBL
is best (which is probably why they also run their own to some extent or
another).
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
------------------------------------------------------------------------
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
