On 11 Oct 2004, at 21:06, John Peacock wrote:
Block anything without a Message-ID header. Block anything without any Received headers. Block anything found in CBL, SBL and SORBS. Block anything HELOing with a string matching \d+[\.-]\d+ Block anything marked "bulk" in DCC.
I'm managing a corporate e-mail system, so I have to be less arbitrary.
The first two could probably be changed soon to "anything without SPF/Sender-ID and without Received headers". Which would be less aggressive (those are the only two aggressive rules really) and still work quite well.
Oh, I forgot two 100% zero FPs guaranteed rules:
- Block anything HELOing as a domain in rcpthosts. - Block anything HELOing as my IP address.
TBH, even if you're happy with dspam, stick some of these rules in front to get rid of the ABSOLUTE garbage that comes in, then let dspam mop up the rest.
