Re: spam filter
On Mon, Jan 13, 2003 at 06:40:39PM -0500, Michael Shalayeff wrote: > the main problem is that all of the MX hosts for the > domain(s) covered by the mail server running spamd > have to filter the same list of ip addresses. > otherwise they just remail it to the lower priority > MX when it fails w/ the higher one and it goes through. Yes, that's a requirement. If you have administrative control over all your MX hosts, and they are OpenBSD systems, it's quite simple to synchronize the address lists using scp from a cronjob. A description of my current setup is described on http://www.benzedrine.cx/relaydb.html in case you want to have fun watching the spammers waste their resources, and consider the work required to set it up worth it. :) Daniel
Re: spam filter
Making, drinking tea and reading an opus magnum from Daniel Hartmeier: > Actually, checking some statistics, the spews list catches a significant > percentage of spam coming directly from open relays. The spam that still > gets through is coming mostly from mailing list servers. These are not > open relays, they merely don't filter spam as rigorously as I might want > to. I can either unsubscribe or filter them based on content. But adding > the mailing list servers to the spammer list would be wrong, of course. the main problem is that all of the MX hosts for the domain(s) covered by the mail server running spamd have to filter the same list of ip addresses. otherwise they just remail it to the lower priority MX when it fails w/ the higher one and it goes through. cu -- paranoic mickey (my employers have changed but, the name has remained)
Re: spam filter
Interesting, I think I will give might try to convince the powers at large to move to openbsd, we are currently on caldera linux, and I must say, I hate it. :-/ Thanks Daniel. On Mon, 2003-01-06 at 16:35, Daniel Hartmeier wrote: > Actually, checking some statistics, the spews list catches a significant > percentage of spam coming directly from open relays. The spam that still > gets through is coming mostly from mailing list servers. These are not > open relays, they merely don't filter spam as rigorously as I might want > to. I can either unsubscribe or filter them based on content. But adding > the mailing list servers to the spammer list would be wrong, of course. > > Daniel -- Bryan Irvine UNIX Administrator King County Journal Newspapers (425) 467-5308
Re: spam filter
Actually, checking some statistics, the spews list catches a significant percentage of spam coming directly from open relays. The spam that still gets through is coming mostly from mailing list servers. These are not open relays, they merely don't filter spam as rigorously as I might want to. I can either unsubscribe or filter them based on content. But adding the mailing list servers to the spammer list would be wrong, of course. Daniel
Re: spam filter
On Mon, Jan 06, 2003 at 03:42:09PM -0800, Bryan Irvine wrote: > Anyone using this yet? It doesn't catch a very large percentage of spam here, as spammers use much more relays than are listed in any database I could find. Spews.org lists about 15000. So you'll still need spamassassin/bmf to detect most of the spam. But I get several dozen connections per day redirected to spamd using the spews list (merged with the list of sources manually fed back from spamassassin/bmf), and the spammers mostly waste around 10 minutes trying to deliver their mails. And most of them retry again and again, wasting their queue space and sockets doing so (while I pay almost no cost for that). You'll see more connections on a real mail server, of course. So, spamd is great for hurting spammers (or open relays), but it doesn't prevent most of the incoming spam, unless you find (or build) a more complete list of source addresses to redirect. I consider it a fun addition to the arsenal in the fight against spam, but it doesn't replace content based spam filters. Daniel
