Just a suggestion, but I'm thinking that you could optimise this a bit. "dial" will already match "dialin", "dialpool" and "dialup", so there's no need to include those three, just "dial". Same with a few of the others.
Cheers, Dave Sam Clippinger wrote: > Sure. Please keep in mind this list works for me, on my server, for my > users. Your mileage may vary wildly. You have been warned... > .................................................................................... > # Actual keywords > cable > client > cm > dhcp > dial > dialin > dialpool > dialup > din > dip > dip0 > dup > dyn > dynamic > dynamicip > ev1s > in-addr > modem > ppp > pool > pools > reverse > user > > # Specific providers with lots of spammers > adsl.totbb.net > adsl.proxad.net > fbx.proxad.net > hinet-ip.hinet.net > ip.secureserver.net > onocable.ono.com > res.rr.com > rev.gaoland.net > .telebecinternet.net > bb.sky.net > bb.sky.com > ptr.us.xo.net > .covad.net > > adsl dsl .sbcglobal.net > adsl dsl .ameritech.net > adsl dsl .pacbell.net > adsl .bellsouth.net > wsip .cox.net > hsd1 .comcast.net > .................................................................................... > > -- Sam Clippinger > > Ronnie Tartar wrote: >> Sam, >> >> Can you share this list as I would love to make mine even better @ >> filtering. >> >> Regards, >> >> Ronnie >> >> >> ----- Original Message ----- >> From: "Sam Clippinger" <[email protected]> >> To: "spamdyke users" <[email protected]> >> Sent: Tuesday, September 01, 2009 4:20 PM >> Subject: Re: [spamdyke-users] Spam Stats >> >> >> >>> I think you're misunderstanding the keywords feature. spamdyke does not >>> examine message content, so it cannot stop messages that contain >>> "Viagra" or any other specific words. >>> >>> When spamdyke searches for keywords, it looks for those keywords in the >>> remote server's rDNS name. The purpose of the feature is to block >>> messages from infected PCs on home cable modems. Most cable providers >>> use a predictable naming scheme for their rDNS names, such as >>> "11-22-33-44.dynamic.example.com". If spamdyke finds a configured >>> keyword AND the IP address in the rDNS name, it will block the >>> connection. That's all. >>> >>> On my server, 30%-50% of all connections are blocked by this filter >>> every day. I use a short list of simple keywords like "dynamic", >>> "cable", etc to great effect. >>> >>> -- Sam Clippinger >>> >>> Christoph Kuhle (Expat Email Ltd) wrote: >>> >>>> It appears as if the blacklist_keywords can capture a lot of Spam. So >>>> far >>>> we have nothing in that file. We are worried about the refusal of emails >>>> which may be genuine. So while we might want to blacklist Viagra, we >>>> would >>>> not want to blacklist an email from a medical person, for example, which >>>> might refer to Viagra (I'm not even sure that this email will make it to >>>> the >>>> list having mentioned that word!). >>>> >>>> Do people have tried and tested contents of that file which they can >>>> advise >>>> on to prevent false positives - because we only show about 50-60% spam >>>> being >>>> caught. I think that is partly because we also have ASL installed which >>>> blocks lots before it even gets to the mail queue. If we can use the >>>> blacklist_keywords effectively, we would love to and look forward to any >>>> suggestions from seasoned users. >>>> >>>> Kind regards, >>>> >>>> Christoph >>>> >>>> -----Original Message----- >>>> From: [email protected] >>>> [mailto:[email protected]] On Behalf Of Mirko Buffoni >>>> Sent: 01 September 2009 14:27 >>>> To: spamdyke users >>>> Subject: Re: [spamdyke-users] Spam Stats >>>> >>>> Goods average between 500 and 2000 daily. Figures are however >>>> pretty standard. Spamdyke filters out about 60k attempts daily. >>>> Here are yesterday stats: >>>> >>>> Good : 1025 = 0.68 % >>>> Unsure : 183 = 0.12 % >>>> Virus : 62 = 0.04 % >>>> BAD Sender: 5114 = 3.40 % >>>> BAD Rcpt : 212 = 0.14 % >>>> Pure SPAM : 45997 = 30.56 % >>>> SPAMMER : 97940 = 65.06 % >>>> | >>>> \.............BLACKLISTED_KEYWORD : 29608 = 30.23 % >>>> \..............DENIED_EARLYTALKER : 3 = 0.00 % >>>> \...............DENIED_IP_IN_RDNS : 30447 = 31.09 % >>>> \................DENIED_RBL_MATCH : 23268 = 23.76 % >>>> \.............DENIED_SENDER_NO_MX : 13070 = 13.34 % >>>> \......DENIED_TOO_MANY_RECIPIENTS : 1 = 0.00 % >>>> \....DENIED_UNQUALIFIED_RECIPIENT : 1 = 0.00 % >>>> \.........................TIMEOUT : 1542 = 1.57 % >>>> >>>> ------------------------------ >>>> Total : 150533 = 100.00 % _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
