Nice spreadsheet! I don't have all the data you do, but just looking at my
mail logs going back 1 month (excluding mailing list traffic), I gathered these
reject/accept stats. I apologize if the formatting is messed up:
Count Percent
DENIED_RDNS_RESOLVE 72413 58.29
DENIED_RDNS_MISSING 26924 21.67
ALLOWED 6766 5.45
DENIED_SENDER_NO_MX 4730 3.81
DENIED_BLACKLIST_NAME 4630 3.73
DENIED_GRAYLISTED 3311 2.67
DENIED_RBL_MATCH 2059 1.66
DENIED_IP_IN_CC_RDNS 1936 1.56
TIMEOUT 776 0.62
DENIED_INVALID_RECIPIENT 457 0.37
DENIED_OTHER 127 0.10
DENIED_IP_IN_RDNS 71 0.06
DENIED_HEADER_BLACKLISTED 32 0.03
DENIED_SENDER_BLACKLISTED 6 0.00
DENIED_RECIPIENT_BLACKLISTED 1 0.00
Total 124239
Clearly I don't run a high traffic server, but:
- Numerically, the missing/unresolvable rDNS tests appear to be the
most effective, though I haven't checked to see how many of those rejections
were for valid email addresses.
- For my own peace of mind, blocking subject lines with the header
blacklist has been the only way to stop persistent spammers from reaching me
via outlook.com and gmail.com, which I'm not willing to block outright.
- The rDNS blacklist percentage appears to be very low but it's
continually populated by my auto-blacklisting scripts and it's been very
effective against organized groups (i.e. not botnets). Even though I rarely
add to those scripts, I'm still amazed at how many new domains it catches every
day.
- I also use another set of scripts to automatically unsubscribe my
users from "legitimate" mailing lists when they junk the messages (Gmail does
this too). Since my users usually can't tell the difference between "real"
spam and "legitimate" spam (and they don't care), those scripts cut down their
junk mail without blocking constantcontact.com and exacttarget.com (and others
like them).
To answer your questions, you can block "To: undisclosed-recipients" with the
header blacklist filter, if that's really how it appears in the message
headers. Blocking emails with no "To" line in the header isn't something
spamdyke can do right now, sorry!
-- Sam Clippinger
On Apr 18, 2017, at 9:36 PM, Philip Rhoades via spamdyke-users
<spamdyke-users@spamdyke.org> wrote:
> People,
>
> It has been almost a year since the last report - here is the updated GD
> Spreadsheet:
>
>
> https://docs.google.com/spreadsheets/d/1GqinPR2mA0Jz-uTZ2zVJgutpiDl62HNbn2gWGNpd7Tk/pubhtml
>
> Unfortunately the amount of spam getting through the SD filtering, then seen
> by me and being moved to the spam folder has gone up almost five times since
> last year . . from the information I have now put more stuff in the black
> From and To lists . .
>
> I think the main problem is that my main email address is finding its way on
> to more and more spam lists . .
>
> How can I:
>
> - reject mails with no "To:" address
>
> - reject mails with a "To:" address of: "undisclosed-recipients"
>
> Thanks,
>
> Phil.
> --
> Philip Rhoades
>
> PO Box 896
> Cowra NSW 2794
> Australia
> E-mail: p...@pricom.com.au
> _______________________________________________
> spamdyke-users mailing list
> spamdyke-users@spamdyke.org
> http://www.spamdyke.org/mailman/listinfo/spamdyke-users
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
