On 21/08/13 22:49, Szládovics Péter wrote: > For correct filtering you need to use the followings in order of > importance: > > 1. RBL checking with few reliable lists (ip and domain based too) - you > can eliminate the 90% percent of spams > 2. Greylisting - you can eliminate the 90% of remain spams > 3. virus filtering, attachment checking - you can eliminate phishing, > and trojean mails > 4. content checking for spams (e.g. spamassassin) - you can eliminate > the almost all of remain spams > 5. use sieve filters for sa spam marked headers (if you want)
Valuable tactics missing from that list: 1. Load-balancing - each subsequent mail from the same host gets a slower response and things like that, stops one spammer hogging the CPU; 2. SMTP protocol enforcement - the SMTP RFC doesn't have many MUSTs, but lots of spammers don't even do those, like they don't wait for the greeting before starting trying to send their spam, or they try to put your mailserver hostname in the HELO; 3. Whitelisting - only allowing approved senders into your main INBOX while the rest go into further filtering and probably a grey INBOX. Only the third of those could be supported by SOGo (the first two are best done in the SMTP server software), but it would be nice if it was. Regards, -- MJ Ray (slef), member of www.software.coop, a for-more-than-profit co-op http://koha-community.org supporter, web and library systems developer. In My Opinion Only: see http://mjr.towers.org.uk/email.html Available for hire (including development) at http://www.software.coop/ -- users@sogo.nu https://inverse.ca/sogo/lists
