Hello Rob, Sunday, December 12, 2004, 9:48:43 PM, you wrote:
RB> Thanks for your comments on my rulesets, it was just the guidance RB> that I needed. My rulesets up until your comments were based on my RB> ideas, so that should answer any of your questions. You're welcome. >> You don't indicate whether you can/do use Bayes, SURBL, or the various >> network tests. They help greatly (and SURBL is the best defense >> against those "only have a graphic and link" spam emails. Each new >> domain may sneak one or two through until SURBL gets updated, but then >> they're dead. RB> Yes, BAYES is running and is updated through sa-learn running RB> against my various mailboxes every night. RB> When 3.0.0 came out, Mandrake did not support it yet, and I missed RB> the SRBL discussion. I checked out the website, but I am still RB> clueless about it. Could you point me to something that will clue RB> me in? If you're running 3.0.x, and SpamAssassin can access the 'net via DNS, then SURBL should be running. You should be getting an occasional SURBL rule flagged in the spam you're catching. Others can tell you better than I how to determine through spamassassin -D whether it's working or not. RB> And similarly about network tests. I assume that you mean RB> comparing messages against public databases on the net. I thought RB> that TOP_200, and TRIPWIRE did that for me? If not, what should I RB> be using? Not against databases, but against DNS-based flagging systems. If you have Net::DNS loaded in your system, the basic DNS capabilities should be working, and you'll be getting rules like CVD_IN_BL_SPAMCOP_NET and RCVD_IN_SORBS_DUL hitting on occasion. Bob Menschel
