On Fri, 14 Nov 2014 07:45:49 -0500 Miles Fidelman <mfidel...@meetinghouse.net> wrote:
> From the point of view of someone who administers a lot of systems > and mailing lists, I end up getting multiple copies of lots of > messages. I've been thinking for a while about how to implement > anti-spam rules based on receiving multiple copies of the same > message. I have an experimental botnet detector that looks for multiple messages with similar subjects that come from many different countries (as determined by geolocating the relay IP.) So far, it's been fairly effective at alerting me to new botnet spam runs, but unfortunately the signal-to-noise ratio is still a bit rough to use it to create automated rules. You also need to be running a server that receives a significant volume of mail for this sort of thing to be effective. Regards, David.
