Re[2]: [Exim] Per-user dnslist exceptions

On Mon, 6 May 2002, Richard Welty wrote:

> i would strongly urge going to warning only on Spamcop.

What seems to be quite effective is to reject mail when there's a
blacklist entry both in Spamcop (for actual spamming) and in one of
the technical blacklists - one or more of ORDB, Osirusoft-open-proxy,
dynablock, blitzed, Formmail etc. This means that the site has been
detected to be both technically defective _and_ actually misused for
spamming.

Refusing mail on the basis of just one blacklist (except for the MAPS)
seems to be a bit too trigger-happy for comfort.

{E.g I just found that hera.kernel.org [64.158.222.226] is blacklisted
at SPEWS as being in an IP range controlled by a porno spammer...???}

> the Spamcop bl has
> been discussed extensively elsewhere, and it has some signficant
> methodology issues that render it unsuitable for anything other than
> warn-only.

With exim v3 we're seeing quite good results with adding warning
headers at SMTP time, and then rating them in the system_filter. The
penalty assigned for matching both spamcop and one of the technical
open-relay blacklists is such as to ensure rejection, whereas (in the
absence of other penalties) an entry in one or the other alone would
not result in refusal.

Sure: that leaves us with quite a number of undeliverable bounces on
our hands, but that's tolerable for now. I gather that this could be
handled at SMTP time in v4.

best regards