Autor: Alan J. Flavell Data: Dla: Richard Welty CC: Exim users list Temat: Re[2]: [Exim] Per-user dnslist exceptions
On Mon, 6 May 2002, Richard Welty wrote:
> i would strongly urge going to warning only on Spamcop.
What seems to be quite effective is to reject mail when there's a
blacklist entry both in Spamcop (for actual spamming) and in one of
the technical blacklists - one or more of ORDB, Osirusoft-open-proxy,
dynablock, blitzed, Formmail etc. This means that the site has been
detected to be both technically defective _and_ actually misused for
spamming.
Refusing mail on the basis of just one blacklist (except for the MAPS)
seems to be a bit too trigger-happy for comfort.
{E.g I just found that hera.kernel.org [64.158.222.226] is blacklisted
at SPEWS as being in an IP range controlled by a porno spammer...???}
> the Spamcop bl has
> been discussed extensively elsewhere, and it has some signficant
> methodology issues that render it unsuitable for anything other than
> warn-only.
With exim v3 we're seeing quite good results with adding warning
headers at SMTP time, and then rating them in the system_filter. The
penalty assigned for matching both spamcop and one of the technical
open-relay blacklists is such as to ensure rejection, whereas (in the
absence of other penalties) an entry in one or the other alone would
not result in refusal.
Sure: that leaves us with quite a number of undeliverable bounces on
our hands, but that's tolerable for now. I gather that this could be
handled at SMTP time in v4.