--
On Mon, Jun 10, 2002 at 07:19:12AM +0800, Suresh Ramasubramanian wrote:
| +++ Derrick 'dman' Hudson [09/06/02 13:58 -0500]:
| > Actually, the bigger the ISP the more worried you need to be. When an
| > ISP is large enough, it will have lots of IP addresses and customers
| > who could be spammers. In addition, their abuse desk (if they have
|
| There are several ISPs who - even with their size, are proactive about spam.
That's nice to know.
| > one) will be overloaded and in the end they probably won't do much to
| > help the problem. As for reputation ... has anyone heard of AOL,
| > Yahoo, Hotmail, MSN, or Earthlink? Lots of spam comes through there.
|
| Freemail services and spam - yes, spam comes through them, but the majority
| of spam with a freemail (hotmail, email.com, yahoo, whatever) address in the
| from or headers is either totally forged headers, or did not originate from
| or pass through the freemail service's network at all.
Yeah, a lot of it is forged.
| Earthlink in fact has a pretty good abuse desk.
Oh, I've heard some bad comments about their dialup pool and abuse
desk. I don't know if they still are, but they used to be in SA's
default flagging based on Received: headers.
| Oh, and they use Exim.
Cool.
| > apart from people who will stop accepting all mail from your server
| > (and your valid customers). In fact, people who use sa-exim won't
|
| Spamassasin being the thingy that recently blocked the CAUCE newsletter as
| spam because it contains the word spam, has the words "opt out" in it, etc
| etc? Heh.
:-). How high was the score? I don't bounce everything that scored
over 5, just things that scored over 10.
| Content based filtering, no matter how efficient and how well setup,
| is a can of worms.
Yeah, it's not perfect.
| If you use spamassasin, or other content filtering system, the way
| to go would be to tag a header onto those things and/or file them to
| a separate folder, not bounce / bitbucket all mail that spamassasin
| thinks is spam.
Rejecting (not bouncing, and not bitbucketing) the mail means that
false-positives will get back to the sender _and_ that I'm not
responsible for bouncing to the invalid addresses the spammer forged.
On the positive side, I don't actually reject much junk anymore. I
think my address must have been marked as bad on the spam lists since
the spam couldn't get through :-).
-D
--
"...the word HACK is used as a verb to indicate a massive amount
of nerd-like effort." -Harley Hahn, A Student's Guide to Unix
GnuPG key :
http://dman.ddts.net/~dman/public_key.gpg
--
[ Content of type application/pgp-signature deleted ]
--
