> > My advice is to drop almost all RBL for REJECTING
> > email and use them STRICTLY for "Greylisting" email.
> >
> I've considered this.
>
> The only concern I have is that a small percentage of our
> users opt to
> use SPAM filtering,
Then you really should only filter on those who opt to
use Spam filtering.
And this does give you (a bit) more leeway in what
you do for those who choose to use the anti-spam
services you provide.
> most do not, and a large percentage of
> users are the
> type that have mailboxes and never check them - so they turn
> into SPAM
> receptacles just collecting up to 60 days of SPAM for us to
> back up and maintain.
You really shouldn't be rejecting ANY email for
those who "opt out" unless you make that clear which
essentially means that a customer cannot truly do
that (i.e., opt out.)
Also note: You will lose almost no legitimate
email with greylisting. You will lose almost no
legitimate email with well chosen RBLs (but that
varies by user although I really like SBL+XBL.)
When you combine the two, problems are virtually
non-existent.
Greylisting knocks about 93% of spam (for us) and
a good RBL system can usually hit a higher percentage
mostly overlapped so we see about a 90% reduction.
> I've considered disabling all black lists that add sites for sending
> SPAM and only using the open proxies, open SOCKS, open relay RBLs. I
> figure most legitimate blocked mail comes from places (like
> hotmail/myway.com/yahoo/gmail/excite which cause the most
> problems with
> our users and blacklisting) that are at least competent enough to not
> fall in those categories.
None of these methods will help with free and low
cost throw away accounts from the "majors", e.g.,
yahoo, msn, etc.
For those you MUST do content analysis (or user
specific block lists.)
SpamAssassin can be your friend. Perhaps you could
mark-up the likely spam (using SA) and then delete
that stuff after a week having warned your users.
We actually use two SpamAssassin thresholds: One for
likely spam, and one for "high spam" -- although again,
we never block email on either of these alone.
I use the greylists to cut the volume down -- then
I use the combo methods to reject anything that gets
through as far a SpamAssassin -- notice that SA doesn't
even need to filter any email that never gets past the
greylist process.
--
Herb Martin
> -----Original Message-----
> From: exim-users-bounces@???
> [mailto:exim-users-bounces@exim.org] On Behalf Of Steven B
> Sent: Monday, March 13, 2006 3:18 PM
> To: Herb Martin
> Cc: exim-users@???
> Subject: Re: [exim] Most Lenient RBL implimentation?
>
>
> > My advice is to drop almost all RBL for REJECTING
> > email and use them STRICTLY for "Greylisting" email.
> >
> I've considered this.
>
> The only concern I have is that a small percentage of our
> users opt to
> use SPAM filtering, most do not, and a large percentage of
> users are the
> type that have mailboxes and never check them - so they turn
> into SPAM
> receptacles just collecting up to 60 days of SPAM for us to
> back up and
> maintain.
>
>
> Steve
>
>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
>
