Date: Mon, 16 Feb 2004 01:52:20 -0800 From: Kris Kennaway <kris@obsecurity.org> To: matthew <matthew@netway.com> Cc: Kris Kennaway <kris@obsecurity.org> Subject: Re: spam removal Message-ID: <20040216095220.GA85880@xor.obsecurity.org> In-Reply-To: <20040216043701.C95778@admin1.mdc.net> References: <20040216091316.98506.qmail@web9602.mail.yahoo.com> <20040216093332.GA85516@xor.obsecurity.org> <20040216043701.C95778@admin1.mdc.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--0OAP2g/MAC+5xKAE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Feb 16, 2004 at 04:44:25AM -0500, matthew wrote: >=20 >=20 > On Mon, 16 Feb 2004, Kris Kennaway wrote: >=20 > > On Mon, Feb 16, 2004 at 01:13:16AM -0800, Olga Zenkova wrote: > > > Hi! > > > Some of my FreeBSD users get to much spam daily. What > > > tools can anybody advice to stop it? Now I have > > > sendmail with access.db, which is already used but I > > > think it is not very effective at all. May be other > > > mail daemon or some additional tools for sendmail? > > > > I recommend bogofilter for per-user filtering. Spamassassin is also > > highly recommended for site use. I tend to dislike DNS-based > > filtering because it has a high rate of false positives, and it causes > > your users to lose legitimate mail if it's rejected at the mail > > server. >=20 > As far as I understand it, one does "not lose email" using dns-based > blacklists. This is an over-generalization...I certainly have mail regularly bounced by dns-based blacklists. > The day i implemented it, my manager sent an email from > someone's home whose wireless AP was not secured. My manager recieved > a error mesg back, saying please visit this site, and it happened to be > an easy off blacklist. He punched in his ip, was automatically removed > and sent the email. Worked great. Too bad it got the most customer > complaints and i canned it. I use 3 now. You've described someone's particular blacklist that was friendly enough to provide an escape route. Most of the blacklists I encounter do not, and the only way I can contact the person on the other side is by sending mail from another (non-blacklisted) host. However, since most of the rejected emails are advisory and sent for the benefit of the recipient, I usually don't bother, and their misguided attempt at spam filtering bites them silently on the ass :) > Feb 16 04:41:05 primx6 sm-mta-label[14301]: ruleset=3Dcheck_relay, > arg1=3D[61.111.22.187], arg2=3D61.111.22.187, relay=3DsPacEoP@[61.111.22.= 187], > reject=3D550 5.7.1 Mail from 61.111.22.187 refused - see http://dsbl.org/ >=20 > these 3 are now running non stop last months. not a peep from > our customers. these machines/ips on these blacklists represent, > the worst scum of the internet, as well as the dumbest. Bear in mind that your customers have no way of knowing that they have lost mail, unless the sender persists and manages to make contact some other way. Kris --0OAP2g/MAC+5xKAE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAMJLUWry0BWjoQKURAnh4AJ9pZQQzAifyzSiTWZI5Co0IdEzotQCg7lGF I1oowQssBcyv+q6d3aOJO60= =1TwQ -----END PGP SIGNATURE----- --0OAP2g/MAC+5xKAE--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040216095220.GA85880>