Date: Mon, 2 Apr 2007 21:57:01 -0500 From: Jeffrey Goldberg <jeffrey@goldmark.org> To: Angelin Lalev <lalev@uni-svishtov.bg> Cc: questions@freebsd.org Subject: Re: advice on anti-spam tools Message-ID: <EDA1A544-6523-462D-8A41-5E93EC3340B6@goldmark.org> In-Reply-To: <0875b56eeca4d320fd9fa7b0d940fce2@uni-svishtov.bg> References: <0875b56eeca4d320fd9fa7b0d940fce2@uni-svishtov.bg>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail-2--306667832 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed [mailed and posted] On Apr 2, 2007, at 5:28 PM, Angelin Lalev wrote: > Hi List, > > My e-mail server is running the latest spamassassin with all of the > blacklist enabled and etc. > but I still receive over 20 spam messages a day ("image" spam mostly). > The situation with other users may be worse. That's why I was > thinking about some tool that > 1. store incoming email > 2. send request to the sender of the message, requiring to go to > some address and enter the numbers (letters) > from image > 3. if the puzzle is solved in time (week or so) deliver the > message, otherwise delete it. > > Is there such tool(s) ? Most people with email administration experience (including me) think that such challenge/response systems are a bad idea. Others have mentioned some of the reasons. Many people have taken to doing OCR (Optical Character Recognition) on incoming email to try to filter out image spam. Personally, I don't think that that is a good use of resources, and that the spammers clearly have the upper hand in that battle. You may wish to look at the ImageInfo plug-in to spamassassin. Have you tried Bayesian learning with spamassassin? Also when you say "all of the black lists enabled" there still may be more that are useful. Look at the IP addresses of things that pass you spam and look them up at www.dnsbl.info to see which, if any, lists they are in. Consider using those lists. But more and more of the things that I am seeing aren't listed in any of those lists. I try to do as much blocking as early as possible (using SPF and sanity checks on the initial part of the SMTP session (reverse mapping of client IP, sane HELO values, etc). So I can do most of my rejections prior to ever having to pass mail to spamassassin. But on the whole, spam is an unsolved problem. And is well beyond the topic of this discussion list. I'd recommend that you look at something like a spamassassin mailing list. Sorry I can't be more helpful. -j -- Jeffrey Goldberg http://www.goldmark.org/jeff/ --Apple-Mail-2--306667832--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?EDA1A544-6523-462D-8A41-5E93EC3340B6>