Date: Mon, 2 Apr 2007 21:57:01 -0500 From: Jeffrey Goldberg <jeffrey@goldmark.org> To: Angelin Lalev <lalev@uni-svishtov.bg> Cc: questions@freebsd.org Subject: Re: advice on anti-spam tools Message-ID: <EDA1A544-6523-462D-8A41-5E93EC3340B6@goldmark.org> In-Reply-To: <0875b56eeca4d320fd9fa7b0d940fce2@uni-svishtov.bg> References: <0875b56eeca4d320fd9fa7b0d940fce2@uni-svishtov.bg>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail-2--306667832
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=US-ASCII;
delsp=yes;
format=flowed
[mailed and posted]
On Apr 2, 2007, at 5:28 PM, Angelin Lalev wrote:
> Hi List,
>
> My e-mail server is running the latest spamassassin with all of the
> blacklist enabled and etc.
> but I still receive over 20 spam messages a day ("image" spam mostly).
> The situation with other users may be worse. That's why I was
> thinking about some tool that
> 1. store incoming email
> 2. send request to the sender of the message, requiring to go to
> some address and enter the numbers (letters)
> from image
> 3. if the puzzle is solved in time (week or so) deliver the
> message, otherwise delete it.
>
> Is there such tool(s) ?
Most people with email administration experience (including me) think
that such challenge/response systems are a bad idea. Others have
mentioned some of the reasons.
Many people have taken to doing OCR (Optical Character Recognition)
on incoming email to try to filter out image spam. Personally, I
don't think that that is a good use of resources, and that the
spammers clearly have the upper hand in that battle. You may wish to
look at the ImageInfo plug-in to spamassassin.
Have you tried Bayesian learning with spamassassin? Also when you
say "all of the black lists enabled" there still may be more that are
useful. Look at the IP addresses of things that pass you spam and
look them up at
www.dnsbl.info
to see which, if any, lists they are in. Consider using those
lists. But more and more of the things that I am seeing aren't
listed in any of those lists.
I try to do as much blocking as early as possible (using SPF and
sanity checks on the initial part of the SMTP session (reverse
mapping of client IP, sane HELO values, etc). So I can do most of my
rejections prior to ever having to pass mail to spamassassin.
But on the whole, spam is an unsolved problem. And is well beyond
the topic of this discussion list. I'd recommend that you look at
something like a spamassassin mailing list. Sorry I can't be more
helpful.
-j
--
Jeffrey Goldberg http://www.goldmark.org/jeff/
--Apple-Mail-2--306667832--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?EDA1A544-6523-462D-8A41-5E93EC3340B6>