[BUGS] trapping spam from headers
Edwin Groothuis
edwin at mavetju.org
Wed Mar 5 22:06:17 EST 2008
On Wed, Mar 05, 2008 at 08:34:10PM +1100, Peter Jeremy wrote:
> On Wed, Mar 05, 2008 at 07:48:49PM +1100, Andrew Reilly wrote:
> >Legitimate ISP clients *should* be routing their out-bound mail via
> >the ISP's SMTP server, so this one is probably a spam-bot.
>
> That assumes that the ISP is actually competent and can manage an SMTP
> server - I know at least one that can't. RBLs are a really bad idea
> because it's far too easy for the ISP's SMTP server to wind up on one
> (again, I can give example).
>
> Currently, one of the best anti-spam measures is greylisting. This
> will get rid of most of the low-hanging fruit and saves you having to
> accept the spam. Some sort of Bayesian filter should sop up most of
> what is left.
Greylisting is still a good one for spambots, but not for blocking
invalid email from proper MTAs. Use sender address verification
(not sender domain verification, full address verification). And
make sure you create yourself a report with the ones temporary
rejected by that one because there is a lot of braindead webbased
software which sends out email in the world.
Edwin
--
Edwin Groothuis | Personal website: http://www.mavetju.org
edwin at mavetju.org | Weblog: http://www.mavetju.org/weblog/
More information about the BUGS
mailing list