Re: Spam Filter Efficiency

Jo Rhett wrote:
On Nov 21, 2007, at 9:58 PM, Mitchell Smith wrote:
We are also looking at other open source solutions such as amavis
This may cause a flamewar, but we found greylisting to work pretty well
to generally reduce amount of spam being processed.
We use policyd/mysql with postfix, and there are qmail and sendmail
implementations, and others without using a db.

Id say after setting up greylisting, spam really did go down by 60% or
so. Everything else gets caught by amavis/spamassin/clamav

To complete flamewar bait : ), there is also SPF/DomainKeys which do
reduce some types of spam, sometimes, before it hits your filters
http://www.openspf.org/
http://domainkeys.sourceforge.net/

Also, within spamassassin itself, you can specify various block lists to
check, and assign them preference which will influence the ultimate spam
decision.

ex:
cat /usr/local/etc/mail/spamassassin/local.cf
# Five Ten block list
header __RCVD_IN_FIVETENSRC eval:check_rbl('blackholes',
'blackholes.five-ten-sg.com.')
describe __RCVD_IN_FIVETENSRC Received via a relay in Five Ten block
list
tflags __RCVD_IN_FIVETENSRC net

header RCVD_IN_FIVETENSRC eval:check_rbl_sub('blackholes',
'127.0.0.2')
describe RCVD_IN_FIVETENSRC Received via a relay in Five Ten block list
tflags RCVD_IN_FIVETENSRC net
####
score RCVD_IN_FIVETENSRC 0.5

if you google for spam block lists, you can find others which publish
their blocklist as a dns zone.

Another thing you can do is use pf tarpits with spamd on free/openbsd:
http://www.benzedrine.cx/relaydb.html
This method will also allow you to build your own blacklist over time.



Amavisd can be very high performance if you run it and clamav/whatever
virus checker using temporary storage on a ramdisk. We're quite happy
with it.

If you need more per-user/stream options then check out CanIt. If you
run it on your own hardware the pricing model is pretty easy on the
wallet.


_______________________________________________
freebsd-isp@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: public blacklists
    ... >>The SURBL option examines the URLs in the spam messages and checks ... >>various block lists. ... greylisting is a completely different thing. ... stops lots of spam. ...
    (Fedora)
  • Re: ip on the other end of a connection
    ... On 24 Dec 2006, in the Usenet newsgroup comp.os.linux.networking, in article ... of the numerous block lists. ... them related to spam. ... and the various blocklist search engines. ...
    (comp.os.linux.networking)
  • Re: Installers
    ... It's SPAM, Beth. ... filtering, when it was largely based on hand-entered block lists, ... to be any obvious reason why they were posting that message here. ...
    (comp.sys.mac.system)
  • Re: Own Public DNS Server
    ... servers doesn't mean they categorize it as spam but simply the fact that ... my issue is not really spam. ... You don't have a proper public DNS A/C/MX record for your sending ... As for IP/ISP on block lists, or you being on a listed Dynamic IP, well, ...
    (microsoft.public.windows.server.sbs)
  • Re: previousNode problem
    ... >>You have to live with the differences in implementations, ... already found that you can check the nodeType property to check what ... Yes, and I,ve written a "getPreviousElement" function in consequece. ... (Please send any spam to this address: ...
    (microsoft.public.scripting.jscript)