Re: Spam filter

Begin <13jefvumkk1k208@xxxxxxxxxxxxxxxxxx>
On Sun, 11 Nov 2007 12:46:19 -0500, Bolwerk <bolwerk@xxxxxxxxx> wrote:
Speechless wrote:

Besides, they're a for-profit organization serving a specific religious
community, with a domain name that has a religious connotation.

For profit religion? I can think of only one, and a litigous one at that.
If I'm wrong please do tell.


[snip]
I've also encouraged a general policy towards spam reduction that
includes keeping e-mail addresses off web sites,

While that in general is a reasonable policy...

using web forms instead,

.... this is not good general advice, ...

and creating event-specific addresses for when ending up on the web is
unavoidable.

.... while separating roles and events and persons is a good idea.


My point is that webforms are good and well, but they push essentially
unrelated infrastructure requirements on the sender. In fact, for
certain things they are completely unacceptable. Point in case: abuse@
contacts. If it turns out your abuse@ is filtered in some way or even
completely blocked unless I send in a webform with a captcha behind a
picture saying ``beware of the leopard'', etc. you get the picture, I
will shitlist the entire organisation up to blackholing at the router
level.

Having said that, I want to stress that webforms are not essentially
evil, but they're no worthy replacement for email addresses either.

That leaves the problem of making sure humans can read the address and
crawlers, or at least those spammers use, less so. There are a couple of
things you can do, but I'll leave those as an excercise for now.


We pay for bandwidth by the gigabyte, so each rejected message adds
up and costs money in the end. So I strongly discourage any public
posting of addresses.

Flatrates are pretty widespread now, and as already mentioned using
something like postini is going to be more effective than filtering on
your end of the link you pay for. If you can't outsource then perhaps
you can colo a mail receiver somewhere on a flatrate and have it send
you the filtered mail. Perhaps even over a compressed link.


I'm not entirely comfortable with all out blacklisting, so I haven't
enabled that firewall feature.

You have to be very careful indeed to do that. Not something for the
casual mailadmin to undertake. Greylisting, MX tricks, and some sanity
checking on rfc requirements are a good start, and various filtering
techniques can block a lot too. As always, give yourself the right tools
so you can see what is being rejected. False positives are more damaging
than false negatives. Especially with abuse@ and postmaster@.


--
j p d (at) d s b (dot) t u d e l f t (dot) n l .
This message was originally posted on Usenet in plain text.
Any other representation, additions, or changes do not have my
consent and may be a violation of international copyright law.
.