Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Spam control again



Rich,
On Mon, 14 Jul 2003 at 22:49 -0400 Rich Braun was heard to utter:

RB> I too have taken measures identical to Joe's, but I do not wish that
RB> requirement on my non-technical friends who mainly use hotmail or AOL.
RB> Hotmail, in particular, is awful in that it's a spam magnet and the sysadmins
RB> there have not done an effective job sorting spam from normal email.

I think you hit it on the head with your last sentence;  the real issue is
that ISP's and mail providers have not taken the appropriate measures to
control spam on or through their networks and servers.  As with you and Joe, I
too have taken similar measures and find that it's about 98% effective.  When
ISP's do implement Anti-spam measures they often go to the extreme and use
some of the more restrictive RBL's as a stop rather than a tag mechanism.
This brings large volumes of complaints from users and legitimate external
senders which causes the ISP to revert back to the other corner.

ISP's need to be accountable for performing their due-diligence against
spammers.  If even half of them would secure open relays, and utilize a
multi-layered approach in their anti-spam/antivirus activities; we would see a
dramatic decrease in spam and the related complaint processing.

RB> for the public, via webmail/imap this time rather than UUCP.  (But it'd take a
RB> lot of prodding to get me to do *that* again!)

I already do that and some domain hosting for 20+ friends, family members, and
associates.  Most are mail-only, using Secure IMAP/POP or the web interface
but I still have a few shell users.  I only officially support Pine -lol- or
the web interface, for anything else they are on their own from a support
perspective.

Spamhaus and njabl are implemented as stop mechanisms at the mail server in
addition to the standard server checks-and-balances.  From there we run
through MailScanner (Antivirus/Antispam) for further marking of spam using the
spamcop.net, Infinite-Monkeys RBLs combined with some of spamassassin's tools.
Mail marked as spam at the second level is directed to a "junk" folder in the
intended recipient's mail folders.

Using this approach I stop around 65-70% of the onslaught at the gate with an
acceptable level of comfort that I'm not blocking a legitimate message.  The
rest are processed and filtered to userspace for further action or easy bulk
deletion.

I also actively participate in the anti-spam effort in conjunction with njabl
by allowing them to record queries my mail servers make to their list and
check those hosts for open relay status (as stated in the banner when
connecting to our mail servers for delivery).

This seeming rant had a direction, If I can implement such a system and
effectively stop 65% and mark/filter the rest, imagine the results if major
ISP's did the same?  The solutions all scale; there is no reason short of
negligence for them not to implement a proper solution(imho).

Regards,
--Tim



-- 
This message has been scanned for viruses and
dangerous content and is believed to be clean.
--






BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org