Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
A description of spam filtering techniques used by an ISP that claims to have "the most advanced Spam and Virus Filter on the Planet!" http://www.junkemailfilter.com/spam/how_it_works.html Of note is that he's using Exim, and claims that many of the techniques can only be implemented with Exim. (I'm not sure if that's true, as I haven't tried implementing these ideas in Postfix yet, but I had implemented some of the ideas he mentions in my custom SMTP proxy.) There was one non-Exim specific technique listed that I hadn't seen mentioned elsewhere: A lot of spammers target the highest MX record instead of sending to the lowest one like they are supposed to. [...] So - my simple solution is that on my highest MX record I have a dummy server that returns a temporary error on EVERYTHING that connects to it. I'm aware of that observation, but this was the first time I'd heard of someone taking advantage of it. Similar to graylisting, but with fewer side effects. This server is actually on the same computer as my lowest MX record so it is never really up when the main one isn't and in theory should never get a legitimate email. Tough to implement if you've only got one static IP. Of the spam this rejects - it's 100% accurate. Wonder if he has the logs to prove that? :-) -Tom -- Tom Metro Venture Logic, Newton, MA, USA "Enterprise solutions through open source." Professional Profile: http://tmetro.venturelogic.com/
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |