RE: spam

Markku,

Markku Savela wrote:
The best techical solution that has been proposed seems to
be the "tarpit" solution: detect spam on the fly and slow
down the reception to trickle as "spamminess" grows. The
great feature of this is, that it actually would keep spam
"off my network" by stopping the flow.
I would think technically, one would run a frontend tarpit
pipeline on the standard SMTP port as follows
port 25
--------> TARPIT ----> real SMTP on other port or host
             ^
             |
         SpamRules
TARPIT would listen incoming connections, establish another
connection to real SMTP server. It would examine the data
on fly and slow the incoming reception when the spam index
grows. Mail would not be rejected, just slowed, as
"spammines index" grows.


I agree it's part of the solution; I use something like this already
called BCWare NoSpam (http://www.bcwaresystems.com/nospam/).

However, it's all about having good SpamRules. The SpamRules I currently
use are based on IP address using multiple spamlists such as MAPS,
Spamhaus and ORDB. Even with these real-time blackholing lists based on
the source IP address it's not enough to block more than half of the
spam if lucky.

If you want SpamRules based on content (such as containing certain words
in the text) you need to receive the entire thing. Problem is
occasionally I have to retrieve a false positive so it is better at this
time to have a filter in the email client that puts spam in a spam
folder that can be searched. Unfortunately this does not help with
storage space. The two systems are complementary, I think.

Of course, this solution only works if you are receiving your
mail directly. If you receive your mail via mail forwarder,
this won't help - the mail forwarder must be using it.


Actually, you are incorrect here. I use a piece of software called
Popcon
http://www.christensen-software.com/popcon.htm
It retrieves email from multiple pop3 accounts I have and analyze
headers. Even if the SMTP server that received the spam does not filter,
if one of the mail servers down the chain is a known open relay or
spammer the spam is sent directly to the bit bucket and I never see it.
I use the same blacklists as for BCWare NoSpam.

Michel.

<Prev in Thread]	Current Thread	[Next in Thread>
Re[2]: spam, (continued) Re[2]: spam, Dean Anderson Re[3]: spam, Richard Welty Re[3]: spam, Dean Anderson Re[2]: spam, Richard Shockey Re: spam, Dean Anderson Re: spam, Eric A. Hall Re: spam, Dean Anderson Re: spam, Eric A. Hall Re: spam, Dean Anderson Re: spam, Eric A. Hall RE: spam, Michel Py <= RE: spam, Michel Py RE: spam, Michel Py RE: spam, Dean Anderson Re: spam, J. Noel Chiappa Re: spam, Anthony Atkielski RE: spam, Christian de Larrinaga RE: spam, Tomson Eric \(Yahoo.fr\) Re: spam, J. Noel Chiappa Re: spam, Dominic Pinto RE: spam, Michel Py