Alan Clifford skribis:
Ruud H.G. van Tol:
I blacklist on IP-nr/16, see my
http://www.xs4all.nl/~rvtol/procmailrc.txt
Do you get any mail at all through that :-)
Plenty. And I hardly change it at all. It's quite efficient,
because for most messages only the headers are checked.
My ISP marks spam for me on based on info from
several DNSBL servces (like SpamCop). Only when
a spam message gets trough, I add the /16 IP nrs
of all the hosts that that message passed to my
ip_spam.rc.
I have a small ip_bulk.rc and a small .procmailrc.-
whitelist (which should be called a greenlist) to
The concept I'm toying with is to let the spammers automatically
censor themselves. And doing it with IP numbers seems an interesting
route for me to follow up.
I see it as a criminal network.
So the idea is that orgio.net, with 9 spams, last one on 16th May,
puts itself into the blacklist and stays there until the last spam
is, say, over a month old.
I only correct when something goes wrong. I check all redirected
messages once in a while.
And maybe email addresses are recycled over time as well - I can just
wait and see.
Don't count on it. I totally stopped matching spam on email-adresses,
hostnames or special words or phrases in messages, and it wurkz.
Extending this to IP numbers would be interesting. I'd have to hack
these out of the received headers I guess. How careful would I have
to be? Is the earliest header always the one furthest into the email?
See my scheme, I have been through that and more. Try to get a DNSBL
as the first step, that will save you a lot of work. See as an example
the FAQ of http://spamcop.net/ about how to make sendmail add such a
header.
--
Affijn, Ruud
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail