On Sun, 4 Mar 2007, Graham Beneke wrote:
Blacklisting based on the domain is the first thing that comes to mind -
but I am not convinced that it is an ideal solution. Many of the current
RBL's have continuous problems dictating their policies for 'where the
line is drawn' and then trying to implement that without making both
senders and receivers of mail rather annoyed.
Pymilter tracks the shades of grey between blacklist and whitelist.
The reputation of each domain is tracked independently for each SPF result
(after rejecting FAIL). Currently, after 24 spams (and no hams) from a
disposable domain, that domain starts getting rejected. (Confidence
decays over time, eventually allowing a mail from the domain again.)
This is mainly an efficiency improvement. The spam/ham is decided by
a content filter (which is auto-trained based on whitelisted emails for ham
and blacklisted/honeypot emails for spam). By rejecting in SMTP envelope,
we save bandwidth, and there are far fewer entries in quarantine (making
finding the rare false positive much easier).
The piece that SPF brings to the equation is a way to assign "blame" for
the spam to domains rather than IPs.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735