[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Adrian Midgley wrote: | | 80% or more of spam comes from the US - originates there and actually emanates | from unsecured Windows boxes on their cable etc networks.
At work we basically had to blacklist some of the large ISPs DSL ranges to protect our email servers - we were seeing 40 or 50 spambots swallowing up all the available processes connected pretty much until disconnected, and when you swat some others appear like a swarm.
Interestingly it had minimal effect on volume of spam delivered, a lot of these are trying random addresses, or sequential addresses in the domain, and that is pretty ineffective except to find new addresses.
| While in other parts of the world I'm inclined to blacklist and screen _out_ | spam, for the US I think it is time to screen _in_ IE to be seen a sender | must convince me that they are someone I want to hear from - a list or | someone to whom I have been introduced.
I think trying to do it by part of the world is mistaken. IP addresses just don't map nicely, nor do domain names, and abuse comes from China/Korea as much as the US in my experience.
You are also confusing sender with IP address, too much time on the SPF list? ;)
| SO is there a list of all US IP ranges, and is there a tool for doing it on | Linux?
All major MTA will blacklist IP ranges, or as we did reverse lookup of IP address.
They all also blacklist by relay blocking list, although many of the relay blocking lists wouldn't, I think, be suitable for use in a professional capacity. GXN insist on using one of the Japanese blocking lists, and managed to block email from us (one of their clients) for months over a flaw in one web to email form that was quickly fixed.
Similarly one of our servers is blocked at some sites because it forwards email to someone who complained, despite them having to have signed up for the service. It is all to arbitary and unaccountable, and usually run by people whose email is less critical, and who are rabidly antispam to the point of losing genuine email not being a "big issue".
These days "greylisting" has come to mean automated recognition of systems that behave like real MTAs, and although it isn't perfect (some MTAs behave badly), it would probably be of interest. Check out "greylistd" initially.
TMDA (tmda.net) is the main tool for whitelisting correspondents, and the website lists other similar products.
I use TMDA at home because I don't control the main SMTP server (Demon do), but where you run the SMTP server I think prefiltering with a good antispam filter is sufficient for all but the MOST spammed. TMDA might also have a place in schools to kill all the random unpleasant spam that occaisonally gets through other filters. But I think the main thing is to kill before accepting, or to reply, just don't bitbucket email that could me just misaddressed, or misclassified, down that route lies email hell - although Spam Assassin is heavily tuned to try and avoid false positives it still gives them. -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Debian - http://enigmail.mozdev.org
iD8DBQFBN1XNGFXfHI9FVgYRAmIcAJ0cEyXOQOZG4myzalwR3wCZhNiBPgCgjQEg VXRaQVxSauPKnDi0whm5pj4= =rfX9 -----END PGP SIGNATURE-----
-- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.