[prev in list] [next in list] [prev in thread] [next in thread] 

List:       opensuse
Subject:    Re: [opensuse] Can spam be defeated?
From:       Sandy Drobic <suse-linux-e () japantest ! homelinux ! com>
Date:       2006-12-21 11:35:58
Message-ID: 458A719E.5040408 () japantest ! homelinux ! com
[Download RAW message or body]

Daniel Bauer wrote:

> I am not at all an expert, but I dislike the option of rejecting emails due to 
> a blacklist. I prefer to have spam in my spam-folder (after it has been 
> marked by Spam-Assassin), where I can quickly overview the subject lines.

This is only possible if you do not receive too much spam. We lost some 
emails in the past because they were buried in a heap of spam. The woman 
who had to wade through all the junk just skimmed over the subject lines 
and then deleted all mail that didn't catch her eye.

> Some years ago my (old) ISP started rejecting e-mails using a blacklist. At 
> that moment one of the lagest german ISP's ("Schlund+Partner" and its 
> numerous sub-companies) was blacklisted. I suddenly had no more business 
> contacts to Germany anymore and it took quite a while for me to find out 
> why... The ISP told me, I should write to my business partners that they 
> shall change their ISP. This sounded like a joke to me, as many of my 
> partners are quite large companies and their IT staff for sure is much more 
> experienced than I am. In the end I changed to another ISP that let *me* 
> decide from whom I want to receive mail or not.

The purpose of a mailserver is to receive desired mails and send valid 
mails. If an administrator is using restrictions that defeat that purpose 
he needs the change these settings. I definitely can understand your 
decision, I would have done the same.

That is exactly the reason why I am warning everyone not to use a huge 
list of blacklists without investigating their listing policy, delisting 
policy and the user experience.

A company mailserver can afford to apply stricter checks than a general 
purpose isp mailserver. I spend half an hour every day just to review the 
maillog to verify that I did not misconfigure my systems to reject the 
wrong clients.

> 
> Using blacklists for warning/marking purposes seems ok to me, but letting a 
> blacklist make decisions can be dangerous. Just my opinion.

Spamassassin and consorts do that kind of check. Unfortunately, these 
checks are expensive (many external dns queries and cpu intensive content 
checks). If you have a high-volume mailserver you will probably choke on 
all the spam that gets processed by the content_filter.

My approach is to weed out most of the obvious spam clients with 
reasonable blacklists, postfix checks and selective greylisting and then 
let spamassassin deal with the rest. For better detection of picture spam 
I even installed FuzzyOCR to recognize these spams. That spam only gets 
tagged and then delivered to the mailbox of the recipient.

Sandy

-- 
List replies only please!
Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com
-- 
To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse+help@opensuse.org

[prev in list] [next in list] [prev in thread] [next in thread]