[Sussex] Spam filter in Evolution

Ronan Chilvers ronan at thelittledot.com
Tue Dec 6 11:24:10 UTC 2005 

On Tue, 06 Dec 2005 09:49:12 +0000
Colin Tuckley <colin at tuckley.org> wrote:

> NO! The dynamic lists are evil.
> 
> They don't accept updates from people and thus are always out of
> date. More importantly they block legitimate people like me who run
> proper mail servers on cable broadband.

I have to agree with you Colin.  In my experience, public RBLs
(Realtime Blackhole Lists) and their ilk are a good idea, but are
fraught with problems, eg: blocking legitimate servers, difficulty of
getting servers off the list once they're on it, criteria for listing
(which can be a little sweeping for some), etc, etc.  There is some
mileage in lists for servers which are known to be problematic, such as
open relays. In general I think if you want to use an RBL system,
you're better off setting up your own private list, with your own
criteria and running from that.  I use a mix of mysql based lists,
regexp lists, and straight hash tables for SMTP level blocking, and
then use spamassassin, clamav and bitdefender held together by amavisd
for bayes filtering and virus sweeping.  However the most effective
technique I use is greylisting which cuts down on spam MASSIVELY.  Its
potentially a rather short lived technique in the grand scheme of
things, but at the moment is very useful.  I also use SPF filtering
which is _very_ useful for filtering out junk, but again might only
be a short term solution.

Having said all that, running external mail filters (ie: filters not
directly built into the SMTP server such as my regexp and mysql lists)
can be resource intensive. If you're a major ISP with 100 000s or
even 1000 000s of accounts, the outlay for sufficiently powerful
hardware to run something like spamassassin (which is very resource
hungry as a server instance) would be considerable and they may not
think its worth the effort to keep it all tuned, especially if you're
allocating disk space to store junk mail. Some ISPs do offer it as
Desmond points out, but they tend to be the whoppers like hotmail who
have 1./ a lot of cash and 2./ the incentive - hotmail must be one of
the most widely targeted email service for sending spam in both
directions (ie: to hotmail accounts and purportedly, from hotmail
accounts).

At the end of the day, enforceable laws are needed to bash the spammers,
not techno widgets. Technological solutions end up in a spamming arms
race but don't bring an end to it.  Decent laws combined with
technology is the way forward.

That doesn't help Paul with his Evolution problem of course, (sorry
mate!) but that's my 2p anyhoo!!!

Cheers

-- 
Ronan
e: ronan at thelittledot.com
t: 01903 739 997
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mailman.lug.org.uk/pipermail/sussex/attachments/20051206/3fcbeead/attachment.pgp

More information about the Sussex mailing list