what's your mta and if sendmail, how do you do that?
> * Reject relays from a couple of conservative blacklists (e.g. SBL at
> http://www.spamhaus.org )
i use them, mail-abuse.org, njabl.org, proxies.monkeys.org
the rbls i use through terminate 1/3 of all smtp transactions here.
> * Use a greylist of "troublesome domains" to reject spam based on a
> forged address. Since spammers love to forge aol.com, hotmail.com,
> yahoo.com, etc. as the sender, I check those senders' relays to
> reverse-resolve to the right domain. This catches a lot of spam
> but it also breaks all those sites that have "forward this to a
> friend by email" if the person gives it a source address in my
> greylist (since those sites basically forge the mail). Since this
> is a prime method to collect addresses for spamming list, I don't
> feel bad about discouraging this behavior.
code?
> The above blocks about 10000 spams per day at our site,
> and of the 25000 Internet mails we still receive each day,
> another 5000 are flagged as spam by SpamAssassin so the
> user can filter using their mail client.
>
> What a lot of people perceive as "legitimate marketing email" here
> looks like spam to me (and to SpamAss) so we have about 50 addresses
> in a whitelist. To manage those requests, I started the threshold at
> 7 pts and have shrunk it by .1 each to week. We're right at 5.0 now.
that's about what i do here. i'm dumping anything over 12 and flagging anything over 5. for me personally, i'm procmailling anything over 5 and looking that folder once or twice/week. In the six weeks i've been filtering at 5, i've had one false positive out of 1600+ spams. And that false pos was a sales weasel anyway, not a customer or anyone important; he'd have gotten on the phone eventually, they always do!
site wide, lets just same some people have more tolerance for pink fonts than i do and so i had some whitelisting to do early on. (it doesn't help that the owner of the company is on a spammy isp in asia, and that he likes to SHOUT his surname and subject lines. he's been rbl'd and spamassed before, he's now on every whitelist i have.)
don't get me started on one of the marketing consultants the S&Mers employ. between his garish fonts, his silly 50 line .sig bragging about every company he's ever cleaned toilets at, and his propensity to attach 1.5MB .bmp's to his e-mails for no apparent reason. <sigh> whitelisted. (but mimedefang still takes his .bmp's -- after he sent one to me i refused to <heh> budge, on that point. at least zip the muthafuckas if you just *have* to send 'em.)
> I silently discard any emails that get more than 10 points by SpamAss.
>
> Personally, I used to get about 100 spams/day in my INBOX. I delete
> anything with more than 5 pts automatically, and throw anything with
> 3-5 pts into a special folder. I get 2-3 there per day.
>
> Some spammers are learning to work around SpamAss
> heuristics. I get a few a week with around 1 pt. :(
yeah, that's what i've been seeing which is why i really need to look at getting bayes going. my work e-mail address is a tla that was 10 1/2 years old a few days ago, so i'm on every fucking list in the world.
-- no Onan
"superior sound quality"