Loosing spam fight
JoaoBR
joao at matik.com.br
Thu Jan 25 10:29:02 UTC 2007
On Thursday 25 January 2007 04:08, Peter N. M. Hansteen wrote:
> For purposes of making the subject less true, setting up greylisting
> with an optional tarpit for known baddies can be very effective. See
> Dan Langille's recent Onlamp article[1] or for that matter my tutorial[2]
> for how this is done using PF and spamd - this way it doesn't matter much
> which MTA(s) you use.
>
> [1] http://www.onlamp.com/pub/a/bsd/2007/01/18/greylisting-with-pf.html
> [2] http://home.nuug.no/~peter/pf/en/, with the specifics of spamd and
> greylisting starting at http://home.nuug.no/~peter/pf/en/spamd.html
all this methods are certainly useless, stay calm ok
the only way to block spam really is blocking any incoming tcp:25 ...
any firewall based method you may use do block innocents as well, ike some do
they block entire IP ranges from countries because most spam comes from them,
that is stupid, more brainless since the spam mostly is not generated by any
of this servers, it only goes through it, this method might cause *you* not
getting this spam but does not stop spam at all ...
probably better, if you like firewall blocks, cutting the complete US IP
address space from sending to any tcp:25 to stop spam definitly, because I
never heard of chinese or african viagra hahahaha
spam block list abviously are very usefull so long as they are maintained
IMO a good way and probably the best way is to do some inicial checks like
connection rate and limit them, then a spam checker like spamassassin for
regex and header checks
still you get SPAM and you never can block spam 100%, spammers change servers,
IPs, patterns faster then we can react, but we all know this right?
and even then if you get it all into your box you still get spam by whom sends
it out without caring of identity or hiding it, a correct email msg but spam
where spam needs to be catched is at the origin, ISPs should take care of this
problem by not permitting access to outside servers but only passing through
their smtp gateways, an outgoing spam check is what needs to be done but
here nobody cares ...
--
João
A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura.
Service fornecido pelo Datacenter Matik https://datacenter.matik.com.br
More information about the freebsd-stable
mailing list