You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by "Kenneth P. Turvey" <kt...@squeakydolphin.com> on 2008/05/16 22:12:07 UTC
Better spam control
I'm using a couple different DNS based blacklists, but I'm still getting
a lot, and I mean a lot, of spam in my inbox. What are your
recommendations for controlling spam? Are there any other DNS based
blacklists that I could use?
Currently in use:
Blacklist:
bl.spamcop.net
dnsbl.njabl.org
Whitelist:
query.bondedsender.org
I tried using the Bayesian filter in the config, but I couldn't get it to
work. I'm a bit concerned about doing this on the server anyway, but it
might be acceptable if I could get it to work.
--
Kenneth P. Turvey <kt...@squeakydolphin.com>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: Better spam control
Posted by David Legg <da...@searchevent.co.uk>.
Kenneth P. Turvey wrote:
> I'm using a derby database for the spools and
> such. I think it had a problem with finding a place to put things. I
> wasn't sure what to do to get it to work, so I turned it off. Should I
> give it another shot and provide you people with error details? I
> assumed it wasn't a fully implemented feature yet.
I use MySQL for storage but Derby must be pretty similar. I'm sure if
you send a partial stack trace and/or any messages, someone will be able
to set you straight.
Just for reference there is more documentation on the James Wiki [1].
> I thought spamcop would work better than it does.
Just think of Blacklists as just one of many measures you need to take
to reduce spam. It's called 'defense in depth' where you put up as many
barriers as you practically can in the hope that spam will fail to get
through one of them. I happen to think that Bayesian analysis is one of
the more effective measures but it is by no means the perfect solution
on its own. For one thing it always needs constant feeding so it can
detect the latest style of spam.
Other techniques you may want to research include: Teergrubing[2],
VERP[3], Tarpitting[4], Greylisting[5], SPF[6]. The list goes on and
on! Luckily, most 'normal' people use major ISPs for their email and
the ISPs do the defense in depth thing for them. If 'normal' people
were exposed to the fantastic amounts of spam without any form of
protection they would be amazed!
Regards,
David Legg
[1] http://wiki.apache.org/james/Bayesian_Analysis
[2] http://www.iks-jena.de/mitarb/lutz/usenet/teergrube.en.html
[3] http://cr.yp.to/proto/verp.txt
[4] http://www.palomine.net/qmail/tarpit.html
[5] http://projects.puremagic.com/greylisting/whitepaper.html
[6] http://new.openspf.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: Better spam control
Posted by "Kenneth P. Turvey" <kt...@squeakydolphin.com>.
On Fri, 16 May 2008 23:34:11 +0100, David Legg wrote:
> I don't know why you say you couldn't get it to work. I'm assuming you
> trained it by sending it spam and ham messages. It takes a while to
> improve itself and you do have to religiously send it any spam that
> escapes. Give it at least a week before measuring its success rate.
I really couldn't get it to work. I got some kind of exception, but I
don't remember what. I'm using a derby database for the spools and
such. I think it had a problem with finding a place to put things. I
wasn't sure what to do to get it to work, so I turned it off. Should I
give it another shot and provide you people with error details? I
assumed it wasn't a fully implemented feature yet.
> One final word. Don't put too much reliance on DNS blacklists. One
> worrying trend at the moment is for spammers to hire armies of drones to
> manually overcome the Captcha technology used by Google and Yahoo to
> create legitimate accounts from which they can send auto-responder
> emails. No genuine blacklist is going to put Google or Yahoo on their
> lists!
This is a problem. I thought spamcop would work better than it does. It
is far better than the other blacklist, but still lets through a lot of
spam.
--
Kenneth P. Turvey <kt...@squeakydolphin.com>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: Better spam control
Posted by David Legg <da...@searchevent.co.uk>.
Hi Kenneth,
> I'm using a couple different DNS based blacklists, but I'm still getting
> a lot, and I mean a lot, of spam in my inbox. What are your
> recommendations for controlling spam?
>
I swear by the Bayesian filter for spam control. Out of 450 daily spams
it only lets one or two through.
You have to be aware of its limitations though. For one thing I only
have a small number of users using it. If I had to manage lots of users
the filter might start removing emails which one person thinks is spam
while another doesn't. I guess that's why you were concerned about
doing it on your server.
I don't know why you say you couldn't get it to work. I'm assuming you
trained it by sending it spam and ham messages. It takes a while to
improve itself and you do have to religiously send it any spam that
escapes. Give it at least a week before measuring its success rate.
One final word. Don't put too much reliance on DNS blacklists. One
worrying trend at the moment is for spammers to hire armies of drones to
manually overcome the Captcha technology used by Google and Yahoo to
create legitimate accounts from which they can send auto-responder
emails. No genuine blacklist is going to put Google or Yahoo on their
lists!
Regards,
David Legg
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org