You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Chris Purves <ch...@northfolk.ca> on 2007/01/24 21:29:25 UTC
How to deal with mailing list spam?
I was wondering what is the best way to deal with spam that comes
through on mailing lists? For mailing lists like spamassassin I
whitelist all mail because I expect to see examples of spam, but for
other lists, is it a good idea to run 'sa-learn --spam'? What about
reporting those spam to razor/pyzor or spamcop?
--
Chris
Re: How to deal with mailing list spam?
Posted by Kelson <ke...@speed.net>.
Chris Purves wrote:
> I was wondering what is the best way to deal with spam that comes
> through on mailing lists? For mailing lists like spamassassin I
> whitelist all mail because I expect to see examples of spam, but for
> other lists, is it a good idea to run 'sa-learn --spam'?
As long as you also run 'sa-learn --ham' on the legit list traffic, it
should be fine, since Bayes will conclude that the list headers &
administrivia are neutral.
> What about
> reporting those spam to razor/pyzor or spamcop?
That might warrant some caution. Headers won't be an issue with Razor
or Pyzor, but any standard blocks of text could end up in their hash
databases. Razor also keeps track of URLs that appear in the message
body, so it could theoretically pick up list management URLs or inserted
advertising links (a la Yahoo Groups) as spam signs until enough people
issue a razor-revoke.
You might want to ask on the Razor mailing list to see what they
recommend doing in this case. I just checked my local archives and
while the issue has come up before -- in fact, at one point the CentOS
list management URL ended up listed in Razor -- there was no consensus
on what to do with this sort of spam. It's probably worth bringing it
up again.
--
Kelson Vibber
SpeedGate Communications <www.speed.net>
Re: How to deal with mailing list spam?
Posted by "Eric A. Hall" <eh...@ehsco.com>.
On 1/24/2007 3:29 PM, Chris Purves wrote:
> I was wondering what is the best way to deal with spam that comes
> through on mailing lists? For mailing lists like spamassassin I
> whitelist all mail because I expect to see examples of spam, but for
> other lists, is it a good idea to run 'sa-learn --spam'? What about
> reporting those spam to razor/pyzor or spamcop?
1) subscribe to lists that are well run
2) whitelist the envelope-sender address, or the originating network, or
in some cases you may also want to whitelist the list address itself so
that directed replies that are TO you but CC the list also get boosted
--
Eric A. Hall http://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
Re: How to deal with mailing list spam?
Posted by Magnus Holmgren <ho...@lysator.liu.se>.
On Wednesday 24 January 2007 21:29, Chris Purves wrote:
> I was wondering what is the best way to deal with spam that comes
> through on mailing lists? For mailing lists like spamassassin I
> whitelist all mail because I expect to see examples of spam, but for
> other lists, is it a good idea to run 'sa-learn --spam'? What about
> reporting those spam to razor/pyzor or spamcop?
Check what header fields the mailing list software adds, and exclude them from
bayes with bayes_ignore_header if they aren't already on the built-in ignore
list. Most are covered, but I've found some that are not (at least
Resent-Sender and Resent-Message-ID from Debian's list server). If the list
server filters out spam well, the prevalence of ham means that everything
added by the list software will be seen as a ham sign.
Add the mailing list server to trusted_networks and even internal_networks,
provided that you believe it not to be accessible to spammers. In practise it
acts like an MX that receives mail addressed (indirectly) to you and forwards
it to you. Putting it in internal_networks means that some DNSBL rules will
work better.
--
Magnus Holmgren holmgren@lysator.liu.se
(No Cc of list mail needed, thanks)
"Exim is better at being younger, whereas sendmail is better for
Scrabble (50 point bonus for clearing your rack)" -- Dave Evans