You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by ha...@t-online.de on 2006/08/31 22:39:47 UTC
Re: Please sanity check these ideas for rules.
>>
>> I've got every ruleset & blacklist available and I'm still getting
>> buried - the bayes poison in all of the recent spam has wrecked that.
>> Does anyone see a reason why I can't assume messages with blank
>> subjects are junk? Also, I've got an idea about maybe doing an
>> nslookup on the envelope sender domain and junking anything without an
>> entry. I'm probably missing something that I should consider,
>> especially on that last one. Would anyone care to educate me what I'm
>> missing?
>>
>> Thanks!
>>
>> Mike-
Hi,
in fact your MTA could already reject (with some 5xx error) all mails that you would not be
able to reply to:
envelope sender domain does not exist (neither MX nor A)
MX has a private ip
(these should be standard features of your MTA)
>From domain does not exist
SA would only see mails that pass these tests
Wolfgang Hamann
>> --
>> If you're not confused, you're not trying hard enough.
>> --
>> Please note - Due to the intense volume of spam, we have installed
>> site-wide spam filters at catherders.com. If email from you bounces,
>> try non-HTML, non-encoded, non-attachments,
>>
Re: Please sanity check these ideas for rules.
Posted by Michael W Cocke <co...@catherders.com>.
On 31 Aug 2006 20:39:47 -0000, you wrote:
>On Thu, 31 Aug 2006, Michael W Cocke wrote:
>
>> I've got every ruleset & blacklist available and I'm still getting
>> buried - the bayes poison in all of the recent spam has wrecked that.
>> Does anyone see a reason why I can't assume messages with blank
>> subjects are junk?
>
>maybe add a point for missing subject, but some automatically generated
>messages (print queue failure, etc) have blank subjects, and lots of
>nubies forget to add a subject.
That's exactly why I asked here - I didn't think of error essages.
Thanks!
>> Also, I've got an idea about maybe doing an
>> nslookup on the envelope sender domain and junking anything without an
>> entry.
>
>Um, why aren't you already doing this at the SMTP-MTA level? Checking
>for a valid sender domain has been SOP for years.
I am, but not quite the way I'm thinking of doing it now.
>One caveat, do a temp-fail (451) not a hard-fail for domain
>lookup failure, occasionally DNS servers do get constipated. ;)
>I made that mistake once, several years ago, M$ had all their primary
>DNS servers on -one- subnet, had a router failure and they all went
>MIA. My MTAs started bouncing all hotmail. ;()
LOL - can't say I'd miss hotmail, but I take your point.
Thanks everyone.
Mike-
--
If you're not confused, you're not trying hard enough.
--
Please note - Due to the intense volume of spam, we have installed
site-wide spam filters at catherders.com. If email from you bounces,
try non-HTML, non-encoded, non-attachments,