[clug-talk] Help: Spam FIltering With Inflex
sgrover at open2space.com
Fri Sep 9 13:14:21 PDT 2005
Yep, RBL's help with spam via email. However, the original post was looking
for tips on filtering web access. The other suggestions regarding squid and
dans guardian, as well as IPCop with the addons are well on track...
Filtering mail seems to be a hit and miss thing. I do use RBLs, and
spamassassin/antivirus, but I'm still getting a fair bit of spam, that isn't
tagged as such. When I check the logs, I can see that the RBLs are being
used and blocking some traffic, and some spam does get tagged... but it's
going to be an on-going battle... maybe we should plan a workshop on spam
filtering? I know I don't have the level of knowledge needed to "drive" a
workshop, but I would most definetly want to attend....
On Friday 09 September 2005 13:59, Gustin Johnson wrote:
> I have moved away from content filtering. The spammers just change the
> and the content. Also CPU utulization grows non-linearly. What we do now
> is check source of the smtp connection, compare that ip against a couple of
> RBL lists, then either reject the connection or continue with the
> The upside is that I do not constantly need to tinker with our scripts,
> we see a
> massive reduction in bandwidth utilization (the messages are rejected
> before any
> data is transmitted), and the sender gets a bounceback that aids in the
> correction of a false positive. I know I am getting tired of email
> black holes
> (the U of C was getting bad for this about 2 years ago).
> I save content filtering for mail sorting once mail is accepted (sieve is
> awesome btw).
> There are of course other perspectives but this approach seems to me to
> strike a
> reasonable balance between facilitating communication (which is what email
> is supposed to used for) and removing unwanted messages.
> If interested I can give you a list of currently used RBLs.
More information about the clug-talk