Blacklists (was Re: A good procmailrc setup)
Tim Freeman
tim at fungible.com
Sat Mar 8 17:04:55 CET 2003
From: Terry Todd <tlt at badger.tltodd.com>
>first 'mark' all mail coming in by running it all through:
>procmail-spamtrap
>bogofilter
I found procmail-spamtrap at http://www.it.ca/software/procmail-spamtrap.
Lots of blacklists there, it looks like.
>I also block IP's and ranges of IP's of well known spam sources at
>the firewall.
>http://www.stanford.edu/group/itss-ccs/security/filters.html
>is a good starting point. I figure nothing good can come from them
>so they are completely blocked.
That's a big blacklist too.
I used to have some blacklists in my .procmailrc, but I found that
they caused more errors than they prevented and I took them all out
(except for the ones that block human languages I don't read and
Windows executable content).
I also have been on the receiving end of incorrect blacklisting.
Someone I wanted to send email to decided to block email from all
Pacific Bell DSL customers because some of them sent spam. In this
case, they were refusing to receive my email, so the mail I sent them
wasn't even logged so they could gather evidence that there is a
problem.
What's the motive for doing blacklists before bogofilter? Unless you
have numbers that show it increases reliability, or you have enough
email that the CPU time consumed by bogofilter is an issue, I don't
see how they benefit you.
--
Tim Freeman tim at fungible.com
Which is worse: ignorance or apathy? Who knows? Who cares?
GPG public key fingerprint ECDF 46F8 3B80 BB9E 575D 7180 76DF FE00 34B1 5C78
More information about the Bogofilter
mailing list