Templates [was: Prediction ...]
Tom Anderson
tanderso at oac-design.com
Tue Jul 6 14:17:05 CEST 2004
On Fri, 2004-07-02 at 20:01, Tom Allison wrote:
> Sounds like something that could well be managed by a brief perl script
> to parse out the Received: headers for identified spam and load them
> into an access list suitable for your MTA.
>
> The two problems are the identification of a proper regex for parsing
> out the IP address correctly. I do think perl could do this really well
> in one line.
>
> For example:
> gizmo11ps.bigpond.com (gizmo11ps.bigpond.com [144.140.71.21])
> by cling.tacocat.net (Postfix) with SMTP id 5F3C54C081
Unfortunately it takes much more than one line considering the different
kinds of MTAs. Check out spamitarium. It has about two dozen Perl
regexes for parsing the "from" portion of a received line.
If you're just looking to log the IP, it would be much better to just
grab it at the MTA.
> Postfix already provides 99% of this under their new version under the
> topic of GreyListing and "Access Policy Delegation" It's extremely
> effective on what it can do.
>
> From a functional view, I think bogofilter should stick to the
> "Mission" of filtering that mail which is delivered to your mailbox into
> selections of spam/ham. My relatively incomplete implimentation of
> postfix UCE capabilities has introduced a new problem into spam
> filtering for me. I can't get enough to do anything meaningful with
> respect to bogofilter.
>
> I haven't exceeded 37 spam in 24 hours since I installed it.
> I'm rejecting >550 (probable) spam at the MTA level.
>
> I believe that this is where the spam blocking is most effective since
> it's not adding any overhead to my machine to turn the email away at the
> wire interface.
Sounds good to me. I need to install Postfix at some point.
Tom
More information about the Bogofilter
mailing list