ACME Labs mail filtering tutorial
Jef Poskanzer
jef at mail.acme.com
Fri May 27 20:07:13 CEST 2005
>>I have to disagree with you about DNS-RBL's though. I have not had any
>>complaints about false rejections from the ones I use.
>
>Simply choose the DNSBLs that strictly adhere to an objective
>policy; ie, they only add a server to their list if they receive a physical
>spam from that server, or if the server is an open proxy/relay, or if the
>server is otherwise exploitable. Moreover, they should honor removal
>requests immediately without question. These lists are very effective.
Sounds good. But as I said in my paper, the DNS-RBL concept sounds
good too. In practice, it's not so good. For instance, you give
the rfc-ignorant lists as examples of "good" DNS-RBLs. I have
personal experience to the contrary. They listed acme.com based
on criteria contrary to their stated goals, and they were extremely
pissy about removing the listings. There are many other examples.
All DNS-RBLs end up this way in the end. There are no exceptions.
It's inherent in the way they are set up, ceding control of your
mail system to a third party with no check on corruption. Do not
use DNS-RBLs.
>>I would also add to your procmail section setting up a phony account that
>>has anything sent to it delivered to bogofilter as spam.
>
>Yup, honeypots are a good idea too.
I agree, however mine have been showing a big drop in traffic over the
past half year or so. I just added a short note about this here:
http://www.acme.com/mail_filtering/bayesian.html#spamtraps
---
Jef
Jef Poskanzer jef at mail.acme.com http://www.acme.com/jef/
More information about the Bogofilter
mailing list