site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Are We Acclimating To Spam? > Duhhhhhh I get NO SPAM!

Search Topic:
 Share Topic
Post a:
Post a:
AuthorAll Replies


n2jtx

join:2001-01-13
Glen Head, NY
Reviews:
·Optimum Online

reply to TamaraB

Re: Duhhhhhh I get NO SPAM!

said by TamaraB:

This is no magic, it's a simple technology available to anyone with a minor technological ability to manage their own computer system; I believe this is the case for almost everyone posting/reading this thread.
I manage my own email server running on a Linux box and I have managed to reduce my SPAM by about 99%. I use a combination of the open source applications procmail and spamprobe. I usually get about 400 or so SPAM messages in my special IMAP "Junk" folder over a 24 hour period.

Occasionally, a collection of SPAM will manage to get through due to SPAMmer technique changes but spamprobe usually adapts itself to it once I give it some of the trash to train on. I did use RBL for a while but I found many false positives with that route when relying on only one list. A better solution is the DeepSix (»www.deep6tech.com/) device that relies on multiple RBL's to generate a score.
--
I support the right to keep and arm bears.
to forum · permalink · 2007-05-26 07:31:21 ·


TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
Reviews:
·Optimum Online
·Clearwire Wireless

said by n2jtx:

I did use RBL for a while but I found many false positives with that route when relying on only one list.

I use RBLs with "delay_checks" which allows milters to have a go first. The two milters, which alone account for nearly 100% of the spam blocking is milter greylist, and milter-regex set up thus:

# reject things that look like they might come from a dynamic address
reject "Looks like an end-user address [rgx]"
connect /[0-9][0-9]*\-[0-9][0-9]*\-[0-9][0-9]*/ //
connect /[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*/ //
connect /[0-9]{12}/e //
#
reject "Malformed HELO (not a domain, no dot)"
helo /\./n
#
reject "No RDNS [rgx]"
connect /\[.*\]/ //
#
reject "Proaxad end-user SPAMMER [rgx]"
connect /.*\.fbx\..*/ //
#
reject "Verizon Dynamic IP"
connect /.*\.pub\.verizon\.net/ //
#
reject "Verizon Fios IP"
connect /.*\.fios\..*/ //
#
reject "Static End-User IP"
connect /.*\.static\..*/ //
connect /^static\-.*/ //
connect /^cpe\-.*/ //
connect /^CPE\-.*/ //
connect /^cpc\-.*/ //
connect /^pc\-.*/ //
connect /^port\-.*/ //
connect /.*\.shared\..*/ //
connect /.*\.rev\..*/ //
connect /.*\.ptr\..*/ //
#
reject "Dynamic pool"
connect /.*\.pool\..*/ //
connect /^pool\-.*/ //
connect /^port\-.*/ //
connect /.*\.pools\..*/ //
connect /.*\-POOL\-.*/ //
#
#
reject "End-User"
connect /^host\-.*/ //
#
reject "Dynamic Client"
connect /.*\.client\..*/ //
#
reject "Broadband"
connect /\.broadband\./ //
#
reject "VDSL"
connect /^VDSL.*/ //
#
reject "PPPOE"
connect /.*\.pppoe\..*/ //
connect /.*\.pppool\..*/ //
#
reject "Dynamic"
connect /.*\.dyn\..*/ //
connect /^dyn\-.*/ //
connect /\.dynamicIP\./ //
connect /.*\.dynamic\..*/ //
connect /.*\.xd\-dynamic\..*/ //
#
reject "Dialup"
connect /.*\.dip\..*/ //
connect /.*\.dip[0-9]\..*/ //
connect /.*\.dial\..*/ //
connect /.*\.dialup\..*/ //
#
reject "cust-adsl"
connect /.*\.cust\-adsl\..*/ //
#
reject "DHCP"
connect /.*\.dhcp\..*/ //
connect /.*\.adsl\-dhcp\..*/ //
#
reject "End-User"
connect /.*\.user\..*/ //
connect /^user\-.*/ //
connect /^softbank.*/ //
connect /.*\.intra\..*/ //
connect /.*\.numericable\..*/ //
connect /.*\.cablelink\..*/ //
#
reject "adsl"
connect /.*adsl.*/ //
connect /^adsl\-.*/ //
#
reject "dsl"
helo /.*dsl\..*/
#
reject "internetdsl"
connect /.*\.internetdsl\..*/ //
#
reject "PPP"
connect /.*ppp\-.*/ //
connect /^ppp\-.*/ //
#
reject "HSD1"
connect /.*\.hsd1\..*/ //
#
#
reject "Cable"
connect /.*\.cable\..*/ //
#
reject "Road Runner"
connect /.*\.res\.rr\.com/ //
connect /.*\.biz\.rr\.com/ //
#
reject "PayPal Phish"
header /From/ /.*<service@paypal.com>.*/
#

The idea being that anything coming directly from an end-user IP is spam. The great part of this is that the connection is immediately dropped at connect-time.

So, inbound mail has to negotiate regex-filtering, then grey-listing, then it has to pass several RBLs, and finally spamassassin. I get literally NO spam at all, and only about 2-3 spams get caught by spamassassin each week.

I use dyndns pointing MX directly to my dynamic ADSL IP, and use a pay service for outbound mail; smarthosted via smptauth (panix.com, $100/year for basic shell/smtp). I have used the same email address since 1984!

Bob

--
Motor Vessel - Tamara B.
43' Long-Range Trawler
Cape Elizebeth ME.
See her Here.
to forum · permalink · 2007-05-27 14:48:15 ·
Forums > Are We Acclimating To Spam?

Monday, 28-May 14:49:57 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics