jcolby at colbyconsulting.com
jcolby at colbyconsulting.com
Thu Jul 17 09:21:18 CDT 2003
The answer to the question is that I control these blacklists, i.e. I place patterns (*ID.RU) as an example in my own personal blacklist config file. It is a little drastic to disable all email coming from an entire domain, but it turns out that spammers go out and get emails from such places overseas. I placed that specific one on my black list today. I do no business (directly) with anyone overseas so I can reasonably safely simply refuse all email from Russia (sorry Shamil), Etc. I can very safely refuse emails from the big ISPs overseas who do pretty much nothing but host spammers. The email isn't destroyed, simply filtered into a spam basket. I can scan 150 emails in a few seconds just before deleting to see if there are any valid emails (NONE so far!!!). That is a far better solution than simply clicking on each one, or examining each on in my in mail basket. There is no way to determine if an email address is a valid address. If it is in my blacklist it stays there until I decide it needs to be removed. Without any blacklists, SpamAssasin will get about 80% of the spam. With them, the rate goes up. MOST of the email patterns are actual existing or old spam addresses. Many I am sure no longer even exist. Blacklists are just a tool. John W. Colby www.colbyconsulting.com -----Original Message----- From: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Lavsa, Rich Sent: Thursday, July 17, 2003 8:24 AM To: 'Access Developers discussion and problem solving' Subject: RE: [AccessD] OT: email John, About SAProxy... How are you going to handle addresses that were put on the a black list by accident and at a later time taken off. As in our situation, our domain was put on a blacklist about 1.5 years ago, because someone was bouncing email off our NIC and grabbing our domain and attaching it to the end of the senders email address. We were put on the black list, and had to make quite a few phone calls, and emails to various places to get our domain off the blacklists. We also discovered a vulnerable point of our infrastructure and have since closed that hole so people can no longer bounce email off our NIC. Does your program remove entries from your blacklist if they are legit email addresses and not black listed anymore. Rich -----Original Message----- From: jcolby at colbyconsulting.com [mailto:jcolby at colbyconsulting.com] Sent: Wednesday, July 16, 2003 5:10 PM To: AccessD Subject: [AccessD] OT: email Does anyone know if email can come from a url that will not display in i.e? IOW, if can I get email from Somebody at mx5.1premio.com if when I put www.mx5.1premio.com I cannot display a page? On the face of it I would think that is possible. A person could set up a web address just to send spam and have no valid web page served up for the url. BTW, an update on SAProxy, the spam filtering program I have been discussing, I have found blacklists out on the web that increase the accuracy of my filtering. I have written a little program to import all the addresses of a blacklist into a table with a unique index on it, then write that table back out to a config file for SpamAssassin. This allows me to accumulate blacklist addresses from published lists while insuring that no blacklist address ever gets looked at more than once. It seems to be working. I'll let you know what the new figures show for filtering, but I am already getting spam removal based on the fact it is in my blacklist. John W. Colby www.colbyconsulting.com _______________________________________________ AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com _______________________________________________ AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com