On Tue, Apr 20, 2004 at 01:06:18AM -0400, Tom Lane wrote:
> Will Trillich <will@serensoft.com> writes:
> > is there some way of getting a look at tom's or marc's filters? i could
> > sure use a bit of help there. lordy, we're close to drowing in the
> > stuff!
>
> Tell me about it :-(
>
> I currently use four levels of filtering:
>
> 1. DNSBL lists: blackholes.five-ten-sg.com, bl.spamcop.net, relays.ordb.org
> (there are others out there, but these seem to have a good impedance
> match to my personal spam load).
>
> 2. Private blacklist of IP ranges that have sent me too much spam.
> sendmail has a pretty easy mechanism to support this, although it
> only seems to support /8 /16 or /24 ranges which is a bit coarse.
> (If you've gotten a "Go away spammer" bounce from me, you were caught
> by this filter --- let me know and I'll tighten the ranges.)
>
> 3. I have noticed that bouncing any machine that sends "HELO
> sss.pgh.pa.us" gets rid of a ton of spam and viruses. I don't know of
> any real clean way to do this, but I have a sendmail.cf hack for it.
>
> 4. Very long list of procmail filters on header and body patterns.
It must be pretty difficult maintain these header and body patterns
and the others lists. I had same problem and I resolve if by
"spamassassin", it knows learn and it's more simple than procmailrc
coding. Now I have cca 5% of all spams in my INBOX.
Karel
--
Karel Zak <zakkr@zf.jcu.cz>
http://home.zf.jcu.cz/~zakkr/
