Will Trillich <will@serensoft.com> writes:
> is there some way of getting a look at tom's or marc's filters? i could
> sure use a bit of help there. lordy, we're close to drowing in the
> stuff!
Tell me about it :-(
I currently use four levels of filtering:
1. DNSBL lists: blackholes.five-ten-sg.com, bl.spamcop.net, relays.ordb.org
(there are others out there, but these seem to have a good impedance
match to my personal spam load).
2. Private blacklist of IP ranges that have sent me too much spam.
sendmail has a pretty easy mechanism to support this, although it
only seems to support /8 /16 or /24 ranges which is a bit coarse.
(If you've gotten a "Go away spammer" bounce from me, you were caught
by this filter --- let me know and I'll tighten the ranges.)
3. I have noticed that bouncing any machine that sends "HELO
sss.pgh.pa.us" gets rid of a ton of spam and viruses. I don't know of
any real clean way to do this, but I have a sendmail.cf hack for it.
4. Very long list of procmail filters on header and body patterns.
#2 and #4 are fairly personal, in the sense that they have a decent
success/failure ratio for the junk mail I get. I wouldn't recommend
that someone else try my lists, and in any case they take a heck of a
lot of hand maintenance. I've been looking into more automated methods
such as CRM114 but haven't made the jump yet.
regards, tom lane
