From owner-freebsd-security@FreeBSD.ORG Wed May 12 20:06:27 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 254F116A4CE for ; Wed, 12 May 2004 20:06:27 -0700 (PDT) Received: from vulcan.blacksburg.net (vulcan.blacksburg.net [66.208.157.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1657543D1F for ; Wed, 12 May 2004 20:06:26 -0700 (PDT) (envelope-from mlevans@blacksburg.net) X-Envelope-From: mlevans@blacksburg.net Received: from p0ts1.blacksburg.net (pluto.blacksburg.net [66.208.157.5]) i4D36N7S088026; Wed, 12 May 2004 23:06:24 -0400 (EDT) (envelope-from mlevans@blacksburg.net) Message-Id: <5.1.0.14.0.20040512230320.057426d0@pop.blacksburg.net> X-Sender: mlevans@pop.blacksburg.net X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Wed, 12 May 2004 23:06:23 -0400 To: z3l3zt@hackunite.net, freebsd-security@freebsd.org From: Lyle Evans In-Reply-To: <1886.213.112.193.11.1084410012.squirrel@mail.hackunite.net > Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: Re: How do fix a good solution against spam.. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 May 2004 03:06:27 -0000 At 09:00 PM 05/12/04, Jesper Wallin wrote: >Heya folks > >First of all, sorry if this isn't the correct list, but yet, I think spam >is a kind of >network attack and should be treated as a security issue.. A much better place to ask would be the spamassassin mailing list. Send mail to spamassassin-users-subscribe at incubator.apache.org to subscribe >I run a working mail server >using Postfix, MySQL, Courier-IMAP, SpamAssassin and ClamAV (amavisd-new) .. > >I've checked the configuration file for SpamAssassin, but yet I havn't >find any good >solution for spam.. Sure, spam will always be a problem and I guess it's >impossible to >filter 100% of all spam.. > >Currently, I've made a filter in my mail client which move all mails with >a header >containing "Spam-Level: ***" to a "spam" directory.. The last 2 months, >spam and spam >only has been triggered/filtered.. so I think it's quite useful.. yet, it >does send the >mail.. if it's triggered spam, why does it even send it to the mailbox >instead of just >blocking it? I assume that's because of a bad configuration made by myself.. Fundamental misunderstanding of Spamassassin purpose. It is a filter that marks mail as spam it does not delete or "block it". Usually one uses something like procmail as a local delivery agent (or similar) that does the actual deleting or more usually directs it to a separate spam mailbox. Deleting all email marked as spam usually not considered wise because of the possibility of false positives. More common is to mark the lower scoring spam as SPAM and deliver,and only delete (or maybe archive for some time), the high scoring spam. >Also, a lot of mail which is spam is not triggered as spam, is it possible >to improve >spamassassin to filter more mails? Like, the way a antivirus program >works, (have ids >for each virus), Yes read the Spamassassin FAQ and Wiki (and the mailing list archives) and you will find ways. See http://www.spamassassin.org >does spamassassin has any "spam ids" or something similar to make it >filter new mails? Sort of see the FAQ and Wiki. Regards, Lyle Evans lyle@rackears.com rackmount brackets for many networking and ISP equipment chassises http://www.rackears.com