From owner-freebsd-chat Tue Dec 10 7:24:27 2002 Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B952D37B401 for ; Tue, 10 Dec 2002 07:24:25 -0800 (PST) Received: from HAL9000.homeunix.com (12-232-220-15.client.attbi.com [12.232.220.15]) by mx1.FreeBSD.org (Postfix) with ESMTP id 93F6C43EA9 for ; Tue, 10 Dec 2002 07:24:24 -0800 (PST) (envelope-from dschultz@uclink.Berkeley.EDU) Received: from HAL9000.homeunix.com (localhost [127.0.0.1]) by HAL9000.homeunix.com (8.12.6/8.12.5) with ESMTP id gBAFONas008225; Tue, 10 Dec 2002 07:24:23 -0800 (PST) (envelope-from dschultz@uclink.Berkeley.EDU) Received: (from das@localhost) by HAL9000.homeunix.com (8.12.6/8.12.5/Submit) id gBAFOND9008224; Tue, 10 Dec 2002 07:24:23 -0800 (PST) (envelope-from dschultz@uclink.Berkeley.EDU) Date: Tue, 10 Dec 2002 07:24:23 -0800 From: David Schultz To: Cliff Sarginson Cc: FreeBSD Chat Subject: Re: Spam decisions Message-ID: <20021210152423.GA8031@HAL9000.homeunix.com> Mail-Followup-To: Cliff Sarginson , FreeBSD Chat References: <20021210073508.GB73284@raggedclown.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20021210073508.GB73284@raggedclown.net> Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Thus spake Cliff Sarginson : > Mmm..I finally put a blacklist entry on all domains ending in ".tw". > This is something I swore off doing, but for months now I have been > generating unknown user messages for mail from .tw registered domains. > > So I have decided to REJECT at receipt all messages in said domains. > So any genuine FreebSD users in Taiwan (for so I take .tw to be) ... > sorry. At one point I determined that four countries with lax regulations were responsible for somewhere near 70% of my SPAM[1]. (The number may have been higher; I don't remember.) Since I don't know anyone in those countries, I ended up doing pretty much the same thing, but based on Received: headers rather than originating host. Actually, I find it too draconian to reject such mail using a fallable heuristic, so I file it into a bit bucket that I empty with great zeal about once a month. It would suck to live in one of those countries and get blacklisted as a result of the irresponsibility of others, so at least I can guarantee that I'll get the mail eventually and remove the blacklist entry if I ever get a false positive. (I've seen none so far.) I was going to switch to SpamAssassin, but recently one of the mail servers I have an account on started running SpamAssassin and adding huge X-Spam-Report: headers to incoming mail. Up until then, I was given to believe that the software was better at avoiding false positives. When one of those ``your order has shipped'' messages got a score of 4.70 for annoying HTML crap, it made me a bit nervous. Moreover, it seems like the only SPAM it can reliably detect is the kind that takes me a sixteenth of a second to delete. [1] The US was actually the third-worst offender, IIRC, but I couldn't blacklist it and still expect to accept all legitimate mail. ;-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message