[OT] Spam filtering (was Re: [Imap-uw] Outlook deadlock)
joel at panacea.null.org
Wed Sep 19 15:41:56 PDT 2007
> > I "filter" only with blacklisting and greylisting. Although they can only
> > be done at a boundary mail exchanger, I find it invaluable that there's
> > really no such thing as a false positive; if legitimate mail bounces then
> > it, well... bounces.
> If the mail really bounces (is returned to the real sender) then the
> sender can take action. But if you accept the email, filter it, and
> then try to do some sort of semi bounce by looking at the header
> addresses, mail will eventually be lost.
If you accept the mail and then "semi bounce" it means you are generating
the bounce message, and are responsible for the inevitable backscatter.
It's a bad idea, IMHO.
In my experience most spam is transmitted by illegitimate hosts, and
refusing to accept it has the correct result of a bounce never being
generated (because the sending host knows better).
> The milters used are milter-greylist, spamass-milter and clamav-milter
> in that order. Greylisting stops most of the junk mail, but enough get
> through to need a dedicated server to run spamassassin and clamav.
Greylisting won't stop the viruses that come via the (legitimate) mail
exchangers of infected machines. I'm surprised you need spamassassin
though. Do you have any data on what greylisting misses that spamassassin
catches? Is there really that much of it (per user)?
More information about the Imap-uw