[OT] Spam filtering (was Re: [Imap-uw] Outlook deadlock)

[Andy Lyttle]

> I only use sbl-xbl.spamhaus.org and list.dsbl.org. Had to drop the  
> dial-up blacklist due to too many complaints about false positives.  
> Some ISP's seem to use dial-up numbers as fixed IP for business dsl.

I use those too.  I also catch a small handful with  
web.dnsbl.sorbs.net, and I block China and Korea with  
cn.ascc.dnsbl.bit.nl and korea.services.net respectively.  The idea  
of blocking entire countries bothers me, but I've had no false  
positives yet (the only person I know in Korea uses Yahoo Mail).

I also use home-grown substring and regex lists, matched against  
either the reverse DNS hostname or the HELO string (if HELO is a  
valid hostname that resolves to their actual IP I'll trust it,  
otherwise I use reverse DNS regardless of whether it resolves back to  
anything).  I skip these tests for authenticated users who are  
relaying mail.  These lists are designed to match dynamic IPs, but  
because they're based on hostname rather than IP and I trust valid  
HELO strings, I avoid blocking properly-configured mail servers that  
happen to be on residential ISPs.

If anyone's interested in my list, I'd be happy to share.

~ Andy