rejecting spam at SMTP time (was Re: Postfix anti-antivirus (was Re: [linux-elitists] etc))
Tue Sep 28 10:46:24 PDT 2004
On Tue, 2004-09-28 at 12:07, Andrew Kohlsmith wrote:
> On Tuesday 28 September 2004 11:59, Aaron Sherman wrote:
> > Between SPF and XBL/SBL I drop a ton of spam at the SMTP stage, but it's
> > still clogging my pipe.
> I use rbldns-list.dsbl.org and cbl.abuseat.org and they work pretty decently.
> I drop a *ton* of connections just based on IP with those two lists.
Those look like good lists. Have you had any complaints or noticed any
> > I'm about to start looking into anti-virus milters that can ID the virus
> > before reading the whole message. It's getting pretty bad.
> What gets through gets CLAM'd but it isn't done until I have the entire
> message. I realize that isn't what you're looking for but perhaps someone
> else knows of a mail filter which uses CLAM as the message comes in? I keep
> some stats of the top virus senders/recipients and hosts...
What I'm planning to do is fairly spamassassin-like, but progressive
instead of based on the whole message. I may end up falling back on
something like bayes to do my score calculation (I don't like the
genetic algorithm approach, because it requires a central effort).
More information about the linux-elitists