discuss: Thread: Re: ???????????? ???? ????????????????

Quoting Sergiusz Pawlowicz ####@####.####

> Seriously: if someone has experience with spam prevention
> on public lists, could you please contact me?

The most important thing (for immediate purposes) is to change the MLM's
(mailing list manager's) rulesets to permit posting only from subscribed
addresses.  Please consider implementing that policy ASAP.[1]

For reasons I would rather not get into, here, in general one wishes to
implement as much as possible of one's spam detection/rejection inside
the MTA, applied during the incoming SMTP conversation, so that your MTA 
says "550:  Die, spammer, die" to as high a percentage as possible of
spam delivery attempts.  By the time the mail has been accepted and
handed off to the MLM, it's still desirable to prevent spam going out to
subscribers (either holding it in the admin queue and letting it expire,
or more ideally finding a way to programmatically detect and
reject/discard it), but that's much less desirable than rejecting it at
SMTP time.  (More, better information is available about arriving mail 
during the SMTP session, and you can reject it with a DSN and thereby
avoid generating backscatter spam.)

[1] I am not an ezmlm administrator:  My personal preferance runs to
Mailman behind the Exim4 MTA.

On Mon, Oct 13, 2008 at 9:02 PM, Rick Moen ####@####.#### wrote:
> Quoting Sergiusz Pawlowicz ####@####.####
>
>> Seriously: if someone has experience with spam prevention
>> on public lists, could you please contact me?
>
> The most important thing (for immediate purposes) is to change the MLM's
> (mailing list manager's) rulesets to permit posting only from subscribed
> addresses.  Please consider implementing that policy ASAP.[1]

It is done for years... altough current spam is more intelligent
and can even confirm membership.

No I am thinking about antispam software as well, because we
apperently have much stronger machine.

Thanks.

SP

Quoting Sergiusz Pawlowicz ####@####.####

> It is done for years... altough current spam is more intelligent
> and can even confirm membership.

Did it in fact do that?

I've not yet seen that behaviour on the various Mailman lists I
administer.  If I did, I'd do two things:  (1) Go after the (validated)
sender with all possible force, seeking cancellation of service, etc.
(2) Set the MLM so that recently joined addresses initially have the
moderated flag set.  (After a poster sent one or two real, non-spam
posts, the listadmin would clear that flag.)

This is trivial to do with Mailman.

> No I am thinking about antispam software as well, because we
> apperently have much stronger machine.

I favour Exim4 with the EximConfig set of canned configuration settings, 
SMTP-time spamicity testing using SpamAssassin and SA-Exim, and
greylisting.

http://www.jcdigita.com/eximconfig/

Of course, sysadmins who already favour a different MTA will tend to
want to use it, instead of Exim4.  That's what sysadmins are like.  ;->

On Tue, Oct 14, 2008 at 1:04 AM, Rick Moen ####@####.#### wrote:
> Quoting Sergiusz Pawlowicz ####@####.####
>
>> It is done for years... altough current spam is more intelligent
>> and can even confirm membership.
>
> Did it in fact do that?
>
> I've not yet seen that behaviour on the various Mailman lists I
> administer.  If I did, I'd do two things:  (1) Go after the (validated)
> sender with all possible force, seeking cancellation of service, etc.
> (2) Set the MLM so that recently joined addresses initially have the
> moderated flag set.  (After a poster sent one or two real, non-spam
> posts, the listadmin would clear that flag.)
>
> This is trivial to do with Mailman.

It is trivial with each software, but somebody must do that :-)
I prefer automatic solutions, i know, not always perfect,
but during holidays the most useful.

>> No I am thinking about antispam software as well, because we
>> apperently have much stronger machine.
>
> I favour Exim4 with the EximConfig set of canned configuration settings,
> SMTP-time spamicity testing using SpamAssassin and SA-Exim, and
> greylisting.
>
> http://www.jcdigita.com/eximconfig/
>
> Of course, sysadmins who already favour a different MTA will tend to
> want to use it, instead of Exim4.  That's what sysadmins are like.  ;->

OK, because we have no exim here, I deployed:

http://www.spamdyke.org/documentation/INSTALL.txt

We will see, if it will be useful.

thanks and cheers -
Serge

do you use:

http://dsbl.org/
http://www.rfc-ignorant.org/
http://www.au.sorbs.net/

It have to be finetuned, as some very used servers are blacklisted
(they admin let through unwanted meil servers), but still used by
normal users, but this is very effective

jdd

-- 
jdd for the Linux Documentation Project
http://wiki.tldp.org
http://www.dodin.net