hi ya kim..
> I've registered a website, spamjinn.com which is available for a
> collaborative effort on building some spam-blocking tools.
sounds like fun ....
i spent the past week ... playing with sendmail + check_local
( check_local-3.15, check_local-4.4, check_local-5...
http://www.Linux-Sec.net/Mail
- antispam stuff
- antivirus stuff
- open relay stuff
- checking headers and stuff... ( didn't quite work )
( maybe incompatible with slackware-7.x
- havent tested with suse-8.x and redhat-7.3...
- faster/easier to just hit the "delete" key...
but more irritating than spending a week on the silly problem
there are 126 RBLs.... most of um freee...
http://web.Linux-Sec.net/Mail/rbl.gwif.html
there are lot fewer procmail antispam filters...
http://web.Linux-Sec.net/Mail/filters.gwif.html
spam should be stopped at these places...
- at the router/firewlll
- at the MTA ... reject what it thinks is spam
- at the pop server ... rejecct with procmail
- user based rules..
problem is lots of illegitimate DNS out there... that is the
primary problem of knowing a real spammer address from a misconfigured
DNS... that oyu have to manually put back in as "accept real email"
from what is normally thought of as a spammer
Spammer is...
- any server with bad/missing reverse dns
- incorrectly addressed recipients
- any bad/missing headers
- anybody with fake return address
- anybody that is in the RBLs...
- a big problems of the accidental opps that get you
into a blackhole... time consuming to dig your way
back out of it
- anything that says "Make money fast" or "free viagra"
and hundreds/thousands of other "keywords/phrases"
- other spammer definitions ???
- too many legal isues for "defining" what is a spam at
the isp level... but at a corporate level or user level ...
-- very easy to defend your/our claim that "this email" is
an obvious spam and waste of time/$$$/resources/productivity
... etc...
a corraborative effort will help fighting spam in the
following areas...
- maintaining an uptod date RBL
-
- maintaining a "header" checking tools
- creating an app that checks content of the message
c ya
alvin
http://www.Linux-Sec.net/Mail .... antispam .. antivirus stuff...
>
> Maybe (some of) the following ideas will work:
>
> BLOCK-SPAM DATABASE
> A website run by a group of interested parties which houses a
> block-spam database which is updated on a regular basis.
> The database contains three lists: private servers delivering
> spam mail, multi-user servers allowing their servers to be used for
> spam mail and a list of ISPs and web(/mail)hosts that provide public
> service and voluntarily participate in the spamjinn.com DATABASE
> program.
> Facilitation is provided to participating ISPs/mail hosts who
> wish to block mail from the sites listed, for keeping their filters
> up-to-date.
> Acess to the databases is by password, obviously.
> Spam must be proven before servers are listed.
> And naturally, tips to users on how to take steps to eradicate
> spam with links to all the good anti-spam sites that are out there
> today.
>
> VOLUNTARY ISP PARTICIPATION
> Part 1 An ISP or mail host publishes a statement to its users that
> all mail from the addresses at spamjinn.com will be filtered and
> blocked as undeliverable. Corrections or reports should be addressed
> directly to the spamjinn.com site.
> Part 2 Any group or individual which sends out a mass (needs to be
> defined) mailing must cc his SMTP host (or a mutually agreed upon,
> third-party entity) with a copy of the email and receive (retroactive
> is OK) approval on the mailing. ISPs will investigate any mass
> mailings not following this procedure with an eye to blocking the
> outgoing mail privileges of mail that was sent out as spam.
>
> YAHOO GROUPS ALLOWANCE
> Mail that is sent out from a yahoo-groups address will be relayed on
> to those requesting to receive it. Other Yahoo mail (or mail from any
> heavy facilitators of spam mail) might be returned with a message
> like this, "due to Yahoo proliferating too much spam, users of this
> service have requested that mail from Yahoo addresses be returned
> unread." Instructions could be provided on how to obtain an email
> address with a more responsible provider.
>
> .... gotta get Energizer b a t t e r i e s . . . n o
> m o r e p o w e r
>
> Kim
> --
> Please be well.
>
> Kim Brooks Wei • P O Box 626 • Fair Lawn • NJ 07410 • V
> 201.475.1854
>
>
References:
|
|
