Great Circle Associates List-Managers
(November 2002)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: ISPs Wrongly Block 1 in 8 Messages for Spam
From: Tom Neff <tneff @ grassyhill . net>
Date: Fri, 01 Nov 2002 10:59:54 -0500
To: list-managers <list-managers @ greatcircle . com>
In-reply-to: <5.0.2.1.2.20021101065002.01d29750@mail.earthlink.net>
References: <Message from Sean Brunnock <brunnock@server.com><5.0.2.1.2.20021031063759.01d2e6e0@mail.earthlink.net><JCEAKIGPHKDGFFDLONKFIEJHHGAA.rich@ChristianityToday.com><JCEAKIGPHKDGFFDLONKFCEDNHGAA.rich@ChristianityToday.com><5.0.2.1.2.20021031063759.01d2e6e0@mail.earthlink.net><5.0.2.1.2.20021101065002.01d29750@mail.earthlink.net>

--On Friday, November 01, 2002 6:53 AM -0500 Sean Brunnock 
<brunnock@server.com> wrote:
> OK. Then explain something to me. How does SpamAssassin differentiate
> between a solicited bulk message and an unsolicited bulk message?

Just to explain one more time, SpamAssassin applies a bunch of (mostly 
regular expression) tests against the headers and body of an email, driven 
off a list of 'rules' each of which has a certain 'score weight' attached 
(which can be plus or minus).  At the end of the email it adds up the score 
and compares it to a threshhold which you have set in your .cf file, and if 
the threshhold is exceeded, it either flags, redirects, or drops the 
message, again according to your chosen config file.

Given two otherwise identical messages, both originating from 
non-blackholed mail hosts (since one of the optional tests is for 
blackholes), one "solicited" and the other "unsolicited," SpamAssassin 
would have no way to tell.  (There is no such thing as an X-Solicited: 
header, and you can bet that if there were, it's the first thing spammers 
would include.)

As installed out of the box, SpamAssassin would most likely let BOTH 
messages through to your inbox unmolested.  If you tune the scoring or the 
threshhold downward so that most bulk email is blocked (which some prefer 
to do), what you need to do is "whitelist" your chosen list memberships, so 
that, for example, list-managers-owner@greatcircle.com as the Sender is a 
-10 (or lower) score.

As a practical matter, it might be nice to have "on file" a list of howto's 
that allow your managed list to be whitelisted for the major antispam 
packages.  Then when people ask, you are ready with a recipe.


References:
Indexed By Date Previous: Re: ISPs Wrongly Block 1 in 8 Messages for Spam
From: Chuq Von Rospach <chuqui@plaidworks.com>
Next: Re: ISPs Wrongly Block 1 in 8 Messages for Spam
From: J C Lawrence <claw@kanga.nu>
Indexed By Thread Previous: Re: ISPs Wrongly Block 1 in 8 Messages for Spam
From: Chuq Von Rospach <chuqui@plaidworks.com>
Next: Re: ISPs Wrongly Block 1 in 8 Messages for Spam
From: J C Lawrence <claw@kanga.nu>

Google
 
Search Internet Search www.greatcircle.com