[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: excessive bounces

From: Andrew Suffield
Subject: Re: excessive bounces
Date: Thu, 27 May 2004 22:36:47 +0100
User-agent: Mutt/1.5.6i

On Thu, May 27, 2004 at 10:12:19AM +0100, Lars Hecking wrote:
> > I believe that all of the SourceForge lists are also open.   They used 
> > to support blocking non-subscribers but that became a nightmare for 
> > maintainers so the capability was removed.
>  SourceForge uses SpamAssassin. Just for comparison, out of the 1600 spam
>  emails I have archived since last September, 211 came from SF. 635 from
>  the autoconf and automake lists. These are spam emails that made it through
>  the primary defences on the mail gateway. I am subscribed to 2 lists,
>  and probably about 10 SF lists, on and off.
>  I have received email on the issue by Paul Fisher of the FSF, but I don't
>  want to repost it here w/o his permission (and because it's off-topic). In
>  my reply, I have outlined a few things that could be done:
>  o has a prohibitively high volume of email, and SA/Bayes require
>    massive resources. Therefore, the volume of mail going through SA or
>    any other tool must be limited.
>  o Excessive whitelisting: all current subscribers should be white-
>    listed, so that their email bypasses anti-spam. Yes, that'll still leave
>    the problem of subscribed spammers, but I believe there won't be too many.
>  o SMTP from hosts not in the domain, but HELO'ing as or
>    the associated IP addresses must be refused flat out. That cuts out
>    many viruses/worms, and a good bit of spam, too.
>  o Ruthless use of DNS blacklists before mails reach anti-spam. Most of
>    spam on GNU lists originates from "known bad boys" - Korea, China,
>    dialup/dyn-ip hosts, Comcast, *bell etc. Recommended reading:
> alone would probably work wonders.

As another data point, look at these numbers for

Summary: 96.5% of all inbound mail is blocked as spam.

This is done without using any pansy address obfuscation, scattershot
DNS blacklists, or (m)any closed lists. And one fairly slow server,
which is not delivering any mail that has not been checked with
spamassassin, although the bayes tests are not used, but these aren't
too useful anyway; they require continual human intervention on a
scale comparable to the volume of mail, which is too damn big. I
expect this is a similar order of magnitude mail volume as deals with. (Talk to the listmasters if you're interested
in *how* this is accomplished, I don't know the details).

  .''`.  ** Debian GNU/Linux ** | Andrew Suffield
 : :' : |
 `. `'                          |
   `-             -><-          |

Attachment: signature.asc
Description: Digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]