Delaying AKA Greylisting vs Spam collecting
Bayesian (spam) filters rely on being able to collect at least some spam emails as well as some good emails. And if you want to keep up with the changing face of spam, you need to be collecting recent spam as well as just looking through the old archived spam from months back.
However, the assorted "trickery" used by ASSP at the network level means a lot of spam is blocked very early on. In particular, the delaying/greylisting seems to stop a lot of spam quite dead, and of course it never collects the spam email itself. It's simply respponding to the initial EHLO command. So you can end up in a situation (like I find myself in) where, although you're blocking 87% of incoming emails as spam, you can never actually collect any of them for the spam database.
I've ended up running for half a day without delaying to boost my database. And turned off delaying for my little group of SpamLovers. A long term solution needs to be found however.
And I'm trying to better exploit the Spamtrap address. The spam trap address I'm using already existed before ASSP. It's the address that belonged to one of our technicians who worked here for a few years and seemed to put his name down for all sorts of crap. He's been gone for a long time now, but still seems to get heaps of junk email. So far, that passive spam-trapping has been all I've needed, but with Delaying, I need to take it further.
I'm going to try posting the address on as many forums, newsgroups and bulletin boards as will let me, and see if the volume increases. Hell, I may even try to "Remove" him from some mailing lists.
However, the assorted "trickery" used by ASSP at the network level means a lot of spam is blocked very early on. In particular, the delaying/greylisting seems to stop a lot of spam quite dead, and of course it never collects the spam email itself. It's simply respponding to the initial EHLO command. So you can end up in a situation (like I find myself in) where, although you're blocking 87% of incoming emails as spam, you can never actually collect any of them for the spam database.
I've ended up running for half a day without delaying to boost my database. And turned off delaying for my little group of SpamLovers. A long term solution needs to be found however.
And I'm trying to better exploit the Spamtrap address. The spam trap address I'm using already existed before ASSP. It's the address that belonged to one of our technicians who worked here for a few years and seemed to put his name down for all sorts of crap. He's been gone for a long time now, but still seems to get heaps of junk email. So far, that passive spam-trapping has been all I've needed, but with Delaying, I need to take it further.
I'm going to try posting the address on as many forums, newsgroups and bulletin boards as will let me, and see if the volume increases. Hell, I may even try to "Remove" him from some mailing lists.
posted by Al Whipp at
11:28 am
0 Comments:
Post a Comment
<< Home