RE: iHateSpam vs GFI

  • From: John Mason <John.Mason.Jr@xxxxxxxxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Fri, 24 Oct 2003 18:16:35 -0400

-----Original Message-----
From: Gabrie van Zanten [mailto:gabrie@xxxxxxxxxxxxxxxx] 
Sent: Friday, October 24, 2003 5:35 PM
To: [ExchangeList]
Subject: [exchangelist] RE: iHateSpam vs GFI


http://www.MSExchange.org/

No sorry if it confused you.

Most anti-spam products use severall methodes to detect spam. One of these
methodes is Bayesian filtering. My advice is to choose a product which has
Bayesian filter as one of the filters it is using. 

Gabrie


I would agree but also make sure yoour anti-spam solution is based on an
open and extendable platform, the spammers will be moving at a fast rate to
try and get through our filters, to stay effective you must have the support
of a platform and company to ensure you can keep up. 

Bayesian filterng generally will have better results when individual users
have separate collections of spam and ham. This is because this filtering
method relys on diffrences in the characteristics of the tokens in mail,
having a single collection of spam and ham may make it more difficult to
train.

Use your firewall and or DNS block lists where you can, some like
sbl.spamhaus.org are very tightly run and can eliminate a great deal of spam
from the outset.

Use blacklists to block domains and senders

Spammers need a way for you or your user to contact them so block mails with
specific URLs 

Come up with a policy concerning free mail providers, I have a rule that
holds all mail from places like yahoo.com unless it is from their server,
catches lots more spam, and I even white list known valid users of these
providers so it won't inconvienience them or my users.


Many spammers just want to blast mail out and so don't pay attention to
return codes or ensure delivery was successful, so the first time a sender
sends mail to my domain they are temp failed, if they retry then we run them
through the filters (greylisting)


Spam Assassin works well to id spam and is in a continuous devlopment cycle
to add new rules for spam id version 2.60 rocks.

Razor and DCC are extremely effective at  identifying spam. Both use
publicly queryible databases of spam checksums or hashes.


Set up spamtraps to identify spammers who harvest addresses .


Take a little time to properly complain to spammers ISPs and in the cases of
mainstream companies whose products are being advertised complain to them as
well. Also try to educate some of the folks who have had a server
compromised or misconfigured.

John Mason

PS I posted it before but I use CanIt form http://www.canit.ca to filter my
mail.
It is *nix based but easy to get up and running.



  


Other related posts: