Hello Mikko and all,
I'm taking the liberty to change the subject so that it's easier to follow
it from here on.
On Mon, June 9, 2008 12:56 pm, Mikko Silvennoinen wrote:
> Hi, about reducing spam :
>
> It is possible and probable that the spammers use invaded machines of
> basicly innocent people (even me), and maybe there is possible to forge
> these e-mail headers,
> so I hope this does not hurt too much, but
> I analyzed some recent spam, and at least ip 195.20.15.168
> came up.
Interesting. In this case it resolves to mail2.mediastay.com. This is a
mail server used by Mediastay, a marketing company based in France. This
in itself doesn't mean they are evil, but nevertheless marketing companies
can use subversive techniques.
> Is there possible to use some better equipped e-mail-list server
> software to beat this if it bothers too much.
Listserv software is generally not designed with spam-policing in mind.
This is actually a good thing, since it can be handled more effectively
elsewhere. From a listserv perspective, we want the best functionality for
the list engine, which is most probably why this list uses Mailman (it's
possibly the best listserv system available at the moment). Spam filtering
happens on a mail server MTA level (sendmail/postfix/exim/etc), which
works really well if it's set up properly.
> After teaching what is spam for some time it is quite tigth filter.
> Since the telephone companies, who are keeping public smtp servers for
> their customers, don't seem to require any authentication
> for sending e-mail this is very hard to get reduced.
> Not to mention that sending from any machine is possible, if you or the
> virus writer knows how to.
> It is possible to configure newer e-mail servers to require e.g.
> certificate authentication from
> clients also. I don't know anybody who has bothered to do that.
Yes, that seems to be the current climate out there. Most ISP's I've been
using over the last few years at least have SMTP authentication set up on
their client-facing SMTP servers, although that is sadly by no means
universal. Even so, it's possible to set up effective antispam measures on
your own PC, whether you use Linux/Windows/Mac. It's just a matter of
finding one that works for you. Even so, I think it's sad that a user has
to go through these lengths to protect him/herself, whereas the whole
thing could be preempted effectively on a MTA level of the list server
itself. It's relatively technical, but by no means difficult. If it's a
Linux server, there are fantastic tools like
SpamAssassin/Amavis/MailScanner/ClamAV that integrates with just about any
conceivable MTA system. The internet abounds with HOWTO docs for the
non-technical too.
Anyway, that's just my 2C's worth.
-- Regards, Jan HenkinsReceived on Mon Jun 09 2008 - 09:27:56 EDT
This archive was generated by hypermail 2.2.0 : Mon Jun 09 2008 - 09:28:45 EDT