[IMC-Tech] Re: [Imc-web] Email and imsahp Tue Aug 22 10:42 CDT reboot

[Mike Lehman]

Having seen lots of the spam that made it past the filters, one thing 
that would be nice to have is to have the option to start screening out 
some of the email servers that have been repeated offenders here, but 
apparently haven't made the blacklist for some reason. I regularly add 
individual users from these sites to the discard list, but they just 
cycle in another random username.

Examples include anything with a *@virgilio.it *address. That bot just 
keeps spamming us and I doubt that we'd every have a legitimate users 
from it.

Here's some more that I'd suggest be added:
*@mizuno.de
**@prochoiceleague.com
*@rico.de

I'd be glad to keep a list of such repeat offenders to be added to the 
blacklist.

It will probably be easier to respond to the very rare legitimate user 
who needs these unblocked if we accidentally are too strict, than it is 
to keep letting these apparently rogue servers have access. Again, 
pardon my ignorance if this is not as clearcut a solution as it seems on 
the face of it.
Mike Lehman

Zach M wrote:
> Friends of mine that run large email servers have spoken very highly
> of the effectiveness of implementing rules that stop spam before the
> DATA command is even sent by looking at envelope information and
> rejecting malformed headers, blacklisting dynamic IP blocks and known
> spam sources, etc. There's LOTS of stuff we can do to reduce spam but
> anything we do will require admins to pay close attention to what is
> being caught so they can adjust rules if there is a lot of ham being
> caught. This is time I don't have so I've opted for a configuration
> that lets more spam through at the cost of ham very rarely getting
> caught.