RE: SPAM filter...

["Naren - Pactech" <naren () pactech net>]

Agreed with you .. but .. as implemented by one of my own ISP (where I
have an account .. ) SPAM Assasin has the highest false positive rates .. 

As that is beyond my control (i.e. the spam assasin is maintained by the
ISP) - there is nothing much I could do. Almost 10 % of my valid emails
become tagged as {SPAM} ..

In comparison, I would prefer something with a lower false positive rate
.. where the ones that missed out can be manually filtered, rather than
tagging valid emails .. as SPAM.

BTW, I have no experience with Amavisd-New

Anyway, I think the issue for Sekhar is on stopping people from finding
out valid emails. AS far as I know, there is no hard and fast solution for
that: the mail has to reach the database - or end email server, to confirm
if the email address that the mail is destined for exists or not !

The solutions for this would be .. 

1) dont bounce back unknown email addresses .. (easier to manage if the
number of users are small .. ) and instead re-route them to a dummy email
address or send to delete

2) filter (on the firewall or gateway .. depending on what you are using)
the sources sending these mails .. 

Dunno if these will solve the problem, or assist you, but I guess, they
should help .. !!

Naren

T. Naren 
Technical Manager - Pactech Pte Ltd., Singapore
Infocomm Security Solutions Distribution and Services
o: +65-62711123
p: +65-95778725
e: naren () pactech net 
w: <http://www.pactech.net>
[Firewalls: Borderware - Watchguard - Sonicwall]


-----Original Message-----
From: Shawn Jackson [mailto:sjackson () horizonusa com]
Sent: Tuesday, December 16, 2003 9:19 AM
To: Vedantam sekhar; security-basics () securityfocus com
Subject: RE: SPAM filter...



        We use Postfix, Amavisd-New and Spam Assassin and its cut
out-of-the-box we filtered 98% of our spam. All of which are open-source
projects. 

Shawn Jackson
Systems Administrator
Horizon USA
1190 Trademark Dr #107
Reno NV 89521
www.horizonusa.com
 
Email: sjackson () horizonusa com
Phone: (775) 858-2338
       (800) 325-1199 x338

-----Original Message-----
From: Vedantam sekhar [mailto:sekhar56us () yahoo com] 
Sent: Friday, December 12, 2003 10:05 PM
To: security-basics () securityfocus com
Subject: SPAM filter...

Dear All,

Can any body suggest me the mail filter software(Opensource :-)) which can
avoid the dictionary atttacks on the server.Our mx server has Solaris O.S.


The spammmers are trying to find out the Valid E-mails by blindly sending
mails to randomly selected characters as receipent ID?


Thanks

V.N.SEKHAR


This mail has been scanned for known virusses, and spam, using the
Borderware MXTreme Mail Firewall. For info, visit http://www.mxtreme.com

---------------------------------------------------------------------------
----------------------------------------------------------------------------