Firewall Wizards mailing list archives

Re: FWTK and smap/smapd

From: Brian Hatch <firewall-wizards () ifokr org>
Date: Wed, 17 Jul 2002 14:26:09 -0700

Much of the spam I used to receive came from forged hotmail.com accounts.
Very little spam actually comes from hotmail, so I don't want to just block
them since there are some legitimate correspondents of mine that use their
mail (heck, I use a hotmail address sometimes when I'm on the road..)


Ron Guilmette has patches that do this for Postfix at
<http://www.monkeys.com/anti-spam/filtering/additions.html>.  I
tried them but had too many false positives, even for the commonly
forged domains like hotmail.  They did catch some spam though it
never more than 2 or 3% of the daily filtered total.


SpamAssassin (which is usually called from your delivery agent,
not your MTA) does catch these forgeries with very good accuracy.
You might want to give it a try.  



--
Brian Hatch                  If you think there
   Systems and                there is good in
   Security Engineer          everyone, you
www.hackinglinuxexposed.com   haven't met everyone.

Every message PGP signed

Attachment: _bin
Description:

Current thread:

Re: FWTK and smap/smapd, (continued)
- Re: FWTK and smap/smapd ark (Jul 16)
- Re: FWTK and smap/smapd ark (Jul 17)
  - Re: FWTK and smap/smapd Frederick M Avolio (Jul 17)
    - Re: FWTK and smap/smapd Paul Robertson (Jul 17)
    - Message not available
    - Re: FWTK and smap/smapd Marcus J. Ranum (Jul 18)
- Re: FWTK and smap/smapd Roger Marquis (Jul 17)
  - Re: FWTK and smap/smapd Joseph S D Yao (Jul 17)
    - Re: FWTK and smap/smapd Bennett Todd (Jul 17)
  - Re: FWTK and smap/smapd Rick Murphy (Jul 17)
- Re: FWTK and smap/smapd Roger Marquis (Jul 17)
  - Re: FWTK and smap/smapd Brian Hatch (Jul 17)
  - Re: FWTK and smap/smapd Dominik Miklaszewski (Jul 17)
    - Re: FWTK and smap/smapd Devdas Bhagat (Jul 18)
    - Re: FWTK and smap/smapd Greg Polanski (Jul 18)
- RE: FWTK and smap/smapd Karl Vogel (Jul 18)