North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Misguided SPAM Filtering techniques

  • From: Sean Figgins
  • Date: Mon Oct 22 12:05:10 2007

Dave Pooser wrote:

Whenever I get one of those, I go ahead and confirm the message so the spam
gets through to the end user. I figure if they think I'm gonna filter their
mail for free, well, they get what they pay for.  :^)

And that is probably just fine, as 99% of the true spam comes from email addresses (and often doamins) that either do not exist, or often are not configured to receive email. The result is that 99% of the spam filtered by spamarrest (or other challenge-response techniques) is never actually seen by any human. If you didn't send the the email, why bother confirming it? Aren't you also adding back to the problem?

Even if you confirm your email address, that's all that spamarrest is asking for. If the email address is valid, then it's done it's job. If the email address is not valid, then the spam gets stopped.

I use a challenge-response system in conjunction with other techniques, and have reduced the amount of spam I have to deal with by a couple orders of magnitude.

I also advise the list membership here that if they DON'T want to get the challenge from my agent, they should send responses through the list.

As fas as the original poster... When I was working for a particular MSO the topic came up for filtering port 25. It took me about a minute to convince them that it was a bad idea, as a lot of people with broadband are the work-fro-home type, and not all of them VPN into their work, but instead use their corporate SMTP/POP/IMAP server to do their business. Since handling these valid servers on a ticket basis would prove to be too much work, the plan was scrapped.


(Please respond only to the list.)