e> Be prepared to bounce a huge amount of legit mail if you do that, e> including just about everyone who has their own domain or travels e> or has a split mail server setup. Either that or make sure tha you e> only do that for yahoo/hotmail/eudoramail/etc that are known e> problems.
I know of no anti-spam measure that does NOT have colateral damage. Just turning on strict RFC compliance will knock 10% of your legitimate email out. And how many email servers give a proper HELO exchange? Or have IP addresses that can correctly survive a reverse DNS lookup? If you have an inbound postfix mail server, check your logs, and you'll see a great many error messages where the reverse DNS entry doesn't resolve to the same IP being checked, or even exist in the domain DNS. Block open relays using ORDB? Sorry, your customers in Asia, South America, etc., are in trouble. It even catches some of my suppliers! Block open proxies? Sorry, even though this is a pretty safe bet, there are exceptions. Block unsecured FORMMAIL script servers? Another low, but not zero, colateral damage filter, which bit us less than 2 hours after it was turned on. We still block FORMMAIL mail, but by manual entries and regular expressions (hint: throw away any message that contains the text, "Below is the result of your feedback form. It was submitted by" in the body). Block strictly by SPAMCOP listing? Forget the joke mail lists (many of which are spam sites anyway), TOPICA mail lists, several YAHOO servers, etc. Personally, I'd bounce all mail claiming a NETSCAPE.COM address, except that some customers "seem to remember" legitimate mail from a NETSCAPE.COM user "once or twice", although none can seem to find such mail in their archives. And a most of the NETSCAPE.COM spam actually comes through a mail exchanger for that domain, so it would have passed the filter that started this discussion. spamassassin is one possibility we're looking at, but we're really looking at bouncing the mail before it's collected, rather than marking it as spam after it arrives. We do have one strict policy - hit a spam trap, get on the block list. Several otherwise legit mail services are permanently blocked on our systems because they hit non-existant trap addresses at one time or another. People who have never existed on our system get email 10 to 300(!) times per day. -- Jeff Brenton President, Engineered Software Products, Inc http://espi.com Questionable web page: http://dididahdahdidit.com Liberalism grants you the freedom to advocate any idea*. * Please see http://www.dididahdahdidit.com/except.php for a current list of exceptions
