On 9/19/2011 6:44 PM, /dev/rob0 wrote:
On Monday 19 September 2011 17:06:22 john wrote:
I am running Ubuntu 11.04 as a SOHO server with
postfix/dovecot/Amavis-new/Spamassassin/Clamav setup as my email
service.
I currently use header and body checks in postfix as part of my
anti-spam measures.
How useful and/or how effective are these measures?
Not.
This really depends on one's definition of "useful" and "effective". I
find header checks are good at removing tumors from legit sources such
as freemailers and gorillas when accounts are compromised. Spammers are
lazy and often retain the same or similar subject and other header data
when they move from one compromised account to another. Granted,
fighting this type of spam with header checks can be labor intensive.
But short of a full blown content filter, this is often the last line of
defense. And should be used as such.
The only way header checks might be useful on the front lines is with
Sahil's TCP server that checks domains found in headers against URIBLs.
I've found it almost ineffective here over a long period, but my mail
stream is tiny. Sites with a larger flow may find it useful. It seemed
like a good idea when we first discussed it here long ago. For me it
just hasn't panned out in production.
--
Stan
