On Tue, 28 Sep 2004 08:57:28 -0500, "Bob Apthorpe" <[EMAIL PROTECTED]> said: > Hi,
Hello. > On Mon, 27 Sep 2004 15:10:30 -0700 [EMAIL PROTECTED] wrote: > > > On Mon, 27 Sep 2004 12:52:41 -0400 (EDT), "Dan Mahoney, System Admin" > > <[EMAIL PROTECTED]> said: > > > Hey guys, as a quick survey, if you're blocking ips at the MTA level, > > > which are you using? > > > > I think it's a bad idea and don't do it at all. Much better to configure > > your MTA to reject mail based on a SpamAssassin score which nicely > > combines the RBLs and other spam indicators. Our MTA returns a 550 after > > the DATA is received on any message that SpamAssassin scores higher than > > 10, which blocks about 90% of all spam we get (that's about 70% of all > > incoming mail, lately). > > I'll counter that rejecting before DATA saves on bandwidth and CPU, and > can be done safely with a judicious choice of DNSBLs. I like your choice of RBL's, but your definition of 'safely' doesn't match up with what my users consider an acceptable number of false positives. -- [EMAIL PROTECTED]
