From: "Mark" <[EMAIL PROTECTED]>
From: Marc Perkel [mailto:[EMAIL PROTECTED]
I'm not an appliance vendor but I run a fornt end spam
filtering service and it's been a struggle. Most of my spam
defense isn't SA though. I'm using Exim rules to do most of the
work and SA gets what's left.
Same here. A custom brewed milter-type setup of mine (a combined set of
socketmap invocations, to be precise) handles the vast majority of spam at
the gate.
92% (!) of all incoming spam uses an invalid HELO.
9% pretends to be me in their HELO.
I presume those that pretend to be you are invalid HELO, also. Otherwise
the addition produces an overflow. {^_-}
83% of all spam here comes from dynamic IP space.
8% of the incoming spam uses a country-level TLD which does not match the
HELO country TLD ("EHLO foo.de" vs. "bar.uk" PTR, for instance).
But the remainder is -92%.
{^_-}
