[Greylist-users] Using a spam-trap e-mail address with greylist

Graham Miller graham at gmcs.com.au
Thu Jan 25 18:15:05 PST 2007

dhottinger at harrisonburg.k12.va.us wrote:
> I see your principal, but dont think it will go very far in reducing
> spam.  Blacklists dont work very well with spammers.  Sad fact is most
> spam is coming from zombie boxes whose owners dont know they are being
> used for spamming.  So your blacklist wouldnt block very much spam.

True, that individual blacklists do not block much spam, but a good RBL can
help remove plenty of spam. We use zen.spamhaus.org, list.dsbl.org, and
combined.njabl.org with great success. It knocked out about 50% of all spam
coming into our servers when we implemented it and still rejects a good
proportion (not measured) today. And we have had no false positives as far
as we know.

>  A
> spam filter like bogofilter or spamassassin that you 'train' by giving
> it spam and nonspam messages works much better.  However, even those
> dont do a perfect job in blocking spam.

And nothing will do a perfect job handling spam... No such animal. Harm
reduction is the best that can be achieved. And better to let some through
than block legitimate ones IMO.

>  I run bogofilter, and Im
> catching around 20000 emails a day with a better than 95% success
> rate.  Sometimes a message is put in the filter that isnt spam.

And what if the user does not ever know the message was not received... Say
an email from a potential customer who just gave up and did not do business
with you? Or someone sending an email to let you know of a problem on your
web site? Do your users see the emails in the filter?

IMHO, any antispam measure that scans the message body for characteristics
has a higher chance of blocking a real email than other measures. And it
constantly needs to learn or be upgraded. It's the same approach as virus

The "known" spammers from RBLs that use honeypots, can be a good measure as
part of a chain of tests without using the processor power to scan every
message body (including de-encoding for mime multipart stuff).

More information about the Greylist-users mailing list