Mach 4
Network
Server-Side SPAM Filtering
October 30, 2006 (See also
multiple addenda at the end. Scroll down.)
This pertains to email servers hosted by Mach 4
Network. Not applicable to clients hosting their own email on-site, with messages delivered
(MX records) directly to Exchange Servers, or clients
with hosting services from other providers. Up until now,
we allowing clear passage of in-bound email, and
let clients perform filtering, at their control and discretion.
Deteriorating SPAM conditions now warrants mandatory server-side filtering. Today, we activate
2 DNSBL subscriptions at our email server feli.bravotech.net:
- relays.ordb.org
- bl.spamcop.net
Both are considered extremely conservative (non-aggressive)
lists maintained by highly regarded organizations, targeting only the most serious and confirmed offenders. False positives
virtually non-existent, while false negative is fairly high.
Should you experience problem in receiving email, keep this in mind
when troubleshooting. If the sender's smtp server (or their relay/proxy)
is listed on any of those blacklists, their mail will be rejected by us at the
time of transmission. They will receive a rejection notice from their
own smtp server. Please be advised that they are responsible for
perusing delisting from those international blacklists.
As always, the most effective measures against SPAM is a holistic,
multi-prong approach: Start with SPAM Prevention best practices,
followed by mild server-side filtering, and finally, content-based
(dictionary/Bayesian) filtering at the email client level, where
threshold can be adjusted, and false positives can be
reasonably managed.
- Clients concerned about the ramifications of this
change are urged to schedule appointment for
consultation and clarification.
- Consultants/Resellers are urged to schedule sessions
for training and in-depth briefing on this essential topic.
|
Addendum: Change in DNSBL Subscription
January 3, 2006
As ordb.org is no longer actively maintaining their relays.ordb.org
list,
we deactivated its use, and in its place, added two (2) DNSBL from
SPAMHAUS:
- sbl.spamhaus.org
- xbl.spamhaus.org
Addendum: Banning Servers from
Policy-Based Netblocks
January 29, 2007
Effective immediately, we do not accept any email transmitted from
netblocks (subnets) where the ISP has designated as not authorized to
operate smtp servers―namely, all consumer-class
access lines with dynamic addresses, and certain static address lines
that are specifically marked as no-smtp.
Essentially, we're joining the ranks of
providers assisting ISPs enforce their no-smtp policies. Locally,
in Rochester, NY, Frontier and TimeWarner had been enforcing smtp bans
since December and October 2003, respectively. Elsewhere, some ISPs have
yet to implement port 25 ban. It's possible that some consumer-class
access users are operating their own smtp servers on-site. In order
for their email to reach us, they will now be required to utilize the
smtp server from their ISP, or one of the hosting providers' which are
professionally operated and monitored. Of course, senders from business-class
access lines are not affected.
This represents a philosophical and policy
change on our part. We took this stance after weighing the
overwhelming benefits vs. the one-time, trivial and inevitable change
over required on the part of those few senders.
The latest DNSBL added: pbl.spamhaus.org
This measure
effectively protects against SPAM from almost all zombies* of the world!
*zombies (or bots) are (typically) consumer
machines that are improperly setup and poorly maintained. They're
compromised, and under control of criminals. These bot armies are being rented to perform SPAMming,
launch D-DOS attacks, commit click fraud, spread spyware, and other
commercial exploits.
SEE ALSO:
Anti-SPAM Initiatives
SPAM Prevention
<mailto:> Tag Alternatives
Catch-All Alias
Spoofed Email
|