Results 1 to 16 of 16
  1. #1

    Not just SpamAssasin

    Hello,

    Recently more and more spam is getting through spamassasin for me, not sure if this is the case for all. I find MailScanner and ClamAV have been working overitme lately, but I am curious if there is more I can do...

    A friend pointed me to this blog:
    http://www.nelson.monkey.org/~nelson...pamTuneup.html

    It talks about two similarly named spam blocking programs:

    Pyzor:
    http://pyzor.sourceforge.net/

    and
    Razor:
    http://razor.sourceforge.net/

    I am curious if anyone has had any experience with these, I am debating trying these, may test them out on testing server and such...

    Thanks for any stories, feedback, ideas, tips or suggestions




  2. #2
    We use Spam Assassin with Razor and a few other tweaks , I believe. It blocks nearly 2000+ E-Mails a day from our office environment. I can get you a tutorial as well, I believe on how you can set it up.

    Kosta

  3. #3
    If you have a nice tutorial link, please by all means do share So you see no conficts with razor and spamassasin? That is nice

  4. #4
    Join Date
    Nov 2001
    Posts
    88
    Spammers are getting smarter, im getting more spam every day that comes thru spamassassin. And i cant block it without blocking legitimate emails.

    MailScanner and ClamAV are doing a great job, it has blocked every single virus that hit my mail server. about 200+ a day

    Im very interested in this too, please share the tutorial with us.

  5. #5
    Will do. I just can't post it until I get home in a few hours.


    Kosta

  6. #6
    Thanks Kosta

  7. #7
    I even wrote a front end to control white / black lists, and options for it to be used with Exchange for our office .. eventually I need to make one for *nix boxes =] .

    No problem.

  8. #8
    Join Date
    Aug 2002
    Location
    UK
    Posts
    852
    Whatever you do, NEVER EVER USE SPEWS

  9. #9
    Hostito,

    Glad to see your post and see that it's not just me. For the past few weeks, more and more spam has been getting through :-(. And I always though spammers were morons, but apparently they're smart enough to figure out how to get around SA.

    I've read a little bit about Razor and Pyzor... might look into them. Also considered TDMA, but that may be difficult to manage as well. Thoughts?

    Thanks,
    Russ
    Sitelutions: www.sitelutions.com -- Reliable Hosting, Low-Cost Domains, Dynamic DNS
    IFlex Data Center.: FlexData.Center
    Northern Virginia & Washington DC Area Data Center Colocation

  10. #10
    TDMA seems to irritate folks as a lot of folks don't like to have to reply and such. I loved it, but everyone else hated it

  11. #11
    Oops, I think we both confused it with the cell phone standard "TDMA"... but it's actually "TMDA." My mistake too :-).

    Yeah, I've never actually tried it with my primary e-mail address. I like the idea of it though, because it should basically eliminate all spam. It may be nice to use SpamAssassin as a first line of defense, then TMDA. This way mail that gets through SA could be put into the "unreviewed" TMDA folder.

    One of my main problems with TMDA is that it may cause me to miss automated messages sent by companies / sites that I deal with. If I had to review messages that weren't let through, I'd see hundreds of spam messages and maybe a few valid ones. It may be hard to pick out the valid ones.

    Opinions?
    Sitelutions: www.sitelutions.com -- Reliable Hosting, Low-Cost Domains, Dynamic DNS
    IFlex Data Center.: FlexData.Center
    Northern Virginia & Washington DC Area Data Center Colocation

  12. #12
    Ha, you are right


    Found this:
    http://www.flakshack.com/anti-spam/

    Has some interesting stuff...

  13. #13
    Join Date
    Jul 2002
    Posts
    3,734
    We've seen a huge increase in spam in the past month. In studying the spams, they appear to have come up with some method of disguising the text, yet making it readable to the user.

    It's quite astonishing, really. I've been trying to wrap my head around how it's done. The text looks normal, but when you copy/paste it somewhere else, it's p3n10s enl3rgm3/nt instead of real words. I can't figure out how the heck they did it...

    We introduced some of the more traditional blacklists like spamhaus and ordb into the mix. That has cut things way down and doesn't really touch legitimate email. Another that we are testing is list.dsbl.org, but I'm not sure whether that's going to have SPEWS-like problems with blocking legit stuff.

  14. #14
    Andrew: It's a method called obfuscation.
    Apocalypse: Spammers are alot smarter then you think. They have most of these free open source engines. Basically testing before sending. Not all are as technical, but you do have the very intelligent, playing on the other team.

    MailScanner has the ability for plug-ins. I think you can add different AS engines as you can add AV engines.
    Last edited by datums; 03-18-2004 at 04:53 PM.
    Datums Internet Solutions, LLC
    Systems Engineering & Managed Hosting Services
    Complex Hosting Consultants

  15. #15
    speaking of the apocalypse and email...
    http://www.informationweek.com/story...cleID=18400822

  16. #16
    Join Date
    Jul 2002
    Posts
    3,734
    Originally posted by datums
    Andrew: It's a method called obfuscation.
    Sounds right, but what's decoding it? And why the copy/paste thing? It's just weird...I could see if it came in hex or something but this isn't like that at all. It's like they're executing a str_replace on the words in my email client.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •