All, My company has a large # of "divisions", each with their own domain. Currently we are maintaining hostmaster, webmaster, postmaster, security, and abuse accounts for nearly all domains. After our recent testing of some new spam filtering software, I am really wondering about the operational necessity of all these addresses. (total of about 200 or so) What is truly required? Our IP whois lists where we truly answer problems. But we still review all the others. Our spam software shows 98% of all email to the RFC accounts is spam. So what will we have to deal with if we did discontinue those addresses for all but 1 of our domains. how do some ISP's handle it? You host hundreds or thousands of domains. most with no webmaster etc... does it matter for the "small company" domain? Comments appreciated on or off list... Summary will be posted back to list..... thanks, Jim
Our spam software shows 98% of all email to the RFC accounts is spam.
The reason those addresses get on the spamlists is so that you will disable the addresses making it harder for people to report that a spammer is using your server or your network to spam. Geo.
On Sun, Apr 11, 2004 at 09:41:05PM -0400, McBurnett, Jim wrote:
how do some ISP's handle it? You host hundreds or thousands of domains. most with no webmaster etc... does it matter for the "small company" domain?
Forward abuse@ for all domains to just one account. Repeat for each role account. Run spam assassin, or other spam limitting software of your choice (realize that false positives are possible). Do some matching to flag messages which mention domains / IP's you take care of first, and then read the rest later.
Comments appreciated on or off list... Summary will be posted back to list.....
Please, do no disable those accounts. Sometimes they are the only obvious easy way to contact you. -- Avleen Vig Systems Administrator Personal: www.silverwraith.com EFnet: irc.mindspring.com (Earthlink user access only)
* lists-nanog@silverwraith.com (Avleen Vig) [Mon 12 Apr 2004, 06:56 CEST]:
Forward abuse@ for all domains to just one account. Repeat for each role account. Run spam assassin, or other spam limitting software of your choice (realize that false positives are possible).
Possible? Make that very likely, as reports of UCE/UBE generally include the original mail. Those *will* trip word counters and bayesian spam filters like SpamAssassin. -- Niels. -- Today's subliminal thought is:
On Mon, 12 Apr 2004, Niels Bakker wrote:
* lists-nanog@silverwraith.com (Avleen Vig) [Mon 12 Apr 2004, 06:56 CEST]:
Forward abuse@ for all domains to just one account. Repeat for each role account. Run spam assassin, or other spam limitting software of your choice (realize that false positives are possible).
Possible? Make that very likely, as reports of UCE/UBE generally include the original mail. Those *will* trip word counters and bayesian spam filters like SpamAssassin.
There should be options to override this (there are in spamassassin) to whitelist from domains (eg spamcop.net) and to addresses (eg abuse@). You must do this else as you say you will drop a lot of the complaints.. most do include the original spam, and those that dont are useless anyway! Steve
On 2004-04-11T21:41-0400, McBurnett, Jim wrote: ) So what will we have to deal with if we did discontinue those addresses for all but 1 ) of our domains. Well, having all but the one domain listed in rfc-ignorant.org's blacklist, for one. Do you mind sharing your list of domains to help expedite the listing process? Thanks, -- Daniel Reed <n@ml.org> http://people.redhat.com/djr/ http://naim.n.ml.org/ Never be afraid to try something new. Remember: Amateurs built the ark. Professionals built the Titanic.
In article <9BF6F06C4BC90746ADD6806746492A33E93A8E@msmmail01.msmgmt.com>, "McBurnett, Jim" <jmcburnett@msmgmt.com> writes
how do some ISP's handle it? You host hundreds or thousands of domains. most with no webmaster etc... does it matter for the "small company" domain?
Most hosted domains I've met come with unlimited email addresses, so that email to "webmaster..." will be sent through to the user, along with all the other email. Some allow users to filter on the local part, and pick up designated email addresses separately. But most of those also have a bucket for all the remaining ones. At that stage its the user's responsibility to make sure they pick up all the emails. -- Roland Perry
participants (7)
-
Avleen Vig -
Daniel Reed -
Geo. -
McBurnett, Jim -
Niels Bakker -
Roland Perry -
Stephen J. Wilcox