Hello, Has anybody on this list figured out an effective way to eliminiate, or at least severely limit, the amount of spam that arrives in your NOC? I am aware of solutions such as Spamassassin, Vipul's Razor, and the various RBL lists, but has anybody used one of these solutions, or anything else, to reduce the amount of spam going into noc@/trouble@/etc mailboxes without severely restricting the rest of the internet's ability to reach the noc via email for legitimate purposes? Particularly in a NOC where it's quite possible that some of your customers are listed in the RBLs but still need to reach you. -Jeff -- Jeff Workman | jworkman@pimpworks.org | http://www.pimpworks.org
<ramble> You hit it dead on: use all the tools at your disposal, but preemptively "whitelist" your customers. Unfortunately, the whitelisting isn't always as easy as it sounds. If they are within your IP space, you're good to go, but if they have the rare portable block, or they are multihomed, etc., you need to be more careful. </ramble> In Short: Whitelist like crazy, and then blacklist like mad! On Thu, 23 May 2002, Jeff Workman wrote:
Hello,
Has anybody on this list figured out an effective way to eliminiate, or at least severely limit, the amount of spam that arrives in your NOC? I am aware of solutions such as Spamassassin, Vipul's Razor, and the various RBL lists, but has anybody used one of these solutions, or anything else, to reduce the amount of spam going into noc@/trouble@/etc mailboxes without severely restricting the rest of the internet's ability to reach the noc via email for legitimate purposes? Particularly in a NOC where it's quite possible that some of your customers are listed in the RBLs but still need to reach you.
-Jeff
-- Jeff Workman | jworkman@pimpworks.org | http://www.pimpworks.org
-- Yours, J.A. Terranson sysadmin@mfn.org If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place... --------------------------------------------------------------------
On Thu, 23 May 2002 measl@mfn.org wrote:
<ramble> You hit it dead on: use all the tools at your disposal, but preemptively "whitelist" your customers. Unfortunately, the whitelisting isn't always as easy as it sounds. If they are within your IP space, you're good to go, but if they have the rare portable block, or they are multihomed, etc., you need to be more careful. </ramble>
In Short: Whitelist like crazy, and then blacklist like mad!
We do both...but I wouldn't say whitelist like crazy. More like whitelist as needed, and find a blacklist or one of the message body parsing utils you like...or both. For the rare emergency when a customer (or non-customer) needs to talk to our NOC and can't get email through, we have these neat things called telephones. They work pretty well. In fact, I think mine often works too well. -- ---------------------------------------------------------------------- Jon Lewis *jlewis@lewis.org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Jeff Workman(jworkman@pimpworks.org)@2002.05.23 16:41:08 +0000:
Hello,
Has anybody on this list figured out an effective way to eliminiate, or at least severely limit, the amount of spam that arrives in your NOC? I am aware of solutions such as Spamassassin, Vipul's Razor, and the various RBL lists, but has anybody used one of these solutions, or anything else, to reduce the amount of spam going into noc@/trouble@/etc mailboxes without severely restricting the rest of the internet's ability to reach the noc via email for legitimate purposes? Particularly in a NOC where it's quite possible that some of your customers are listed in the RBLs but still need to reach you.
TMDA as per-account or generic delivery filter (depending on your MTA setup), with a whitelist of known customers (which should be easy to derive from a CRM backend or customer address database and a few lines of shell voodoo). regards, /k -- WebMonster Community Project -- Reliable and fast since 1998 -- All on BSD http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.apache.de/ GnuPG: 0xDEC948A6 D/E BF11 83E8 84A1 F996 68B4 A113 B393 6BF4 DEC9 48A6 REVOKED: 0x2964BF46 D/E 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46 REVOKED: 0x4C44DA59 RSA F9 A0 DF 91 74 07 6A 1C 5F 0B E0 6B 4D CD 8C 44 My mail is GnuPG signed -- Unsigned ones are bogus -- http://www.gnupg.org/ Please do not remove my address from To: and Cc: fields in mailing lists. 10x
participants (4)
-
Jeff Workman
-
jlewis@lewis.org
-
Karsten W. Rohrbach
-
measl@mfn.org