[NCLUG] mmmmmmm...spam control

bmc brettcrandall at hotmail.com
Tue Feb 19 11:44:53 MST 2002 

Well this is borderline spam becuse it wasn't  specifically requested but I
thought some of you admins out there might be interested in this.

I subscribe to tech republics Linux tips and got this today;

BLOCKING SPAM WITH TMDA

Do you get spam? Do you get a lot of spam? Are you tired of ignoring the
problem and deleting message after message, hoping that it doesn't get
any worse? Almost everyone does.

ISPs and mail server admins using Real-time Blackhole List (RBL) services
can eliminate mail received from servers known to be open relays and
abused by spammers, but this doesn't catch everything. In fact, it catches
only a very small percentage of mail.

Client spam software looks at a message and attempts to filter it based
on words within the message. As spam-prevention programs evolve, however,
so do the strategies used by spammers. More often than not, software now
dependent upon one technology will be obsolete a few months down the
road. This is in part due to the traditional "blacklist" (for unknown
senders) approach.

One tool for Linux, known as Tagged Message Delivery Agent (TMDA), takes
the opposite tactic and uses a "whitelist" approach. Instead of allowing
everything not explicitly denied, it denies everything not explicitly
allowed. TMDA stops mail before it reaches your mailbox and determines
whether or not it's in an exclusive grant list (the whitelist) of addresses.
If it is, the message gets through. If it isn't, the message is sent back
to the sender asking for confirmation that it isn't spam or bulk mail.
The sender then replies to the message. Once TMDA receives the
confirmation, it lets the mail through.

While this approach could be tedious, TMDA can be configured to
automatically whitelist any address that has been confirmed without your
intervention. The theory behind this is that a spammer will not reply to the
confirmation request (if the returned message even makes it back to the
sender). TMDA currently supports qmail, postfix, and Exim under Linux and
UNIX
systems.

There is a page with more info here http://software.libertine.org/tmda/

More information about the NCLUG mailing list