[Mimedefang] Making the spamtrap accounts work for me

[Jonas Eckerman]

On Thu, 1 Jan 2004 22:14:01 -0500, Stefano McGhee wrote:

>  makes sense to create a separate file consulted by MD or edit the
>  access.db to dynamically to REJECT messages that come from IPs
>  sending to these bogus addresses.

Yes and no. If that's the only things ever from those IP addresses it makes sense, but spam often comes from big ISPs as well because some users have compromized machines thar spammers use. If those compromised machines send through the ISPs SMTP server you could end up blocking a lot of completely innocent people.

To me it makes more sense to use something like relaydb for this. With relaydb you can count the number of hams and spams from each IP, and then you can reject based on those numbers. It also makes sense to feed them as spam to sa-learn. And reporting them to Razor and Pyzor shuldn't hurt either.

I'm using relaydb in my mimedefang.filter (you can check it at http://whatever.frukt.org/). Feeding to sa-learn could be done in the same way I feed to relaydb.

Notes:

1: My filter is not setup with a spam trap. I am probably going to set up a couple of spam-trap addresses (just including them as hidden mail links in our main web pages and using them in a couple of mailinglists and newsgroup posts should do the trick). It should be fairly easy to check for those addresse in the filter and feed everything addressed to them directly into sa-learn and relaydb.

2: Using reladb works fine, but I am thinking of implementing bthe same functionality directly in the filter.

Regards
/Jonas
-- 
Jonas Eckerman, jonas_lists at frukt.org
http://www.fsdb.org/