[Mimedefang] IP Reputation data collection (announcement, Internet draft)
joris dedieu
joris.dedieu at gmail.com
Mon May 3 02:13:12 EDT 2010
> 1 - including the product / version used for auto-ham/spam and the automated
> score & threshold of a spam
>
> 2 - including virii/malware as a note
>
> 3 - dangerous attachments and a filename
>
> 4 - dangerous content
>
> 5 - reverse DNS failures
>
> 6 - improper HELO/EHLO statements
>
> 7 - invalid MX records
I also think that you can't collect ip reputation without keeping a trace
of the mail itself and the mail transactions logs. A blacklisted ip
owner MUST have access to
this informations as this should be the only way to find and eliminate
the real spam cause.
I also think this draft should talk about abuses report mecanism.
Regards
Joris
More information about the MIMEDefang
mailing list