lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <72dbd3150612132041x15e6ab78u47c6ecf6826a3b23@mail.gmail.com>
Date:	Wed, 13 Dec 2006 20:41:02 -0800
From:	"David Rees" <drees76@...il.com>
To:	"Giacomo A. Catenazzi" <cate@...eee.net>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: Postgrey experiment at VGER

On 12/13/06, Giacomo A. Catenazzi <cate@...eee.net> wrote:
> So a challange to the kernel hackers: build a mail filtering/proxy
> system, a' la BSD.
> I don't remember the specification and features, but IIRC the
> netfilter is not enough to do the graylisting (but pf was).
> Someone has some hints what kernel can do in the fight against
> spam?

I've gone through a number of anti-spam measures over the years. I
started with SpamAssassin, then bogofilter, greylisting, various RBLs
and most recently DSPAM.

SpamAssassin an bogofilter used to work pretty well, but over time
they let more and more spam through so I stopped using them.

Greylisting used to work very well, but recently more and more
spammers are retrying not to mention I kept on running across broken
mail servers that either wouldn't retry or would take forever to
retry. My users would also complain that email was broken when a
message would take hours to deliver instead of being delivered almost
immediately. They found it better to get spam than to occasionally
miss email or have to wait for email.

RBLs work pretty well as long as you choose the right ones that aren't
too aggressive with their lists. sbl-xbl.spamhaus.org is pretty
reliable and I have found it good at not blocking legitimate sources
of email.

DSPAM's learning ability seems to be very good (better than SA and
bogofilter) once trained and the web interface for training mail makes
it a snap to do (you can also do it via command line). It's also
flexible enough that it's easy to plug it into just about any mail
server configuration out there.

-Dave
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ