[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: public blacklists



Ow Mun Heng wrote:
On Thu, 2004-12-09 at 19:15, Paul Howarth wrote:

Ow Mun Heng wrote:

On Thu, 2004-12-09 at 02:54, Scot L. Harris wrote:

The SURBL option examines the URLs in the spam messages and checks
various block lists. If they show up on the block list the score is
increased appropriately.

I was just asking that question. Thanks for clearing that up. So, effectively, it's just another form of greylisting then.

No, greylisting is a completely different thing. Greylisting ensures that the sending server is a proper MTA that retries when it sees a temporary failure during a delivery attempt. Most spamware does not do this, hence greylisting stops lots of spam. SURBL is looking at the message body after delivery and scoring it as likely to be spam or not based on the URLs found there. Two completely different things.


In that case, in some cases, eg: if one runs their own mail-server,
grey-listing seems to be a better option compared to spamassassin, even
when using SURBL.

Reason being, greylisting stops it at the MTA level, spamassassin only
tracks it once it's already in the system.

Yes, though spamassassin can be tied closely to the MTA so that the MTA rejects the mail at the end of the SMTP transaction (DATA phase), which at least prevents delivery to the local user. Greylisting works before the DATA phase and is therefore more efficient bandwidth-wise.


Paul.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]