[30489] in North American Network Operators' Group
Re: surge in spam email (fwd)
daemon@ATHENA.MIT.EDU (Ben Beuchler)
Wed Aug 9 10:37:23 2000
Date: Wed, 9 Aug 2000 09:36:10 -0500
From: Ben Beuchler <insyte@emt-p.org>
To: multics@ruserved.com
Message-ID: <20000809093608.A4698@emt-p.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200008091417.KAA02576@multics.ruserved.com>; from multics@ruserved.com on Wed, Aug 09, 2000 at 10:17:00AM -0400
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, Aug 09, 2000 at 10:17:00AM -0400, multics@ruserved.com wrote:
>
> I haven't exactly seen an increase in spam, per se, what I have seen
> is the spammers are working harder at getting around the RBL and other
> spam blocks.
>
> Forwarded message:
>
> > Has anyone else noticed a surge in the amount of spam email they've been
> > getting? Anyone know the cause? I use RBL but I'm still getting quite a
> > bit.
I've also been testing every spam we receive against a small script that
looks it up in rbl.maps.vix.com, rss.maps.vix.com, dul.maps.vix.com,
relays.orbs.org, and outputs.orbs.org. As much as I prefer the
philosophy of RSS and RBL to ORBS, RSS and/or RBL only listed one of the
servers from which we we've been spammed in the last two or three weeks.
ORBS listed most of the spam sent via relay and DUL has actually caught
a fair number of 'direct to mx' spams.
I think when we actually start using blackhole lists (within the month)
we will select DUL and outputs.orbs.org. I expect that combination to
significantly reduce our spam volume.
Ben
--
Ben Beuchler insyte@bitstream.net
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground www.bitstream.net
