Re: [tlug] state of the art spam filtering

[Edward Middleton <edward.middleton@example.com>]

On 03/17/10 09:30, Francois Cartegnie wrote:
> Le mardi 16 mars 2010, Darren Cook a écrit :
>>> * Reject senders with reverse subdomain containing blacklisted works (ex:
>>> *dyn*.foo.com, *dsl*.foo.com, *ppp*.foo.com, ...)
>>
>> No it doesn't. What about the genuine people sending from a subdomain
>> like that? They might be 99% spammers, 1% genuine, but this is still
>> throwing away real email.
> 
> Who sends mail from a dynamic/dialup/customer ip today ? Every dyn ip can send 
> mail through the isp's servers. Customers outgoing port 25 is even blocked by 
> ISP today.
> 
> As you're mentioning, that's 99% chance of being crap. But I never saw the 
> remaining 1%.
> If it's legitimate, they'll have to manage to get their server on a regular 
> subdomain, with a regular reverse. (a dyn IP is not a stable MX for receiving 
> replies !)
> 
> Now, remembering that RBLs exists, you'll have the risk of receiving a 
> blacklisted IP, and won't have any authority to request a delisting.

I would imagine you are going to get a lot of false positives.  Case in
point, I am on a static ip with a *ppp* in reverse DNS.  I forward mail
through the ISP.

Edward