Spam Filtering Updates.

Tue Apr 20 16:27:05 PDT 2004 — Spam Filtering Updates. The new default RBL set that we launched in conjunction with per-user MTA filtering controls have had a huge impact on the volume of spam that we accept for delivery to customers with little, or no, collateral damage. We’ve seen our mail flow to customers reduced from ~850 msg/min to less than 400 msg/min. This has significantly reduced load throughout our mail server complex. We didn’t stop here and are continuing to focus on additional methods to reduce the flood of spam.

On the 14th, we enabled a reflexive filter in the MTA that is rejecting between 110,000 to 180,000 known spams a day based off of signatures built off our own spam collection system in real-time. Due to limitations in the SMTP there is no way to make this filter optional. However, it is not needed as it is virtually impossible for a false positive hit to occur.

We are working to add some additional RBLs that users have requested, including some of the country based blackholes.us lists, and have a few other rules undergoing testing. Hopefully these will all be ready in the next few days.

We are also going to be enabling outbound email bulk detection in the next couple of days, possibly as early as tomorrow. The outbound bulk detection will begin to reject mail sent out through our servers once a unique or highly similar mail has been sent to more than a configured number of destination addresses. The bulk threshold is going to be initially set at 1000 and may change as need dictates. The outbound bulk detection goes a long way to ensure that our own outbound mail flow stays spam free and our mail servers stay out of blacklists when a customer’s computer or CGI is exploited to send spam through our network.

We are aware that our outbound bulk detection will block some legitimate uses of our mail servers. We strongly encourage customers who are running broadcast newsletters to set up and use a Sonic.net provided free mailing list which will not be so limited. Some users may be pleased to note that a mailman server is in the works to replace our majordomo sever. If using a free mailing list is not practical or possible, we can exempt customers from the bulk detection. For more information please contact support@sonic.net or visit news://news.sonic.net/sonic.antispam -Sonic.net Operations

Leave a Reply

Your email address will not be published.

*