|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Michael Tokarev (mjt
tls.msk.ru)Date: Fri Jun 21 2002 - 08:16:19 CDT
Ian Prideaux wrote:
>
> I do. The messages that come into our spamtrap addresses get their
> headers, any blank lines in the body & any html comments removed. Then I
> do the MD5 signature of the remaining body and keep those in a .db file.
> I then wrote a content filter which checks all incomming messages
> against this database and if the message has an entry in the MD5 db,
> then it's spam and gets dropped (I also keep the most recent date
> against each signature, so that I can see which sigs are current). I
> keep an eye on the messages that get caught by the MD5 db, and I've not
> had a single false positive yet.
BTW, take a look to http://www.rhyolite.com/anti-spam/dcc/ - a Distributed
Checksum Clearinghouses. While the whole system is somewhat complex, but
it gives a good example of "fussy" checksumming algorithm that may be used
for such purposes.
/mjt
-
To unsubscribe, send mail to majordomopostfix.org with content
(not subject): unsubscribe postfix-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]