From: /dev/rob0 (rob0gmx.co.uk)
Date: Mon Aug 28 2006 - 17:26:37 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sunday 27 August 2006 20:17, E Hatt wrote:
> I am looking to move or copy existing e-mail from my inbox ( using
> k-mail in SUSe9.0) into one of the mail queue's in which I can flush
> out all of the e-mail. I am testing a new piece of spam hardware and
> will need to perform this "copy" and flush several times.

Two important points:

1. If the "spam hardware" is any good, then you are not giving it an
   adequate test in that way. It has to see the mail as it came in,
   with client IP address, reverse DNS, and HELO/EHLO. I don't know a
   better way to do this than with live mail. Set up a test subdomain
   and get some addresses in some spammers' lists.
2. If it only looks at content, it is vastly inferior in antispam
   capabilities to Postfix's native UBE control features. People who
   make money on spam without really understanding it tend to make the
   problem worse. And why not, it's their bread and butter!

Three secondary points:

1. "Hardware" is a misnomer in this context. There are software spam
   gateways which give you full control, and software spam gateways
   which restrict what you can do with it. Your "spam hardware" is
   surely in the latter category.
2. Spam continually evolves, both in content (as they move to foil
   content filters) and in network attributes (as "soiled" netblocks
   and domain names are discarded when they land in the DNSBL's.) Spam
   next month will be substantially different than spam last month.
   Testing with yesterday's spam is inadequate.
3. Thus, it's important to be able to stay on top of it, and a black
   box "spam firewall" is likely to be a detriment unless VERY well
   supported by the vendor.
--
    Offlist mail to this address is discarded unless
    "/dev/rob0" or "not-spam" is in Subject: header

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]