Re: [vox] ricochet
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [vox] ricochet
1. i've found that using ORDB has cut my spam down by about 90%. rod
roark turned me on to ORDB, and i worship the ground he walks on for it.
it has, quite literally, changed my life for the better.
2. thanks for the informative ricochet post. i'd like to point out that
spamcop actually searches http: links in spam, so it sounds better
than ricochet at least in that regard.
what would really be useful is if you can post some other differences
between ricochet and spamcop. i'm not loyal to spamcop per se -- if
ricochet is better, i'd switch to it in half a heartbeat.
3. i've also found that using the MTA itself is a great way to start
shaving off non relayed spam. again, rod has set up spam filtering for
postfix. very handy. that, coupled with using ORDB, has made the
amount of intercepted spam i have to deal with for vox/vox-tech very
low. since i use debian/exim, i modified /etc/inetd.conf so that exim
is tcp wrapped. when a piece of non-relayed spam does come through, i
simply drop the IP address into /etc/hosts.deny and boom da-da-bing,
i never get bothered by that IP address again. i've completely cut off
all contact with hinet.net and ethome.com.
begin William Kendrick <firstname.lastname@example.org>
> I just installed a perl script called "Ricochet" on my ISP account.
> It's quite nifty, sets itself up, has very good documentation, and pretty
> easy-to-understand configuration files.
> What does it do, you ask? You feed it a piece of spam e-mail and it does
> all of the tedious whoises and nslookups to determine _where_ the spam
> originated, and forwards it to the appropriate abuse/postmaster addresses
> responsible. :)
> Very nice! :) Most people simply delete spam as it comes in. I always
> thought that simply didn't help solve the problem as a whole. Back when
> I had far too much free time, I would examine the headers manually
> and do all of the network tracing by hand.
> Lately, I haven't had time, so I've collected nearly 15MB of spam - about
> 1700 messages, in the last two months alone! :)
> But now, rather than having to simply [D]elete it all, I can now type
> [S] (which I've bound to a command pipe in Mutt) to have Ricochet report
> it for me. :) (It even backgrounds itself, so it takes zero time on my part!)
> Anyway... I highly recommend it! :) I'm also vaguely looking into another
> spam reporting perl script named, simply, "spam.pl":
> It's not documented quite as lovingly as ricochet, and sounds like it might
> not be quite as robust, but it does appear to have one advantage... it sounds
> like it actually examines "http://" URLs and e-mail addresses embeded in
> the body of messages, not just the mail headers.*
> Anyway, enjoy! :) Happy new year, everyone!
> * - Simply killing a single account used by a spammer obviously doesn't help
> _too_ much in the long run. It deters them, though. But if you get their
> website taken out, there goes their revenue (whatever piddly amount
> their idiotic scheme may be collecting from the dumbest of the victims).
> Most web hosting services, especially free ones, are very much against
> spam and/or commercial content, so they appreciate getting spam reports
> too, even if the e-mail ITSELF didn't come from their servers.
PGP Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D
PGP Public Key: finger email@example.com
vox mailing list