Educause Security Discussion mailing list archives
Summary: Spam defenses besides traditional content scanning
From: Ben Spencer <ben.spencer () MOODY EDU>
Date: Mon, 23 Oct 2006 14:55:08 -0500
Total responses: 4 separate institutes (5 individuals) Of those: Technology 4 - use greylisting 1 - uses DCC (standalone) 3 - use content scanning along with greylisting 1 - uses other non-content scanning defenses 2 - made comments regarding systems which don't properly handle the delay code returned by greylisting. Politics: 1 - Didn't convey that they were using greylisting to the user community (and has had no backlash from the initial delayed email) 2 - Implemented technologies with praise from the user community (went from no spam defenses to having defenses and the users were grateful to have something in place) 1 - Implemented a solution which replaces a previous solution which wasn't meeting user expectations. 1 - Does allow for exceptions for those people who really want all of the spam Summary: Implementation of greylisting went well overall with little or no backlash from the user community. That may be attributed to the massive amount of spam which the people were receiving previously due to no defenses or poor defenses being in place previously. It could also be the result of no noticeable impact on valid email which comes in. With only four responses, it may also be noted that greylisting may not be a widely adopted spam fighting method. Quotes: -) No negative side effects. We have reduced our email volume by 75% by using a combination of the three [greylisting, email address validation, content scanning and reputation analysis] -) We have had a few servers that don't support the tempfail that greylisting does (some will send over and over and stop before the 15 minute wait and others never try to resend). When this is found we will add that server to a white list. We also use a global whitelist of servers that are known to have problems like this. Thank you to all who responsed. Benji --- Benji Spencer System Administrator Ph: 312-329-2288
Current thread:
- Summary: Spam defenses besides traditional content scanning Ben Spencer (Oct 23)