Help - Search - Members - Calendar
Full Version: Trap Talk
SpamCop Discussion > Discussions & Observations > Mailhost Configuration of your Reporting Account
nogin
Mar 24 2004, 04:27 AM
What about spam traps? It seems to me that parsing of the spam traps for the BL still uses the old algorithm. Any plans to convert the spamtraps parsing to the mailhost-aware system as well?
julian
Mar 24 2004, 12:38 PM
QUOTE(nogin @ Mar 24 2004, 04:27 AM)
What about spam traps? It seems to me that parsing of the spam traps for the BL still uses the old algorithm. Any plans to convert the spamtraps parsing to the mailhost-aware system as well?

Actually, the spam traps were some of the first "users" to convert to the new system. What gave you the impressiong they did not? All the spamtraps are using it already, with great success. I wanted to do that before I let users loose on the system. Spamtraps generally have a much simpler configuration.

-=Julian=-
nogin
Mar 24 2004, 03:08 PM
QUOTE(julian @ Mar 24 2004, 12:38 PM)
QUOTE(nogin @ Mar 24 2004, 04:27 AM)
What about spam traps? It seems to me that parsing of the spam traps for the BL still uses the old algorithm. Any plans to convert the spamtraps parsing to the mailhost-aware system as well?

Actually, the spam traps were some of the first "users" to convert to the new system. What gave you the impressiong they did not? All the spamtraps are using it already, with great success.

Well, the reason I asked is that a llot of spam I receive now (after I switched to mailhost system) point to what appears to be adelphia.net (outgoing?) mail servers - 68.168.78.184, 68.168.78.190, 68.168.78.196, 68.168.78.199, 68.168.78.202, etc. Looking up the BL data for thise mailhosts, I have never seen any spamtrap activity, but if I look up the previous hop, then often it does have spamtrap data.

For example, In fact I quickly browsed my recent report and for all my recent adelphia.net spam the picture is like that - the last hop does not have spamtrap data and the previous one does...
julian
Mar 24 2004, 04:33 PM
QUOTE(nogin @ Mar 24 2004, 03:08 PM)
Well, the reason I asked is that a llot of spam I receive now (after I switched to mailhost system) point to what appears to be adelphia.net (outgoing?) mail servers - 68.168.78.184, 68.168.78.190, 68.168.78.196, 68.168.78.199, 68.168.78.202,  etc. Looking up the BL data for thise mailhosts, I have never seen any spamtrap activity, but if I look up the previous hop, then often it does have spamtrap data.

Hmm. Very astute.

I spot checked one of the tap hits against one of those internal hosts, and it didn't go through the main MX at all. So it looks like it's working the way it should.

But the as-yet unspoken corellary with all of this is that ISP's main mxes, if used for spamming, will be more likely to wind up on the BL. I think that's probably a good thing, both for the BL users and for 3rd parties who want to get less spam (more preassure on ISPs to lock down).

-=Julian=-
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2009 Invision Power Services, Inc.