@marginalia Astrolabe II was interesting. I found that IP address was a strong indicator for spamminess, and wrote a batch host lookup using dnsjava (org.xbill.DNS) to query a DNS server I set up on a VPS (to avoid possible ISP rate-limits) and dump results to a SQLite db. My db will be stale now, but it was interesting data.
3 years ago 路 馃憤 marginalia
@kevinsan I use zimbra with only a few domains. It has a built-in spamassassin setup, and i use spamhaus with that. Works fairly well. I still do get spam, but only minimal. The usual applies. Make sure SPF is setup correctly, as well as DKIM, etc etc 路 3 years ago
@p13 what's your email setup? I self-host one domain, but my main domain is still GMail. Fear of spam has been part of my inertia in migrating away. 路 3 years ago
@kevinsan For mail, i've always used spamhaus. They've consolidated all of their blacklists into a single one. Check it out at: https://www.spamhaus.org/zen/
It will stop most of the trash from getting through. 路 3 years ago
@marginalia @p13 My plan was/is to analyse IPs of known spam hosts vs known good, and check new hostnames against IP ranges. I can imagine useful heuristics that could avoid blanket bans, e.g. ratio of good:bad in a given (or imagined) subnet. 路 3 years ago
Back in the old days, i would just keep track of the ASNs in china, india, pakistan, russia, etc, and just blanket drop the lot of it. 路 3 years ago
I would really like to get ahold of alibaba's IP ranges, as almost all nonsense that slips through seems to be hosted there. 路 3 years ago
It is indeed. Using a geo-IP database to straight up filter out hong-kong and russia removed like 95% of the bullshit. I also have restrictions on some TLDs and country-IPs where I'll just visit domain.tld and www.domain.tld; no other subdomains. 路 3 years ago