Print Page | Close Window

AuthorizedTo success

Printed From: LogSat Software
Category: Spam Filter ISP
Forum Name: Spam Filter ISP Support
Forum Description: General support for Spam Filter ISP
URL: http://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=5527
Printed Date: 24 October 2017 at 3:41am


Topic: AuthorizedTo success
Posted By: Analytical
Subject: AuthorizedTo success
Date Posted: 28 February 2006 at 4:18pm

I found that the AuthorizedTo list has done more to stop spam and spam attacks than any other filter.  We are an ISP and were being hit hard with phishing spam attacks.  Once we decided to use the AuthorizedTO feature we found it not only cut the spam but allowed our spamfilter processor to move from heavy to relaxed.

After we realized the benefits of this filter we wrote a service that pulls valid email addresses from our ISP mail server (it uses an SQL database) and merges them with a manual list (for clients that have their own email server), sorts them, removes any duplicates and saves them in a text file for the Spamfilter. The service runs every five minutes if there are changes it saves a new AuthorizedTo file. With this service any new email address added to a clients hosted email account (even by the client) is added to the AuthorizedTo list without any effort on our part.

I just thought I'd share how we made this filter work for us. 

 

 



-------------
His and yours,

Dwight



Replies:
Posted By: mikek
Date Posted: 01 March 2006 at 10:47am

We're doing the same thing here, our mail server also uses an sql database, and this really works great!

Regards,

Mike



Posted By: sgeorge
Date Posted: 01 March 2006 at 11:01am
Very cool.  I know that you both mentioned that you're mail servers use SQL databases...  but would anyone know how to retrieve a list of emails from a mail server that supports LDAP queries?

Thanks,
Stephen


Posted By: Desperado
Date Posted: 01 March 2006 at 4:47pm

Nice idea in theory BUT, in our application, many customers have "Catch All" addresses and many we simply forward to THEIR mail servers so we have no way of knowing what addresses are valid or not.

Having said that, believe it or not, when I do use the AuthorizedTo list on my own mail server, which only has 90 or so accounts and they are all defined, 99.2% of all messages are blocked! Look below.

javascript ;" target=_blank onclick="set_sort_column0, 'action'; return false; - Action javascript ;" target=_blank onclick="set_sort_column0, 'messages'; return false; - Messages javascript ;" target=_blank onclick="set_sort_column0, 'bytes'; return false; - Bytes
javascript ;" target=_blank onclick="zoom0, 'action', 'Dropped__HexEsc__20Connection'; return false; - Dropped Connection 478,570  93.2 %  8.69 M
2 javascript ;" target=_blank onclick="zoom0, 'action', 'quarantined'; return false; - quarantined   16,449 3.2 % 68.70 M
3 javascript ;" target=_blank onclick="zoom0, 'action', 'sent__HexEsc__20to__HexEsc__20NULL'; return false; - sent to NULL   13,325 2.6 %   2.00 k
4 javascript ;" target=_blank onclick="zoom0, 'action', 'Bypassed__HexEsc__20all__HexEsc__20rules'; return false; - Bypassed all rules     2,382 0.5 % 72.25 M
5 javascript ;" target=_blank onclick="zoom0, 'action', 'accepted'; return false; - accepted     1,547 0.3 % 35.69 M
6 javascript ;" target=_blank onclick="zoom0, 'action', 'rejected'; return false; - rejected     1,096 0.2 %   1.82 M
  Total       513,369 100 %       187.15 M



-------------
The Desperado
Dan Seligmann.
Work: http://www.mags.net
Personal: http://www.desperado.com



Posted By: Dan B
Date Posted: 21 March 2006 at 5:32pm

Dan,

We too have CatchAll Accounts within our mailserver and using the AuthorizedTo feature without any problems.  In the AuthorizedTo list just use an mailto:*@yourdomain.com - *@yourdomain.com  as the catchall domains and it will still allow the other domains to have AuthorizedTo addresses.

Dan B



Posted By: dcook
Date Posted: 21 March 2006 at 6:10pm
Good points, we also are an ISP ... for our clients that have catch all accounts or have their own mail server with spam filtering we uncheck the 'authorized to' list in the custom domain filters. This only applies to a few clients. Most clients havre retired their catch all accounts. They decided that they get too much spam.


-------------
Dwight
www.vividmix.com



Print Page | Close Window