anti-spam question

Jerome M Berkman jerry at uclink.berkeley.edu
Mon Oct 14 23:27:37 GMT 2002


We have noticed a huge increase in spam this year.  We are trying to
figure out what to do about it, and we are wondering what others are
doing, and especially what has proved successful.

You can send your response to me and I will summarize; if you want, I
will summarize without saying what each site is using.

The server I help administer, uclink.berkeley.edu, has 40,000+ accounts
(students, staff, and faculty).  Users access their mail via POP and IMAP
clients such as Eudora, Netscape, and Outlook Express.

Please let me know if you have tried any of the following (or anything
else) and whether it was useful, especially on a large scale system:

- blackhole lists, RBLs, DULs, etc.  Which do you use or did you 
create your own?

- if you block, do you block on content, on IP address, or on "from "
address?

- tar pits to slow up the spam arrival rate 

- open source applications such as spamassassin or spamcop

- commercial solutions, such as those offered by BrightMail,
TrendMicro, and Sendmail, Inc.

Is your system opt-in or opt-out?

Do you use spamtraps?  What types?

Do you block spam or put it in a "grey" folder for the user to decide
what to do with?  If you block, do you block during the SMTP protocol
or bounce it later or just delete it without notice?

How do you prevent harvesting of addresses in your University's web
pages?  In departmental directories on the web?  From ldap
directories?

I will be going to the USENIX LISA conference in November; is anyone
interested in meeting there to discuss this?

	- Jerry Berkman,
	  UC Berkeley, jerry at uclink.berkeley.edu, 1-510-642-4804



More information about the unisog mailing list