Markku, > Markku Savela wrote: > The best techical solution that has been proposed seems to > be the "tarpit" solution: detect spam on the fly and slow > down the reception to trickle as "spamminess" grows. The > great feature of this is, that it actually would keep spam > "off my network" by stopping the flow. > I would think technically, one would run a frontend tarpit > pipeline on the standard SMTP port as follows > port 25 > --------> TARPIT ----> real SMTP on other port or host > ^ > | > SpamRules > TARPIT would listen incoming connections, establish another > connection to real SMTP server. It would examine the data > on fly and slow the incoming reception when the spam index > grows. Mail would not be rejected, just slowed, as > "spammines index" grows. I agree it's part of the solution; I use something like this already called BCWare NoSpam (http://www.bcwaresystems.com/nospam/). However, it's all about having good SpamRules. The SpamRules I currently use are based on IP address using multiple spamlists such as MAPS, Spamhaus and ORDB. Even with these real-time blackholing lists based on the source IP address it's not enough to block more than half of the spam if lucky. If you want SpamRules based on content (such as containing certain words in the text) you need to receive the entire thing. Problem is occasionally I have to retrieve a false positive so it is better at this time to have a filter in the email client that puts spam in a spam folder that can be searched. Unfortunately this does not help with storage space. The two systems are complementary, I think. > Of course, this solution only works if you are receiving your > mail directly. If you receive your mail via mail forwarder, > this won't help - the mail forwarder must be using it. Actually, you are incorrect here. I use a piece of software called Popcon http://www.christensen-software.com/popcon.htm It retrieves email from multiple pop3 accounts I have and analyze headers. Even if the SMTP server that received the spam does not filter, if one of the mail servers down the chain is a known open relay or spammer the spam is sent directly to the bit bucket and I never see it. I use the same blacklists as for BCWare NoSpam. Michel.