[ale] Anti-virus

Chris Ricker kaboom at gatech.edu
Thu Sep 23 12:37:06 EDT 2004


On Wed, 22 Sep 2004, James P. Kinney III wrote:

> I don't like having to maintain black/white lists for clients. DSPAM
> makes for a happy middle ground. If they want to get mail from a
> source/type/style, they simply mark it as not spam. I haven't found an
> easy way for some of my more "technically challenged" people to use
> white/black lists from multiple machines both inside and outside the
> LAN.
> 
> But, yes, spamassassin gets great marks when coupled with white/black
> lists.

It's really not that bad. Whitelists are just necessary to deal with
idiocies (for example, FedEx, which sometimes spoofs 2821 From as the 2822
recipient). Once you've set up the needed ones in your environment, there's
little ongoing maintenance needed.

Blacklists shouldn't ever really be needed, unless you just want to
blacklist someone as a matter of policy / to save CPU cycles (ie, you know
you'll never want to accept emails from, say, letshump.com, so why not
blacklist it and skip the scanning?). If you're doing a lot of maintenance
of your lists, its because you're relying them, not SA rules, to do all your
blocking. Update your rules and you won't have to edit blacklists....

later,
chris



More information about the Ale mailing list