I blogged about a year an a half ago about spam killing statistics
on my server. I thought I'd post an update since then. These are the spam
rejections from the past 10 days.
- viruses rejected by ClamAV: 14 (all phishing
attempts — no actual viruses)
- spam rejected by SpamAssassin: 194
(this doesn't count spam eliminated by
greylisting, since there's no easy way for me
to get those stats)
- rejected by the DNSBL at zen.spamhaus.org: 4,603
- rejected by the DNSBLs at rfc-ignorant.org (dsn
and bogusmx): 16
- sent to a nonexisting user: 451
- relay attempts: 37
- failed sender verification: 48
- bogus bounce messages (backscatter from spam):
7
- mail delivered to my inbox: 873
Obviously, these numbers don't show the whole picture — they're only based on
10 days of activity. For example, the backscatter that I get seems to happen
in waves, so it's low now, but some times, it's huge.
So in all, in the past 10 days, my mail server rejected 5,370 messages
(compared to 3,281 from my last blog) and accepted 873 (compared to 564 from my
last blog) messages. I also have another layer of spam filtering when I fetch
the mail from my server.
So, spam volumes are up by about 1.6 times. General mail volume is also up —
I'm subscribed to a few more mailing lists.
Changes to my filtering setup since last time include:
- using DNSBLs: this drops a lot of spam, as you can see, and reduces the load
on my server (since they only require a DNS lookup, and don't need to be
content scanned
- lowering the threshold for SpamAssassin
- signing my outgoing envelope sender,
so that I can reject bogus bounces
- enabling sender verification
- enabling client SMTP authorization:
it doesn't make a showing in these stats, but it drops a few spam here and
there. I wish more people would publish CSA records. It's an easy check for
spoofing, and a dead giveaway if it fails. It just isn't very well known.
I've also started reporting some spam via spamcop.
currently reading:
email:
jabber:
(/Work-Swift)
