Home > Uncategorized > Spam filtering techniques

Spam filtering techniques

January 30th, 2015 Leave a comment Go to comments

The most significant things I’ve done to decrease spam and phishing attempts

  • bl.spamcop.net and zen.spamhaus.org RBLs
  • vendor RBL (barracuda)
  • blocked entire subnets of countries we don’t do business with
  • email rate control
  • attachment filters
  • virus filter
  • heuristics
  • subject line filters for cryptowall attempts and multi ip distributed campaigns
  • block some foreign countries if their reverse DNS resolves back to their country TLD (ex: cn = china), however I don’t block if reverse DNS rules don’t exist or are incorrect
  • block TLDs in header and body that are heavily abused (list below)

Heavily abused TLDs
.asia
.br
.click
.cn
.fr
.it
.link
.rocks
.ru
.tw
.ua
.ve
.xxx
.xyz

Print Friendly
Categories: Uncategorized Tags:
  1. No comments yet.
  1. No trackbacks yet.