Skip to main content
This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal

Notes/Domino 6 and 7 Forum

Notes/Domino 6 and 7 Forum

  



~Karl Eknuplopoopsi 22.Jan.03 04:41 PM Lotus Notes
Domino Server 6.0 Windows 2000


In the light of some recent discussions here on RBLs and spam prevention, I thought it worthwhile to go back to my data and analyse recent inbound SMTP traffic to my Domino hosts. Summary results are represented by this chart:

This represents 1 week's worth of inbound SMTP to my site, a medium sized, UK based business in the automotive sector.

Key findings:

Only 43% of inbound SMTP resulted in the successful delivery of a message - that is, 57% did not for various reasons.

The slice called "DNSBL Spamhausen" includes the Spamhaus block list and SPEWS - this is all spam.

The slice called "DNSBL Abuse" includes various DNSRBLs listing open proxies, open relays and dial-ups.

Spamcop is shown by itself, because it straddles these categories (simply put, spam stopped by Spamcop can be relay spam or spamhaus spam)

The "false positive" rate is actually 0.6% (shown here as 1% due to rounding in Excel) - it is shown at that point in the chart because recent false positives were a) a dsbl listing of a supplier's open relay and b) a Spamcop listing of a smart host at an ISP which was being abused at the time. Both issues are now resolved.

"Local block list and other failures" includes:
  • mail from envelope contains a non-existent domain
  • mail from envelope contains one of my local domains
  • rcpt to envelope is not local (attempted relay or relay test)
  • rcpt to envelope is not valid because username portion does not exist - can be caused by misspelling of a real user's name, mail to a user who has left the company or a dictionary attack
  • connecting IP is listed in my local block list Database 'Notes/Domino 6 Forum', View '1. Date\Threaded', Document 'RE: SPAM-Prevention and Deny Connections'

Mail to my spam traps is very low at the moment (<20 items of spam in the past week, although most of these are within the past two days). There have been no spam complaints from users during this period.

This confirms what I and others have reported - a very substantial rise in spamming activity of recent months. I see nothing in my recent data which suggests that this growth is slowing.

I hope this information is useful to Domino admins who are still undecided on a spam prevention strategy.






FYI: Effect of DNSRBL - some mail b... (~Kelly Zekwebur... 22.Jan.03)
. . * Cool info, thanks Christopher. =B... (~Dan Nimponekon... 22.Jan.03)
. . Excellent info Christopher. I have ... (~Dan Elhipister... 22.Jan.03)





  Document options
Print this pagePrint this page

 Search this forum

  Forum views and search
Date (threaded)
Date (flat)
With excerpt
Category
Platform
Release
Advanced search

 RSS feedsRSS
All forum posts RSS
All main topics RSS