I sent this out to the 15-person office of one of my tech clients on Saturday. That’s a lot of damned spam for 15 people. … Since installing the spam filter on March 28 it has blocked at least 14,444 pieces of spam. The spam filter conservatively assigns points or fractions of points for hundreds of different rules which tend to indicate a message is spam. Five total points or more means a message is blocked. The spammiest, or highest-rated message, had 53.6 spam points. Another 12,611 messages were rejected because they were sent to a non-existent addresses on our system. Many of these messages were sent using the dictionary attack method (in which spammers send messages to common names in our domain, such as anne@domain, barbara@domain christine@domain, etc.) and were rejected by the mail server program without the help of the spam filter. Some messages were sent to employees who are no longer with the company, 1663 to one employee who has been absent from the company for more than two years. 666 more messages were rejected by the mail server before ever reaching the spam filter because the sender’s address was fake, a common spammer’s trick. 405 more messages were rejected because the sender was trying to use our mail server as an illegal relay. Many of these messages were tests, in which the spammer sent a message to himself. If the test was successful, it would mean the mail server was wide open and could be used to illegally spew spam messages to the rest of the Internet. Fortunately, all these test failed because our mail server is secure. Grand total of messages rejected: 28,126. Now imagine it was a big company…
Grant Barrett