I have made a LOT of progress recently filtering outgoing spam. Outgoing spam filtering is very different than incoming spam and requires a new strategy. But I’ve figured out a few easy rules that seem to work very well. As you all know I prefer behavior based rules rather than content based rules (like SpamAssassin).

 

In blocking outgoing spam I make the following assumptions:

1) Spammers send a lot of email. so if the sender is not sending a lot of email, they aren’t spamming. So if the outbound rate is really low I don’t have to even look at it. It’s good.

2) Spammers tend to have a lot of bad recipients in their lists. So if it’s high volume and lots of bad email addresses then it’s probably spam.

This isn’t everything I do but it is the basic rules for outgoing filtering and it’s working really well so far.