Dwight,

Second question first ... The stats were a copy from our administrator page so I can't really give access to the actual web site.  Only our admins have that.  What stats were you looking for?

First question:  I guess we have to define "False Positive" for that one.  As an ISP, we have taken the stance that there is no excuse for "dotted IP's" in a URL.  If you can't put a DNS host name in, and validate some traceable ownership of that IP, we view that as obfuscation. By our definition, that's Spam.  So, by our definition, we have no false positives.

We have had cases where perfectly valid email had dotted IP's in a url and our customer informed their sending party and they fixed it.

I am not sure that was what you wanted to hear but it is our policy.  Again, what stats are you looking for?  I can try to give you a "snapshot" of our stats but I can't give public access to the site itseld.

Dan S.

No.  I have written a complete application in ASP for my customere, my "advanced" customers, and our internal Administrators.  The snapshot came from my advanced manager.  I see that the snapshot was "cut off" at the bottom.  I may put a link up of some sample screen shots to give users some ideas on what can be easily done to get some of this information out of the system.

Dan S.

John,

Actually, we have a primary and a secondary mail server.  The primary is "Bluto" and the secondary is "Raptor".  They are located in 2 separate locations but "report" to the same MS SQL server.

Dan S.

Dean,

The list I CURRENTLY use is as below HOWEVER ..... my list blocks a bunch of "Lists" that use a lot of extra garbage in their messages so I also have included a list of "Excluded From Addresses"

KEYWORDS:

((http|3dhttp)://.{0,26}(((%.+%))|@|:)[(\d|\w)])
(http://+[\d]{1,3}\.{1}[\d]{1,3}\.{1}[\d]{1,3}\.{1}[\d]{1,3})
((<[!--]+[\x20]{0,1}[a-zA-Z0-9]{10,}[\x20]{0,1}[!--](.+)){2,})
(<[!--]+[a-zA-Z0-9]{2}(-->))
((http://http:/\w)|(<(\w){3,10}(\x20/>)|(\*http://w)))
(<(!-- )+[a-zA-Z0-9=]{28,}( -->))
(content\-type:\x20text/(html|plain)(;{0,1})\r\ncontent-transfer\-encoding:\x20base64\r\n)
((limited time (special|offer)))
(((arge your p)|(3 - 5 inches\!)|(herbalpillsonline)|(herbaltrials\.com)|(pillsavings)|(gsc\-100)))
((text\-decoration: blink)|(click here to start))
((your privacy is extremely important to us)|(this is not spam))
(http://www.(\w){1,20}(4u).(biz|com|net))
((application\.zip|details\.zip|document_9446\.zip|document_all\.zip|movie0045\.zip|thank_you\.zip|your_details\.zip|your_document\.zip|wicked_scr\.zip))
((re: )+(wicked screensaver|details|approved|thank you!|that movie|your application|re: my details))
(See the attached file for details)
(this email address will be expiring)
selectgroupmedia.com
getit4less.biz
generic viagra
Unsubscribe By Postal
debtelimination

Excluded From Addresses:

*@paypal.com
*@listproc.pcworld.com
*@industryweek.com
*@gpsadvantage.com
*@gwbakeries.com
*@peoples.com
*@*.lga2.nytimes.com
*@*.*.nytimes.com
*@softshare.com
*@regulusgroup.com
*.*@dell.com
*@e-news.fsonline.com
*@lists.n-email.net
*@lists.techtarget.com
*@lyris.stockupticks.com
*@multexinvestornetwork.com
*@newsletter.online.com
*@insightmedia.info
*@nhfairfield.com
*@newhorizons.com
*@rootsweb.com
*@*.rootsweb.com
*@returns.groups.yahoo.com
*@cygnuspub.com
*@*.classmates.com
*@listserv.usairways.com

Regards,

Dan S.