For my own network, I implemented the two DNS blacklists listed in Figure 5—SpamCop and Spamhaus. SpamCop has proved to be an efficient blacklist for my needs because it's completely automated and mathematically determines when to remove systems from the list. Spamhaus focuses its efforts on tracking only the most egregious spammers—the roughly 200 that Spamhaus estimates to be the cause of approximately 90 percent of the spam on the Internet. Because Spamhaus's focus is so narrow, I generally trust its blacklist for my networks and those of my clients.
Good Dog
The first day that I implemented Fluffy, my spam load decreased by 80 percent and I blocked several dozen executable attachments that were designed to infest my network. Now, Fluffy defers 700 to 1500 connections a week for mail to my domain—so much that Fluffy has made my email accounts usable again. Fluffy is well worth the minimal amount of effort needed to set up the system. Over time, I'm confident that Fluffy will improve and become even more robust. A few of the items expected to be added to Fluffy in the future (according to the program's author) are the ability to run Fluffy as a service and to automatically populate new whitelist entries according to outbound email going through Fluffy. If you want to avoid the scenario that cut short our administrator friend Joe's dinner plans, I suggest you take a look at Fluffy.