Toby DiPasquale on 6 Oct 2007 00:24:31 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] spam traps and solutions


On Fri, Oct 05, 2007 at 10:59:12AM -0400, Sean C. Sheridan wrote:
> For the last 12 years I've been using email.  At one point it was actually
> useful, but it's really becoming a burden.
> 
> Up until last week I was doing a fairly good job of trapping spam, most of
> them end up in my Spamassassin (SA) trap.  This week is a different story.
>  I'm now getting 300-400 spam per day that do not get trapped.
> 
> These new emails are short and, of course, use forged headers.  Many of
> them score 6-6.5 on the SA filter, my cutoff is set at 7.0.

Write a plugin for SA that probabalistically throws out stuff that marks
at 6.0-6.5 and see how many FP's you get. That might work for you.

> I like the direction Meng's "Sender Policy Framework" was headed, but has
> it been adopted universally?

More so than DKIM, but it is not and never was an anti-spam solution in
and of itself.

> I do not like the "use gmail to filter it" approach for a variety of
> reasons the most important being I don't have any interest in sharing my
> private email with a public company who will store it and search it at
> their discretion.

As opposed to a private company that you pay to filter your spam? I hate
to tell you, buddy, but they do the same thing. How do you think they write
new rules for their filters? Trying to save only the spam and succeeding
at this are two very different things.

> I just do not have time to look through my 27,000 currently trapped emails
> to see if I am missing an important new client request.

My solution is to delete them all. I can't be expected to look through
them all or keep up so I just figure if it was really important, they'll
write back. Or I missed something important and they don't write back, in
which case I'll probably never even realize that happened so it doesn't
matter...

> I could just refuse all the things SA thinks are spam, but then people
> argue that is a bad solution that leads to endless loops and bandwidth
> consumption.

Are you getting that much mail so as to worry about bandwidth consumption?

> note:
> It is uncommon that I'll get legitimate email from overseas, but uncommon
> is not equal to never.  Some of our biggest accounts came from Europe and
> Africa via email inquiries.

I guess the Tim Bray-style spam filter is out for you, then, eh?

> Before I go back to the dark ages and turn off email completely... which
> I'm strongly considering, is there any light at the end of the tunnel?

You can get the minimum spam possible by adopting a Challenge/Response
system. You will also, unfortunately, get the minimum legitimate email
possible with said system, as well.

> I suspect I'm not alone.  In fact I've argued for years that email is one
> of the biggest burdens on American business creating untold hours of
> inefficiency.

Yeah, we should totally go back to the fax machine. That was way better.
Get a grip.

> Does anyone have a good solution that I can implement on my fedora box
> that will trap the crap and never create a false positive?

Pay Postini or Brightmail or Cloudmark to filter your mail and forget
about it. Or pay Gmail even less to do the same job.

-- 
Toby DiPasquale
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug