Custom Discovery Roof Rack
August, 2012 - Sierra Backpacking
July 22nd, 2012 - Hiking in Santa Barbara
July 15th, 2012 - Valley of Fire
May 5th, 2012 - Afton Canyon
April 28th, 2012 - Devils Playground
Convict Creek Trail
January 2012 - Mustangs
January 3rd, 2012 - Heart Lake
August 7th, 2011 - Kelso Dunes
August 5th, 2011 - Lundy Canyon Hike
August 2011, Mammoth Archery
Birds in the garden
June 4th, 2011 - San Gorgonio
May 29th, 2011 - Sequoia National Forest
April 23rd, 2011 - Living Desert
April 2nd, 2011 - Death Valley
March 8th, 2011 - Mountain Palm Springs
February 13th, 2011 - Iron Smelt
November 13th, 2010 - Mojave
October, 2010 - Mammoth
September, 2010 - Mammoth
September, 2010 - Duck Lake Trail Backpacking
Iron bloom forging
August 28th, 2010 - Mt. San Jacinto
OSM Import: US Designated Wilderness
July 25th, 2010 - Mojave Mustangs
July 17th, 2010 - Mojave Exploration
Bloomery furnace iron smelting
Open Street Map: Mojave Project
June 13th, 2010 - Mojave
June 6th, 2010 - El Cajon Trails
Wolf Mountain Sanctuary
March 28th, 2010 - Salton Sea
March 21st, 2010 - South Main Divide
March 13th, 2010 - Anza Borrego Wildflowers
March 7th, 2010 - CSULB Japanese Garden
February 2010 - Mammoth
Dakota and Asha Celebrate Christmas, 2009
November 21st, 2009 - Mojave Road
November 14th, 2009 - Anza Borrego
Exploring The East Mojave: The Afton Canyon Area
Broken flex plate
Remote Image Serving
Astro/night photography in Inyo National Forest
Wild Mustang Sightings
September 26th, 2009 - Night Photography In Frazier Park
August 15th, 2009 - Catalina dive trip
January 24th, 2009 - Mojave Exploration
July 2008 Mammoth Vacation
President Barack Obama!
April 12th, 2008 - Wildflowers and Landmarks
My Grandfather's Alfa Romeo Spider
March 8th, 2008 - Carrizo Plain
Bridge To Nowhere
October 20th, 2007 - Big Bear Camping
October 22nd, 2007 - Fire
Scottish Highlands, Aug 7th, 2006
Scottish Highlands, Aug 6th, 2006
August 5th, 2007 - Duck Lake Trail
May 26th, 2007 - Kelso Dunes
Culloden Battlefield, Aug 5th, 2006
May 20th, 2006 - Irwindale Renaissance Faire
Edinburgh, Aug 4th, 2006
The Clifs of Moher, Aug 3rd, 2006
The Burren, Aug 2nd, 2006
Bunratty Castle, Aug 1st, 2006
May 5th, 2007 - Mojave
Truck Audio/Data Network
2007 - Master Bath Remodel
The Ring of Kerry, Jul 31st, 2006
Victory in 2006!
Blarney and Killarney, Jul 30th, 2006
Dublin and Cork, Jul 29th, 2006
Dublin, Jul 27th & 28th, 2006
What Can I Do?
April 30th, 2006 - Anza Borrego
New desktop: Intel 805 D
Jan 7th and 14th, 2006 - Hiking
Whiting Ranch Hiking
Digital Photography with Linux
September 5th, 2005 - Living Desert
August 19th, 2005 - Mammoth
Hiking and Photography
July 30th, 2005 - Tucker Wildlife Sanctuary
Death, Fright and Photography
May 14th, 2005 - Red Rock
April 2nd, 2005 - Death Valley
Count Every Vote Act of 2005
Linear Logic ScanGuage
November 6, 2004 - Mojave
Super Tuesday, 2004
Canon A80 Camera
Jul 25, 2004 - Death Valley
May 4th, 2004
Landscaping - My Front Slope
Stump Pullin' Yeeee Haw!
Feb 22nd, 2004
Feb 16th, 2004
PostgreSQL Logfile Analysis
Mountains? Desert? Jan 30th, 2004
Jan 28th, 2004
Ceiling Cargo Basket
Front Bumper Version 2
Land Rover Valve Jobs
The Matrix: Revolutions
Greg Davis CDL Linkage
Mom's Turkey Gravy
Julian Pie Company
The KB1DIG 2-meter Halo Antenna
Gardening is hard!
Aug 13th, 2003
SQL and Perl
Jul 9th, 2003
Jun 17th, 2003
Some People's Comments
Dakota is a silly dog
The Matrix: Reloaded
Chris' Stage Bottle Harness
April 23rd, 2003
DVD Burning Under Linux
My Satellite Phone
My Near-Death Experience
Laser Cannon Revival
Front Bumper, Version 2
KPC 3 Plus and HTX-252
Moving, moving moving...
New new house
In Truck Dr. Pepper
My Favorite Toilet
Late Thoughts: Dr. Pepper Cooler
265/75-R16 Tires on a DII
George W. Bush
Horses Sep 14 2002
August 17th Yukon Dives
My Custom Front Bumper
Bracketless, Renamable Links
Jul 28 2002 Day Trip
Jedi Group, my T1 and money
A Bumperless Discovery!
My Custom Rear Bumper
Vanessa's 24th Birthday
Jun 30th Dive to Long Beach Canyon
PHP/PostgreSQL String Quoting
Tonsillectomy, Uvulaectomy and Turbinite Reduction
240 Watt CO2 Laser Cannon
The Tulsa Rib Company
The quality of hard disks these days
Email notification of articles
Email notification of comments
erikburrows.com source code
Renisance Faire Jun 9, 2002
Computers hate me, and it is mutual.
Star Wars Sucks!
Horses, Jun 1, 2002
Land Rover Mileage
Insomnia, Robin goes evil.
100 Watt Diode Laser Test Firing 1
2001: A Space Odyssey
TDI Deco Class
Horses, Apr 30, 2002
My Truck Batteries
The Zope Bible
100 Watt Diode Laser
The New www.erikburrows.com
Hunter the Kitty
Matts Desert Pics
|Spam -   2004/02/16||Viewed 83 times this month, last update: 2004/07/08|
|In addition to being a somewhat odd lunch meat, spam is the single most destructive force on the internet.|
Looking at my spam folder today, I noticed a funny thing:
I'm now getting almost 1 spam every two minutes. That's 720 spam messages per day. Since I get maybe 5 real emails per day, spam accounts for 99.3% of my email. Thankfully SpamAssassin does a good job of filtering them, so I only see about fifty per day, but am I alone in thinking that's just ridiculous?!
I know I get more spam than most people. It comes from having my email address being all over the internet, and almost all of the email addresses I've ever had still work, but still, I get so much spam, I'm loosing real email! Well, maybe loosing isn't the right word: It gets lost in the torrent of spam I live in every day!
What am I supposed to do?! I can't try to migrate to a private email address, I need people to be able to actually contact me from my web site, or from mail forums, or resume postings!
I'm on a spam killing rampage! I've replaced sendmail on my mail server with Postfix, and setup several spam filters. In addition to the truly awesome SpamAssassin, I'm doing lots of validation at the connection phase, six real-time-black-hole lists in addition to the ones SpamAssassin uses, Greylisting, Vipul's Razor, DCC and SPF validation!
I'm now down to about 10 spam messages per day that actually make it into my inbox. 20-30 more make it into my spam mailbox. I'm cured! But does that stop me? No! I'm very happy that by using DCC and Razor, I'm contributing to a community driven database of spam messages, helping others, who help me. It's great, but, now that the flood of spam has cleared, I can see other problems: People are spoofing me in their spam! I'm getting 20-30 messages per day from other mail servers saying that I was trying to send spam to their users! This is a known problem. Anyone can send an email with a from line of email@example.com, and when that email failes to be delivered, the remote mail server will dutifully send a failure message to firstname.lastname@example.org, which, of course, is me!
So now I'm going to get into the SPF promotion game. If these other servers were checking the SPF records I publish in the erikburrows.com TXT records, they would see only one server authenticated to send email from erikburrows.com, and the offending spammers wouldn't be able to spoof from me. SPF people! SPF! How's this as an auto-response?
"You have been duped! This email is not from me. If you institute SPF on your mail servers, you'll save us both bandwidth, CPU cycles, and stress."
Steve Kehlet (2004-02-16): buy a mac :-). the mac mail client's filtering is very good, hardly any spam gets through to me.
I saw someone a while back with a cool autoresponder, white list sort of deal. You send the person an email, you get an automated response with instructions on how to proceed to actually get through to the guy. Once you're on the list, you're in. Not too much hassle. Might not be good for resumes though.
Matt Bell (2004-02-16): The're otta be a law, goshdarnnit!
I feel that commercial advertising via e-mail should simply be banned. It takes up way too much bandwith for little return.
Erik (2004-02-16): Steve, I'm very happy with SpamAssassin. I don't think it's given a false-positive for any human-written message, but it has flagged a couple of emails from monster.com, where the job posting looked like a "work from home" spam message. An auto-whitelist system would be good for a public email address. That might make the public/private address system workable...
Matt: There are several laws. They're very hard to enforce however. I was on the other side of the fence for a while with my previous employer (passive! I never sent one spam message!), and I got to see just how hard to track down the hard-core spammers are, and how hard it is to defend against them.
Matt Bell (2004-02-16): I think the enforcement should fall on the advertisers, without them as clients, the spammers whould have no income and therefore no reason to continue. IE: make it illegal to advertise via spam not illegal to send spam, since that is damn near impossible to enforce. This would require an international accord, since most of the worst offendors are hiding in offshore nations that have no enforcement at all.
Erik (2004-02-16): That would only catch the least offensive spammers: Those who outsource the actual mass-mailing. These spammers are already being pretty severely limited by the mass-mail companies, simply because those companies can't afford to have too many complaints, or they're shut down as well.
The really nasty spammers are those who crack into machines to spam, with viruses, worms and script kiddies. These are the same spammers using email address "harvesters", and seem to have a staff of regular-expression writers to decode things like erNOSPAMik (At) erikburrows.no-spam.com.
Matt Bell (2004-02-16): They still need a customer to pay for the ad. Heavily fine the company paying for the spam and it will dry up. (For the spam to be effective, you must be able to identify the company being advertised otherwise how could you buy something from them)
Erik (2004-02-16): Actually, it's often very hard or impossible to identify the real company or person behind a spam email. These guys go to great lengths to hide their real identity. All they're interested in is getting your credit card number. If you're too smart to buy from someone who you can't identify, you're probably not the kind of person who is even going to open their email. I think it'd be fairly easy once you actually got the product you ordered, since it'd have to have a UPS or FedEx account number or street address on it, but there are ways around that too.
Matt Bell (2004-02-16): I suppose you're right, there are probably more fake companys trying to scam someone than actual companys advertising. Evil fucktards, kill them all. (Not that I'm bitter or anything..)
Erik (2004-02-16): They are evil. Truly evil. They're ruining the internet.
Jon (2004-02-17): We need registration and authentication for mail servers. Anything else will make the problem worse.
Erik (2004-02-17): Registration for which mail servers? earthlink's? aol's? erikburrows.com's? Even if that was feasible, how would that protect us against spammers who hack into otherwise legitimate mail servers (or personal computers) to send spam? Unless we're all willing to run OpenBSD (nearly unhackable), and be willing to go through a application process just to talk to each person we've never emailed before, I don't think registration would work.
One idea I think is intriguing is: Everyone should run spam filters, where for each email you receive, the spam filter program downloads every image, and accesses every HREF link, downloading all the images on that page, and maybe even walking the site a bit. For the individual, this would mean a small increase in bandwidth, but for the spam sender, it means that each of the 100,000,000 recipients is hitting their site HARD all at the same time. The load would be unbearable for most sites, and would at least limit their rate of send.
Matt Bell (2004-07-07): Chris just got Spamassassin working, what a difference! I'm also using Thunderbird and after a little training, it's almost getting them all.
Erik (2004-07-07): Since Monday morning, I've gotten 50 spam messages. Nearly all of those were caught by Spamassassin. RBL! SPF! Razor! DCC!!! RBL! SPF! Razor! DCC! Yeah!!!
Steve Kehlet (2004-07-08): You're nuts man. But I guess if I were taking in as much spam as you I might go crazy too.
Erik (2004-07-08): Yes, you would, but you don't fool me. I know you suffer as much as I do, if not personally, as an admin for lots of people. The same recipe for ham that worked for me will save your mail servers and spool files too!
Steve Kehlet (2005-06-03): Recently I've been getting a lot of spam, and I finally realized it's because my Mac at home is going to sleep and not filtering anything! Ahh well, client-side filtering isn't the best solution anyway. So I just set up SpamAssassin on my mail server and have been enjoying watching it identify spam as it's pouring in. I've got procmail ready to automatically file it away. Also, I noticed SpamAssassin is doing SPF detecting, so that encouraged me to register an appropriate SPF entry for my domain.
Erik (2005-06-15): Sorry it took me so long to respond. I know the SPF thing didn't work out for you, but how has your filtering setup progressed? More spam lately has been getting through my filters somehow, I'm up to maybe 10 per day. Grrr...
Steve Kehlet (2005-06-15): SpamAssassin has been working great. It's successfully tagged 40 in the last week. A couple spams have slipped through, but only because I haven't (yet)lowered the required spam score threshold from the default of 8. Thanks for the inspiration...
Erik (2005-06-15): I still have SpamAssassin's threshold set to the default, and maybe I should tweak it, but I still find a ham in with my spam folder every so often...
I have two special mail folders, called train-good and train-bad that I have sa_learn scan nightly, so I can copy emails into those folders for easy training, and I've been trying to give it as much ham as possible (The SA docs say a 10:1 ratio of ham:spam is good), but it's hard to get it enough!
Combine that with decisions like: Are the promotional emails from American Express, that look an awful lot like my monthly statements, spam?