|
|
Login or register: |
|
|
 |
||||
|
|
|
|
|
|||||||
|
||||||||||
|
|
|
|
|
|
|
||||
|
|
|
Resources: ImageServer Friends: Jon Sullivan Mark Blair |
|
|
|
||||
| ||
| In addition to being a somewhat odd lunch meat, spam is the single most destructive force on the internet. Looking at my spam folder today, I noticed a funny thing: 
I'm now getting almost 1 spam every two minutes. That's 720 spam messages per day. Since I get maybe 5 real emails per day, spam accounts for 99.3% of my email. Thankfully SpamAssassin does a good job of filtering them, so I only see about fifty per day, but am I alone in thinking that's just ridiculous?! I know I get more spam than most people. It comes from having my email address being all over the internet, and almost all of the email addresses I've ever had still work, but still, I get so much spam, I'm loosing real email! Well, maybe loosing isn't the right word: It gets lost in the torrent of spam I live in every day! What am I supposed to do?! I can't try to migrate to a private email address, I need people to be able to actually contact me from my web site, or from mail forums, or resume postings! Update 2004/07/06 I'm on a spam killing rampage! I've replaced sendmail on my mail server with Postfix, and setup several spam filters. In addition to the truly awesome SpamAssassin, I'm doing lots of validation at the connection phase, six real-time-black-hole lists in addition to the ones SpamAssassin uses, Greylisting, Vipul's Razor, DCC and SPF validation! I'm now down to about 10 spam messages per day that actually make it into my inbox. 20-30 more make it into my spam mailbox. I'm cured! But does that stop me? No! I'm very happy that by using DCC and Razor, I'm contributing to a community driven database of spam messages, helping others, who help me. It's great, but, now that the flood of spam has cleared, I can see other problems: People are spoofing me in their spam! I'm getting 20-30 messages per day from other mail servers saying that I was trying to send spam to their users! This is a known problem. Anyone can send an email with a from line of foo@erikburrows.com, and when that email failes to be delivered, the remote mail server will dutifully send a failure message to foo@erikburrows.com, which, of course, is me! So now I'm going to get into the SPF promotion game. If these other servers were checking the SPF records I publish in the erikburrows.com TXT records, they would see only one server authenticated to send email from erikburrows.com, and the offending spammers wouldn't be able to spoof from me. SPF people! SPF! How's this as an auto-response? "You have been duped! This email is not from me. If you institute SPF on your mail servers, you'll save us both bandwidth, CPU cycles, and stress." | ||
|
Comments: Steve Kehlet (2004-02-16): buy a mac :-). the mac mail client's filtering is very good, hardly any spam gets through to me. I saw someone a while back with a cool autoresponder, white list sort of deal. You send the person an email, you get an automated response with instructions on how to proceed to actually get through to the guy. Once you're on the list, you're in. Not too much hassle. Might not be good for resumes though. Matt Bell (2004-02-16): The're otta be a law, goshdarnnit! I feel that commercial advertising via e-mail should simply be banned. It takes up way too much bandwith for little return. Erik (2004-02-16): Steve, I'm very happy with SpamAssassin. I don't think it's given a false-positive for any human-written message, but it has flagged a couple of emails from monster.com, where the job posting looked like a "work from home" spam message. An auto-whitelist system would be good for a public email address. That might make the public/private address system workable... Matt: There are several laws. They're very hard to enforce however. I was on the other side of the fence for a while with my previous employer (passive! I never sent one spam message!), and I got to see just how hard to track down the hard-core spammers are, and how hard it is to defend against them. Matt Bell (2004-02-16): I think the enforcement should fall on the advertisers, without them as clients, the spammers whould have no income and therefore no reason to continue. IE: make it illegal to advertise via spam not illegal to send spam, since that is damn near impossible to enforce. This would require an international accord, since most of the worst offendors are hiding in offshore nations that have no enforcement at all. Erik (2004-02-16): That would only catch the least offensive spammers: Those who outsource the actual mass-mailing. These spammers are already being pretty severely limited by the mass-mail companies, simply because those companies can't afford to have too many complaints, or they're shut down as well. The really nasty spammers are those who crack into machines to spam, with viruses, worms and script kiddies. These are the same spammers using email address "harvesters", and seem to have a staff of regular-expression writers to decode things like erNOSPAMik (At) erikburrows.no-spam.com. Matt Bell (2004-02-16): They still need a customer to pay for the ad. Heavily fine the company paying for the spam and it will dry up. (For the spam to be effective, you must be able to identify the company being advertised otherwise how could you buy something from them) Erik (2004-02-16): Actually, it's often very hard or impossible to identify the real company or person behind a spam email. These guys go to great lengths to hide their real identity. All they're interested in is getting your credit card number. If you're too smart to buy from someone who you can't identify, you're probably not the kind of person who is even going to open their email. I think it'd be fairly easy once you actually got the product you ordered, since it'd have to have a UPS or FedEx account number or street address on it, but there are ways around that too. Matt Bell (2004-02-16): I suppose you're right, there are probably more fake companys trying to scam someone than actual companys advertising. Evil fucktards, kill them all. (Not that I'm bitter or anything..) Erik (2004-02-16): They are evil. Truly evil. They're ruining the internet. Jon (2004-02-17): We need registration and authentication for mail servers. Anything else will make the problem worse. Erik (2004-02-17): Registration for which mail servers? earthlink's? aol's? erikburrows.com's? Even if that was feasible, how would that protect us against spammers who hack into otherwise legitimate mail servers (or personal computers) to send spam? Unless we're all willing to run OpenBSD (nearly unhackable), and be willing to go through a application process just to talk to each person we've never emailed before, I don't think registration would work. One idea I think is intriguing is: Everyone should run spam filters, where for each email you receive, the spam filter program downloads every image, and accesses every HREF link, downloading all the images on that page, and maybe even walking the site a bit. For the individual, this would mean a small increase in bandwidth, but for the spam sender, it means that each of the 100,000,000 recipients is hitting their site HARD all at the same time. The load would be unbearable for most sites, and would at least limit their rate of send. Matt Bell (2004-07-07): Chris just got Spamassassin working, what a difference! I'm also using Thunderbird and after a little training, it's almost getting them all. Erik (2004-07-07): Since Monday morning, I've gotten 50 spam messages. Nearly all of those were caught by Spamassassin. RBL! SPF! Razor! DCC!!! RBL! SPF! Razor! DCC! Yeah!!! Steve Kehlet (2004-07-08): You're nuts man. But I guess if I were taking in as much spam as you I might go crazy too. Erik (2004-07-08): Yes, you would, but you don't fool me. I know you suffer as much as I do, if not personally, as an admin for lots of people. The same recipe for ham that worked for me will save your mail servers and spool files too! Steve Kehlet (2005-06-03): Recently I've been getting a lot of spam, and I finally realized it's because my Mac at home is going to sleep and not filtering anything! Ahh well, client-side filtering isn't the best solution anyway. So I just set up SpamAssassin on my mail server and have been enjoying watching it identify spam as it's pouring in. I've got procmail ready to automatically file it away. Also, I noticed SpamAssassin is doing SPF detecting, so that encouraged me to register an appropriate SPF entry for my domain. Erik (2005-06-15): Sorry it took me so long to respond. I know the SPF thing didn't work out for you, but how has your filtering setup progressed? More spam lately has been getting through my filters somehow, I'm up to maybe 10 per day. Grrr... Steve Kehlet (2005-06-15): SpamAssassin has been working great. It's successfully tagged 40 in the last week. A couple spams have slipped through, but only because I haven't (yet)lowered the required spam score threshold from the default of 8. Thanks for the inspiration... Erik (2005-06-15): I still have SpamAssassin's threshold set to the default, and maybe I should tweak it, but I still find a ham in with my spam folder every so often... I have two special mail folders, called train-good and train-bad that I have sa_learn scan nightly, so I can copy emails into those folders for easy training, and I've been trying to give it as much ham as possible (The SA docs say a 10:1 ratio of ham:spam is good), but it's hard to get it enough! Combine that with decisions like: Are the promotional emails from American Express, that look an awful lot like my monthly statements, spam? permalink |
