I personnally subscribe to the NakedPC newsletter.... I got something today that caught my eye, and I thought I'd share it and see if I could get some of you to fess up on how you deal or don't deal with spam.

Enjoy, and I look forward to hearing from you all on this topic.

_____________________________________

** 02. Fighting Spam - Part IX (by Dan Butler)


Last issue we looked at MailWasher. Many of you use MailWasher and are satisfied with the results. That's great! This issue I promised to tell you how I personally deal with spam, and why I don't recommend it for most of you. Then you'll learn what I do recommend. If you missed previous articles in this series you can find them here: http://www.TheNakedPC.com/t/517/tr.cgi?dan1 First consider two different ways of filtering spam. You can either identify the spam or identify the legitimate email. MailWasher attempts to do both. Long term you'll have less upkeep and more success if you focus on identifying legitimate email. With that in mind let's look at two examples of filtering email.

My personal spam-handling technique involves my home network. One of the machines, a Pentium 233, runs Linux. Nothing fancy - works great. Fetchmail downloads my email at set intervals, runs it through procmail where SpamBouncer takes over and files it. Then I use Pegasus mail to download the mail from Linux to my Windows 2000 box. Sounds complex but it's really very transparent. All of the software used in the system is free, except Windows.

Spambouncer is a set of procmail recipes. You configure four to six files depending on your setup. After that it just filters the mail. In my case it catches 800-1000 spams per week, deletes all the viruses, and files all of the bounces and miscellaneous messages that come through.

Is this system effective? Total spams that slipped through last week: 1. I've haven't had a single virus pass through since I've started using it. False positives on the email are about 2-4 per week. The key is that it is entirely hands-off at this point and consumes a total of about three minutes a week to maintain. It took me a few weeks to get all the filters in place and now it's hands off. Read more about SpamBouncer here:
http://www.TheNakedPC.com/t/517/tr.cgi?dan2 I realize that most of you won't be interested in setting up a Linux machine just to filter your email. That isn't all I use that for; I spend a large portion of my time with Linux.

So where does that leave the rest of you? Here is a simple solution that will filter your mail about like SpamBouncer does. The process is called "Reverse Spam Filtering." All you'll need is your email client's filters or rules. The specific rules you'll use will move messages to folders. Check your help file for the specifics of your client.

In your client you want to create several types of rules. The first checks to see if a message is from any mailing lists you belong to--TheNakedPC.com for example--and deals with it appropriately. I filter mailing lists into folders but you may prefer to keep them in your inbox.

Second - check to see if the email is from a friend of yours. If it is, exit the filter and the message ends up in your inbox. Call this your "green" list.

Third - check to see if the To: or Cc: field of the email is addressed to you. If so consider this email "yellow." Either leave these in your inbox or put them in a separate folder for later perusal.

Finally all other email is considered "red" and put in a potential spam folder. Check that folder periodically for legitimate email, adjust your mail filters, then delete the rest.

In my case I use my email client to change all my "green" email to a different color depending on who it's from. Makes it easy to keep the business and personal mail apart. Not all clients support this feature. Pegasus and Eudora do.

If this sort of approach interests you check out Nancy McGough's "Reverse Spam Filtering" page at Infinity Ink. At times things will sound technical but they just aren't that difficult. It is a "work in process" but has lots of links and information on this topic:
http://www.TheNakedPC.com/t/517/tr.cgi?dan3 As you set up your filters keep in mind how much time you are spending. Make sure you aren't adding time to your day. Start small and be diligent. Soon your email client will sift and sort your email and you'll wonder how you ever got along any other way.

You can reach Dan Butler at:
mailto:danbutler@TheNakedPC.com

Can this be installed on the webservers?

Good info, Gnomercy.

I have eMail click spots on every page of my websites. So I have been *harvested* by any number of folks, most of whom seek to convince me that I need various pills & ointments to enhance various aspects of my masculine parts.

Having been thus enhanced, they want to make sure that I have ample opportunities to view lots of naked chicks [perhaps they think I am a rooster]

Wheesht!

So I have gradually ramped up the ferocity of my eMail filters. Unlike the article's suggestion to filter green first, I begin by filtering red. And everything that gets tabbed as red gets deleted on the server. Poof! It's history!

Don't need no steenkin' folders for the red stuff.

Does good stuff sometimes get zapped? Perhaps. E.G., if you sent me a quite innocent eMail which at any point mentioned (for instance) the naked truth -- the word naked would get your message zapped.

Important points to remember [I have learned] are...
1) The sequence that a filter is given on a filter list makes a BIG difference. If a filter seems to be mis-firing, check its sequence. Too high? Too low?

2) Also check to see if you told the filter: "When a message meets the criteria, STOP filtering" OR if you told it: "When a message meets the criteria CONTINUE filtering." This aspect of filtering can get a bit tricky.

By the way, the spammers use a very startling trick nowadays. They can send you spam that appears to have come from your OWN eMail address. The first time that happened to me, I got a bit stuffy with my ISP for being careless (so I thought) in controlling who could SMTP through my account.

Lots of garbage comes from hotmail. At times I am sorely tempted to set my filters to zap EVERYthing that comes from hotmail. [I still think that HOTmail sounds like it's something to do with porn. :eek: ]

Aloha, Bellgamin
~~~~~~~
Defeat is worse than death because you have to live with defeat.

Originally posted by bellgamin
Good info, Gnomercy.

I have eMail click spots on every page of my websites. So I have been *harvested* by any number of folks, most of whom seek to convince me that I need various pills & ointments to enhance various aspects of my masculine parts.

Having been thus enhanced, they want to make sure that I have ample opportunities to view lots of naked chicks [perhaps they think I am a rooster]

Wheesht!




:D :D :D :D

Something Bellgamin said here, I think, answers Rodzilla's question. Email filtering is, unfortuneately, difficult to apply as a blanket to everyone; it's something that you really have to set up and maintain yourself. Like Bell said, if he received an email with the word naked in it, it'd get deleted, where I want to be able to receive my newsletter, which contains the word naked... his filters would prevent me from receiving email that I actually want. While applying filters to the whole server could be done on a smaller scale that only dealt with the very obvious stuff, it would still be something that would require an intense amount of research, and a whole lotta time getting filters set up... just building them would take weeks, I'm sure. If it's something that enough people want, I'm sure Danny could set me to the task of trying to build a list, but I would be inclined to suggest that people first try to use the spam filter built into their control panel... There are also many third party programs that work very well, the one I'm most familiar with being spam killer, and then there's SpamCop; an online service that ultimately gets peoples hosting accounts terminated. Personally, I love the feeling of putting someone out of commission, at least for a while, that sent me an email that I didn't want. The thing I really find funny, though, is that lately, I'm getting spam that is telling me "this is not an unsolicited email. You signed up/opted to receive/etc..." when I know I didn't. I didn't sign up for/opt to receive/etc... anything about human growth hormone, viagra, transvestite lesbian prostitutes on crack, internet get rich quick schemes, or anything else these people send me.

Again, like Bell said, he's been dealing with it for so long, he's gotten really strict on his spam filters, though I would imagine he probably spent a lot of time building those filters before he finally decided enough was enough and settled for what he has...





Now to go change the email system to send him stuff from naked_mercy@alphaomgeahosting.com so he doesn't see anything.... :D :D :D :D :D

Originally posted by Rodzilla
Can this be installed on the webservers?

Ask and ye shall receive, seek and ye shall find, knock and the door will be opened for you........oops, this is not a pulpit


Anyway. I have heard your request. We have employed spam filtering on Inetsrv1 for several months. Inetsrv1 uses sendmail and we are very comfortable with the mail filters under sendmail. Actually we don't do filtering, we use blacklists to limit spam.

We are now beta testing these same blacklists on Inetsrv2 which uses exim for mail. If anyone notices any issues, please contact me.

Essentially you should notice a sharp drop in the amount of spams that get to your mailbox if you are on this server. On Inetsrv1, we block approximately 1000 emails per week based on the blacklists.

I think this is the part where I point out that I'm listed as JUNIOR guru.... Sometimes I wonder if that's accurate, but hey, I didn't come up with it, so I won't argue :)

Originally posted by admin


Essentially you should notice a sharp drop in the amount of spams that get to your mailbox if you are on this server. On Inetsrv1, we block approximately 1000 emails per week based on the blacklists.

Does this mean I don't get no mo' naked chicks?

Bummers! :(

Da Roostah from Hawaii :p

I have reviewed the log files for the last 24 hours. We have blocked approximately 57 messages based on the RBL filters. I will continue to monitor the log files.

Lots of garbage comes from hotmail.
Hotmail is garbage :D


If you open a new account there and didn't tell a soul about it, within a week you'd still have you inbox full of spam emails.


Ages ago i made the mistake of using my domain name email in my webpage META tag. Started getting a whole lot of emails in my inbox with one of those trojan horse type viruses attached. The ones that are over 100kb in size lol Ended up just going to my ISP webmail portal and creating a mailbox for that email address. Looked the other day and there's over 240 of the little blighters hehehe :D


Hey Danny, any chance of adding some sort of option to bounce an email back to where it oringinated from? :D


Marc :O)

I will check into bouncing back. I know you can kill it if you create an alias to /dev/null. I don't think you can do this from the control panel, but if you need one, just let me know.

Spam filtering on Inetsrv2 is up to 127 spams.......

Danny,

According to the cPanel instructions, it is possible to bounce emails back the senders.

To set your default email address:

1. Click on the Default Address link in the Mail Menu area.

2. Click on the Set Default Address link.

3. Enter the complete email address of the new default in the field next to your web site name drop-down list.

Note: You can enter :blackhole: to throw away all incoming mail, or :fail: to bounce the email back to the sender.


Sadly it looks like it's for the whole domain and not individual aliases. Ho-hum :)


Marc :O)

As mentioned earlier in this thread, every page of my websites contains a click spot for folks to send me eMail. Mostly these messages come from nice folks with Bible questions or personal needs. There is a VERY small percentage of messages from the lunatic fringe, but I try to reply even to such as these.

Earlier in this thread Danny said...
Actually we don't do filtering, we use blacklists to limit spam.

If I correctly understand the above statement, the fact that AOH's system is based on blacklists rather than filters would mean that the possibility of rejecting legitimate eMail is fairly small. Am I correct in this?

Regards,
Bellgamin

Actually it is quite possible that legitimate email gets bounced. Usually, that comes from people whose companies or ISP have acted imporperly in the past and have been demened as not being trustworthy.

Thanks for the info Danny. This is exactly what I hoped you meant by using blacklists.

If I understand correctly, then, your systems do NOT block based on *bad keywords* [such as 4-letter words, crude references to genitals, viagra, sex ads, cruel racial epithets, nude, FREE!!!] in the subject or content of messages.

Shaloha.......Bellgamin

Correct, there are no keyword filters. However, if you are using spam assassin, I believe it incorporates some keyword filters in its decision, but this must be enabled in the control panel.

viagra, sex, nude, FREE!!!


Where can I find these free things? :D :D :D :D


Marc :O)

A) My site's amount of incoming eMail has dropped dramatically in the past few weeks. This may be a *normal cycle* or may have resulted because of my recent propagation problems. Still I continue to fret & wonder if any significant portion of my site's valid incoming eMail is being rejected as "spam."

B) Concerning the use of Spam Blacklists in general:

1) The LangaList is a highly respected newsletter. It is strictly OPT-IN and requires validation by reply from a valid eMail address.

2) Even so, LangaList reports that they have been the victim of unfair blacklisting by the SpamCop organization on more than one occasion. Their latest articles about this should be read by all. They are at...

http://www.langa.com/newsletters/2002/2002-08-22.htm#7

http://www.langa.com/newsletters/2002/2002-09-12.htm#5

C) The sinister prospect is that, given the average citizen's desperate desire to cut the deluge of spam, outfits like SpamCop can become the new *Big Brother* -- able to bring down even legitimate mailers & ISPs who do not demonstrate sufficient obeisance at SpamCop's altar.

Regards,
Bellgamin

Actually spamcop is one of the blacklists that we use. It also represents the BL that gets the most hits.

You know, I've been noticing a conspicuous absence of my Langalist mailings... I thought maybe I unsubscribed from them on accident or something, but if SpamCop has blacklisted them and it filtered down to us, that may be the problem.

Actually spamcop is one of the blacklists that we use. It also represents the BL that gets the most hits.

I request that AOH's use of SpamCop's blacklist be discontinued because...

1) SpamCop is in beta stage. It has been proven that SpamCop sometimes throws the baby out with the bathwater. Worst of all, SpamCop can be used as a tool of sabotage or vengeance against those who are innocent.

2) In America, we take the risk that -- in order to protect the innocent ---some who are guilty may go free. The same concept should be applied, I think, with respect to spam.

3) Stopping use of SpamCop will by no means leave AOH's clients unprotected against spam. Cpanel provides each of us with spam-sifting tools. Our eMail clients provide additional tools. If these do not suffice, we can obtain personal software to screen even more deeply.

If some of my fellow AOH clients disagree with me, I beg them -- if they haven't already done so -- please read and consider the links posted at the inception of this thread.

A primary reason why my site exists at all is to receive and answer eMail.

Peace to all,
Bellgamin