Skip to main content
Topic: How do you cut your spam? (Read 4517 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

How do you cut your spam?

I've recently taken to using mailwasher
http://www.mailwasher.net/

This allows me to classify (albeit maybe not as accurately as some other methods) email residing on my shell account before I download them via POP3 to my local machine.  I can decide whether to bounce or delete them at the server.  It works independently from my email program, so I can keep on using Eudora.

SpamAssassin would probably have been nice, if I could only get a version that works on my shell account (I can't compile it because the required version of perl won't compile on my server's system).  The advantage of SpamAssassin is that it works on the server, just like mailwasher, so that spam can be deleted before it's ever downloaded.  My guess is that it probably has better heuristics than mailwasher

There are other solutions which are also independent of the mail program.  One uses a statistical method (Paul Graham's "A method for spam") and fits between the POP3 server and the client program (I forget what the program is called).  I didn't look very closely at it to find out if it could delete messages on the server, but I didn't think it did.

Some spam programs are only good for Microsoft Outlook or Outlook Express, but I decided I didn't want to switch to either of these, which are the frequent targets of virus writers.

What does everybody else do?

ff123

How do you cut your spam?

Reply #1
popfile seperates my real, spam, half-life, and beta email just fine and dandy, I love it

http://sourceforge.net/projects/popfile/

How do you cut your spam?

Reply #2
I just use spamassassin, which works really well for me.  So far no false positives in 6 months of use, and about 2-5% false negatives (i.e. it catches 95-98% of spam, and doesn't mistakenly catch any non-spam).  Installation was just a 30-second matter of "apt-get install spamassassin" on Debian. =]

How do you cut your spam?

Reply #3
Quote
popfile seperates my real, spam, half-life, and beta email just fine and dandy, I love it

http://sourceforge.net/projects/popfile/

Oh yeah, that's what the program I wrote about in my first message was called.  It uses a Bayes filter.  The only thing I didn't like about this is that you have to train it, which means actually downloading messages from your POP3 server.  It would be much nicer if this were some sort of a hybrid program with some of mailwasher's capabilities.  That is, if I could train it, but only on the messages which mailwasher lets through on its "cautious" setting.  I don't want to ever download messages with viruses in them -- those should be deleted at the mail server straight off.

ff123

How do you cut your spam?

Reply #4
I am also using MailWasher; I've used it for about six months now, and I've been very happy with it.  I like the GUI setup and the way of defining custom filters. The automatic identification of spammers using online databases like SpamCop is fairly accurate.

How do you cut your spam?

Reply #5
Mozilla Mail or Mozilla Thunderbird comes with bayesian filtering.

A good choice SAProxy which uses the SpamAssassin engine and works on Win32 like popfile does.

If possible, you might want to get your provider to look into why perl doesn't compile so that you can run SpamAssassin. It's simply the best spam detecting engine now, integrating all the most popular spam detecting techniques (Bayesian, RBL, Razor2, SpamAssassin rulesets, and more) into one highly configurable engine.

How do you cut your spam?

Reply #6
I personally have no problem downloading the mail locally before weeding out the spam, and since I use the Mozilla mail client, I decided to try it's builtin spamfilter. It works very well IMO. I had a look at http://crm114.sourceforge.net/ and was considering to install it on the server to filter my mail there, but since mozilla works just fine I haven't bothered.

How do you cut your spam?

Reply #7
I use procmail white listing + spam assasin/pyzor on the server.

1. First check if my real name is anywhere in the header or body. It will be there if the sender knows me or if he replied to a message I sent. Spammers do not know my name. Or at least very few spammers know my name (I received my first spam with my name in this morning...)

2. Check for the names of my friends, family, work etc and white liste them.

3. Pass thru to spamassasing - log spam to text file.

The white listing is my own guarantee that I will receive important mail. Spamassasin can make false possitives and it feels to let the good people though the main gate.

Pyzor is pretty amazing - 60% of my spam was listed in pyzor. The pyzor score makes spamassasing filter out more spam - without risking making false possitives.

Only major problem with spamassasing is that it is used by a lot of people. Spammers have recently begun looking for holes in spamassasing to abuse and a lot of spam got thru until I rewrote the broken rules.

How do you cut your spam?

Reply #8
Actually, a friend of mine uses "Active Spam Killer". It is 100% effective against SPAM. Unfortunately it might filter out mails from the clueless as well.

The program is actually pretty simple - it maintains a white list. You have to perform a simple action (reply to a confirmation e-mail) in order to be on that list. But if the spammer uses a valid reply address, he will know you exist and send more spam...

Link to Active Spam Killer

How do you cut your spam?

Reply #9
Quote
If possible, you might want to get your provider to look into why perl doesn't compile so that you can run SpamAssassin. It's simply the best spam detecting engine now, integrating all the most popular spam detecting techniques (Bayesian, RBL, Razor2, SpamAssassin rulesets, and more) into one highly configurable engine.

I've already inquired about this, and the problem has to do with installing perl 5.005 or later.  They tried installing it themselves, but the test program core dumps.

How do you cut your spam?

Reply #10
Quote
I am also using MailWasher; I've used it for about six months now, and I've been very happy with it.  I like the GUI setup and the way of defining custom filters. The automatic identification of spammers using online databases like SpamCop is fairly accurate.

BTW,

for anybody trying out mailwasher, I would probably not use the bounce feature, because it may violate your ISP acceptable use policy.  From a google search:  "The bounce feature sends back a *forged* 550 message from mailer-daemon@yourisp.com - which is completely MEANINGLESS after the mail has already been successfully delivered."

Just go for the delete.

ff123

How do you cut your spam?

Reply #11
I am using the Mozilla spam filter. This one is based on Paul Graham's "A method for spam".
The first 3 weeks I had to verify for false positives. After 3 weeks there was no false positive anymore, and so I stopped verifying them.
My (automatic) policy is to direct spam into the "junk" folder, and automatically delete them once message is 15 days old.

How do you cut your spam?

Reply #12
Quote
I've already inquired about this, and the problem has to do with installing perl 5.005 or later.  They tried installing it themselves, but the test program core dumps.

Hmm... given that perl 5.005 came out literally years ago (the current version is 5.8), it seems like they should have figured it out by now. =]

How do you cut your spam?

Reply #13
Quote
Oh yeah, that's what the program I wrote about in my first message was called.  It uses a Bayes filter.  The only thing I didn't like about this is that you have to train it, which means actually downloading messages from your POP3 server.  It would be much nicer if this were some sort of a hybrid program with some of mailwasher's capabilities.  That is, if I could train it, but only on the messages which mailwasher lets through on its "cautious" setting.  I don't want to ever download messages with viruses in them -- those should be deleted at the mail server straight off.

ff123

training, for me anyways, really only took a day's worth of email.  Day 2 I didn't have to do much, and the end of the week and afterwards it's been pretty rare to ever have to do anything.  Yeah, training it to begin with is a bit more work, but the training period was very easy to tolerate.  Plus it does more than simply weeding out spam.  As I said, I've got it correctly sorting other types of email too, which is one of the biggest strengths for popfile.  Strictly speaking, it isn't even a spam filter, but an email classifier.  At least that's how the author describes it, and in practice I'd say it's a fair claim.  There isn't much that any product could really do to sway me from popfile now, makes email tasks besides weeding out spam a hands-off affair too.

How do you cut your spam?

Reply #14
I find that if a program simply checked for valid sending domains as in actually resolvable that 80% of my spam would never get here. Silly considdering that most spam is sent by bouncing off an unsecured smtp server that they would not use more realistic email addys more often. The remainder are often free yahoo, hotmail, and excite addys. So if you could filter them out unless the sender is recognised there would go the remainder. What is real annoying is the "net send" spam that is being prolifferated. I put up a new install of XP and forgot to disable the messenger service and I came back an hour later to find the screen full of pop-ups. God bless Microsoft!  Since then before I install any patches or updates messenger is always the first thing killed.

How do you cut your spam?

Reply #15
Quote
I am using the Mozilla spam filter. This one is based on Paul Graham's "A method for spam".
The first 3 weeks I had to verify for false positives. After 3 weeks there was no false positive anymore, and so I stopped verifying them.

I'm using Mozilla's junk filter too.  I am still getting false positives on some messages from
subscribed mail lists.  Maybe one criteria is whether my address is explicitly in the to: or cc: field,
which it generally isn't with a mail list?

How do you cut your spam?

Reply #16
Two accounts: an insecure account and a secure account. I give my insecure account out on-line, and my secure account out to friends. That and built in hotmail junk mail filtering, which isn't great, but it'll work until I get myself a webhost. I don't have much of a spam problem though, for some reason.

How do you cut your spam?

Reply #17
i have one main inbox with several aliases (at last count 114). Anytime I need to register with a website or service, I create a new alias (for example hydrogenaudio at graphicintentions.com).  If I start to receive unwanted spam on this alias I see that either they sold my email address, they got hacked and someone used my email address, someone screenscraped the forums, etc. and then I can kill the alias. Poof no more spam.
"Droplets of Yes and No, in an ocean of Maybe"

How do you cut your spam?

Reply #18
Quote
Two accounts: an insecure account and a secure account. I give my insecure account out on-line, and my secure account out to friends. That and built in hotmail junk mail filtering, which isn't great, but it'll work until I get myself a webhost. I don't have much of a spam problem though, for some reason.

I'm in the process of removing my normal mailto: information in all of my web pages (there are a lot of references to my email address).  I'll probably change "foo@bar.com" to something like "foo at bar dot com" so that spam harvesters won't get my email address quite as often.

Damn that spamn!

ff123

How do you cut your spam?

Reply #19
Quote
I'll probably change "foo@bar.com" to something like "foo at bar dot com" so that spam harvesters won't get my email address quite as often.

There are more elegant ways to do this, without forcing your visitors to manually type out the e-mail address. A CGI script seems to be the best one. Or how about special characters (2)? There are some other ways, but graphics and table tricks mean work for your user, and not all users browse with activated Javascript.

How do you cut your spam?

Reply #20
Quote
I find that if a program simply checked for valid sending domains as in actually resolvable that 80% of my spam would never get here. Silly considdering that most spam is sent by bouncing off an unsecured smtp server that they would not use more realistic email addys more often.

I tried this for a while, but it didn't work at all. More spammers have learnt to work around this type of filtering while more and more people setup their own smtp servers at their personal computers (which of course are not online most of the time). For me the statistical method used in mozilla mail has worked way better.


How do you cut your spam?

Reply #22
Quote
ff123:

Have you tried SAProxy yet?
http://saproxy.bloomba.com/

That looks like a good one.  I may try it for fun to see if it catches stuff that mailwasher lets through.  I still like the way mailwasher deletes stuff (especially viruses) directly at the server.

ff123

Edit:  Ok, I've got SAProxy setup as a backup spam filter.  I'll purposely let the mailwasher residue through to see what happens.

 
SimplePortal 1.0.0 RC1 © 2008-2020