Fighting Spam on the Home Front

Saint Aardvark writes: "Something interesting from the SecurityFocus Honeypot mailing list: a couple of honeypots for spammers. This message has a link to a how-to page for setting up a Sendmail honeypot to trap spammers, and the status page for a honeypot in Moscow that's trapped spam meant for >1.7 million recipients. The author mentions using a honeypot in conjunction with the Distributed Checksum Clearinghouse -- this seems like a great way identify both spammers and their messages."

And C-Moan writes: "Wireless spam volume is likely to increase in the coming years. But smart use of spam-fighting measures can go a long way toward eliminating the problem. This article provides info about the latest crop of e-mail filters and enhanced mail client options, as well as two roll-your-own programming platforms that could help keep your in-boxes spam free."

Re:Fight Spam

[Zach+Garner]

uce@ftc.gov is for this purpose.

UCE = Unsolicited Commercial E-Mail FTC = Federal Trade Commission

If you send it to someone like your congressman, YOU are spamming. If you do it often enough, I'm sure they will have a word or two with your ISP.

If someone sends you a letter filled with anthrax, forwarding it to the president will not make things better...

Teergrube

[quigonn]

What can be generally interesting when fighting spam is

1. razor (I recently posted a message about it on /.)
2. A "teergrube". This is german for "tar pit". In the ice age, animals like mammoths trapped into them, today the spammers shall trap into them. Lutz Donnerhacke wrote an interesing FAQ about it, you can get it from here (english, of course). IMHO every ISP should run such a teergrube on his SMTP host.

SpamAssassin!

[mr.nicholas]

I guess I have to throw in my $0.02 here. Instead of relying on a single services or technique for stopping SPAM, try something heuristic that combines the best of multiple worlds: SpamAssassin, for example.

It uses a weighted score that derives it's values from a variety of sources including Razor and various Black Hole Lists.

The type of heuristics are along the lines of:

SPAM: -------------------- Start SpamAssassin results ----------------------
SPAM: This mail is probably spam. The original message has been altered
SPAM: so you can recognise or block similar unwanted mail in future.
SPAM: See http://spamassassin.org/tag/ for more details.
SPAM:
SPAM: Content analysis details: (12.24 hits, 5 required)
SPAM: Hit! (1 point) From: contains numbers mixed in with letters
SPAM: Hit! (1.2 points) From: does not include a real name
SPAM: Hit! (1 point) 'Message-Id' was added by a relay (2)
SPAM: Hit! (1 point) Subject contains lots of white space
SPAM: Hit! (1 point) BODY: List removal information
SPAM: Hit! (1.56 points) Contains phrases frequently found in spam
SPAM: [score: 26, hits: accept credit, credit cards,]
SPAM: [fill out, for your, more information, our]
SPAM: [company, phone number, receive further, remove]
SPAM: [the, reply this, subject line, thank you, the]
SPAM: [subject, this email, wish receive, word remove,]
SPAM: [you for, you like, you wish, your]
SPAM: [email]
SPAM: Hit! (1 point) spam-phrase score is over 20
SPAM: Hit! (1 point) Received via a relay in inputs.orbz.org
SPAM: [RBL check: found 14.54.162.63.inputs.orbz.org.]
SPAM: Hit! (2 points) Received via a relay in relays.osirusoft.com
SPAM: [RBL check: found 6.223.155.212.relays.osirusoft.com., type: 127.0.0.9]
SPAM: Hit! (1.48 points) Subject contains a unique ID number
SPAM:
SPAM: -------------------- End of SpamAssassin results ---------------------