SpamNet: Razor for the Masses

UCRowerG writes "From CNET News on Yahoo!: "Conceived by Napster co-founder Jordan Ritter and open-source developer Vipul Ved Prakash, the company is touting the benefits of democracy, networking and collaboration in the war against unscrupulous e-mail marketers." " Since Prakesh is responsible for Razor, hopefully there will be Linux support as well, but once again I gotta throw my props at Spamassassin which catches over a hundred spam for me each day.

I need my spam

[Hatechall]

Spam is the only mail I get...makes me feel part of something greater than I.

Re:I need my spam

[gentix]

And if you follow the instructions of every penis enlargement email you get, you'll soon really be part of something greater than you...

Re:I need my spam

Damn... The nlaslt64 has crashed again. I think it's due to the ML10 upgrade of last week.. Fuck fuck fuck

Death to UCE

[jazzbotley]

Kill 'em all. I hate SPAM.

Re:Death to UCE

[azadism]

Well put. Nice, simple and I tottaly agree.

Re:Death to UCE

Insightful. Biting satire. Your wit has
claims yet another victim. Well done!

Alanis would love this.

[Bilestoad]

And the first thing the story about the spam-battling startup does is to load some popup advertising.

Wonderful.

Re:Alanis would love this.

[ceejayoz]

Yeah, except that you choose to come here. You've got the option to not read Slashdot.

Re:Alanis would love this.

[thesolo]

And the first thing the story about the spam-battling startup does is to load some popup advertising.

Simple solution: Use Mozilla, and turn off unrequested popups. I haven't seen one in months.

Re:Alanis would love this.

[Oliver+Wendell+Jones]

Simple solution: Use Mozilla, and turn off unrequested popups. I haven't seen one in months.

Or if you want to keep using the IE engine for compatibility, you can try out Crazy Browser (http://www.crazybrowser.com/). It's a tabbed browser using the IE engine and it can easily disable popup ads.

Or you can install Proxomitron (http://www.proxomitron.org), it's a wonderful free http proxy that filters out most ads including the annoying pop ups.

I use both when I'm forced to use Windows (at work).

Re:Alanis would love this.

[thesolo]

Or if you want to keep using the IE engine for compatibility

Translation: If you want to keep seeing poorly-coded sites remain poorly-coded sites, use the IE engine.

The more people that use Mozilla, the more web designers have to code for standards compliancy. Using IE or IE's engine will only result in a monopoly on the web.

Re:Alanis would love this.

Ah but you're assuming everyone has the freedom to run hippy software. Too bad if your corporate IT people don't allow it.

Re:Alanis would love this.

Or if you want to keep using the IE engine for compatibility

Translation: If you want to keep seeing poorly-coded software remail poorly-coded software, use the Mozilla engine.

The more people that use Mozilla, the more chat modules the developers can cram into it instead of working on the browser itself. Using Mozilla or Mozilla's engine will only result in a monopoly of your CPU.

Re:Alanis would love this.

[Dwonis]

Mozilla isn't a just browser, it's what XEmacs should have been.

grammer!

[RogueProtoKol]

its there not their

we should start a fund to send all /. staff to a school of english :)

Re:grammer!

[acrollet]

and it is:

it's there, not their
^

it's == it is
its == the possessive of it

Re:grammer!

[chowbok]

It's "it's", not "its". Don't throw stones.

Re:grammer!

[splume]

And it is "it's" not its.

Usage Note: Its is the possessive form of the pronoun it and is correctly written without an apostrophe. It should not be confused with the contraction it's (for it is or it has), which should always have an apostrophe.(http://www.dictionary.com/search?q=it% 27s)

Re:grammer!

[albalbo]

Grammer?

Spelling!

Re:grammer!

to further clog the DB tables, You started a sentence with "You started a sentance ..." Yeesh, the trolls are weak.

Re:grammer!

[CaseyB]

It's a law that any spelling/grammar flame must contain at least one spelling/grammar mistake. This one's got several.

Re:grammer!

It's a law that any spelling/grammar flame must contain at least one spelling/grammar mistake. This one's got several.

- CaseyB

Re:grammer!

*sigh* Sad. It's not its. Perhaps we should send you to a school of English as well. Oh, and by the way, It's grammar.

Re:grammer!

And it's grammar, not grammer .

Re:grammer!

"has got" be an grammar mistake

impaling....

[Silverstrike]

Spammers need to be impaled on long barbed spikes. I think that the Slashdot Community wouldagree with me

Re:impaling....

[Alien54]

Spammers need to be impaled on long barbed spikes.

No, I long ago suggested spam licenses where we get to go out and give each spammer a bright orange flow in the dark permanent eartag, complete with animal tracking collar. Then we can heard them up and stampede them over a cliff or something.

Re:impaling....

What have you got against long barbed spikes? I can hear them all scrambling to put on their teflon coats even now..

Plural

[richlb]

...which catches over a hundred spam for me each day.

Is the plural of "spam" really "spam"?

Re:Plural

Is the plural of "spam" really "spam"? Actually, "spam" is the plural form. There is no singular form of the word...it only appears in bulk.

Re:Plural

[sporty]

Depends.. isn't one spam enough? Who would want two? Either the meat or the mail.

Re:Plural

[DrSkwid]

yes it is
there are a plenty of nouns that work this way

some flour and some more flour is still flour
water
rice
salt
etc. etc.

Re:Plural

I hate to tell you this, but if it isn't plural.. it isn't spam! ;)

Re:Plural

[ncc74656]

Depends.. isn't one spam enough? Who would want two? Either the meat or the mail.

I know of someone who wanted spam, spam, spam, spam, spam, spam, spam, spam, spam, spam, spam, and spam...

Re:Plural

Has to be - it is after all mailed out by sheep...

Re:Plural

[Webmonger]

No, flour, rice, salt and water aren't plurals.
You don't talk about "a water" or "a rice". Words like that are mass nouns.

There are also words whose plural is the same as their singular. "Fish" comes to mind. You can catch "two fish", but you can also catch "two fishes", depending where you're from.

Re:Plural

[sporty]

So the plural of spam is Monty Python?

Re:Plural

[Peyna]

I saw a deer run across the field.

Those men are hunting deer.

This is the best example I can think of, there are others.

Re:Plural

No, flour, rice, salt and water aren't plurals.
You don't talk about "a water" or "a rice". Words like that are mass nouns.

All that talk makes me thirsy. Get me a water, please. I went to the chinese restraunt and ordered two noodles and a rice; msg is a salt they really overuse.

admit it: english has not rules

Re:Plural

[TheTomcat]

You're forgetting about the assumptions:

All that talk makes me thirsy. Get me a [bottle|glass|pitcher of] water, please. I went to the chinese restraunt and ordered two [orders|plates of] noodles and a [bowl|plate of] rice; msg is a salt they really overuse.

also:

Pass the salt [shaker].
Would you like [a spoon of] sugar in your coffee?

S

Re:Plural

[dazed-n-confused]

Is the plural of "spam" really "spam"?

No, you have to repeat it.

E.g: "Spam, spam, spam, spam; spam, spam, spam, spam; lovely spam, wonderful spam..." (etc.)

(You really need the Vikings to appreciate this).

Re:Plural

C'mon. Give me a fucking break! Are you a fucking idiot? No one orders a fucking water. It just makes no fucking sense. No one orders a fucking rice. I'll give you the last fucking two."MSG is a salt they really overuse" refers to fucking MSG as a fucking class of the fucking superclass salt.

Having fun fucking trolling.

Re:Plural

But what simply drives me insane is that deer works exactly the way you mention but you don't go to a bar to have 5 "beer". you have 5 beers. I think we should demand that the plural of beer be made "beer"

Re:Plural

Does spam even exist in the singular? ;)

Bandwidth

[Iscariot_]

Think of all the Bandwidth wasted on spam. (Downloading, and sending.) Before my cable provider charges me for spending too much time on the net because I'm using their precious data lines, I think they should get rid of those spammers.

Rather than a client side tool like SpamNet, I'd like to see something that sits along side mail servers.

Stop the spam before it gets sent!

Re:Bandwidth

[littlerubberfeet]

He has a point, with the advent of charging for total data moved, not just bandwidth, we can now sue spammers for DIRECT MONITERY LOSSES. That rocks. Sucks if they are offshore though.

Re:Bandwidth

[Hualon]

But is spam blocking really the responsibility of your ISP? I think that a user-tool is the best way to block this sort of thing. If anything, RoadRunner or whatever your ISP would be happy to continue your barrage of spam once their usage rules are in place. They simply have no incentive to block it before it charges you on the $.20 a meg program. But an ISP approach to blocking SPAM requires a rules-based approach. The parent article states that such approaches are too tedious to scale or update with any frequency. -Hualon

Re:Bandwidth

[Jon+Katz+on+Tuesday]

Myth: Bandwidth is wasted on spam

Fact: In the overall since of things, bandwidth is plentiful and very cheap. While it may cost you or I an arm-and-a-leg for a DS1 or DS3 circuit - it costs your average telco very little. With all the huge pipes flowing into Tier 1 and Tier 2 ISPs, the amount of bandwidth used on sending you that 15k spam email is minimal comparied to you using P2P software to download coprighted songs.

So really you should be up-in-arms about the illegal downloading of music using P2P software when you talk about wasting bandwidth.

Re:Bandwidth

[skroz]

That would be spamassassin. Works great for me. I catch over 95% of my users' spam, with only a single known false positive after three months of use. Combined with Vipul's Razor, it contributes to others' ability to catch spam, as well.

Re:Bandwidth

[bcrowell]

Their method depends on a web of trust, with trusted users defining what's spam and what's not. So it makes sense to have something running on the user's end. Also, most users don't have any way to convince their ISP to put anything on the server side.

Re:Bandwidth

[drooling-dog]

There is a program called mailfilter that claims to do just this for POP3 mail; i.e., it polls your mailserver periodically, examines the headers (only) against a rule set, and deletes offending messages on the server.

Haven't used it much, so I can't really recommend it one way or the other...

Re:Bandwidth

[AnotherBlackHat]

Think of all the Bandwidth wasted on spam. (Downloading, and sending.)

Hmm... Ok.
Average size of spam, under 10K.
Average number of spams per person per day, under 10.
Bandwidth per person 9.26 bits per second.

Holy cow! 9.26 per second, why that works out to almost a quarter of a million dollars per month,
when you multiply it by 100,000,000 users,
Why, that would be nearly five cents per person per year - goodness.

Sorry, I do feel for the people who pay for tbe bandwith spam uses.
But I feel more for the people who lose time because of reading it.

-- this is not a .sig

Re:Bandwidth

[Bat_Masterson]

The point is that, if you block the SPAM at your system, then the SPAM has already contributed to bandwidth wastage. Finding a way to push the block back to the SPAMmer might go a long way to eliminating SPAM. Who would send SPAM if it doesn't get out to anyone? Thus far, no one seems to have a reliable way of doing this that wouldn't also catch some legitimate email.

One possibility seems to be TMDA. With people using TMDA for email addresses, ISPs could easily filter email sent to out-of-date or dead email addresses. If everyone were using these addresses, then most SPAM would die pretty quickly. I imagine it could be possible to setup a central server that TMDA could send some user-specific rules to and ISPs could scan to improve the filtering process.

Re:Bandwidth

[Bat_Masterson]

There is TMDA. It is not well-developed yet for ISP usage, but I could see it being hooked into an email server and automatically filtering out email going to an address that is out-of-date. If everyone then used TMDA, the ISPs could then proactively filter large amounts of email they relay pretty easily as they are already reading the email address.

Re:Bandwidth

First, I think your average number of spams per person per day is very low and getting lower every day. I would put the average closer to 25 and rising.

Second, you forgot to add in the costs of CPU usage on each system (low, I know, but...).

Finally, you forgot the costs of people having to setup and maintain a filter in order to eliminate something they didn't want to get in the first place.

Re:Bandwidth

[BrokenHalo]

if you block the SPAM at your system, then the SPAM has already contributed to bandwidth wastage.

True, but if you bounce it any further, you are perpetuating it. Since most attempts to nail spammers personally tend to be little more than shots in the dark, I have found it more useful to simply blackhole the junk. I used to make efforts to petition spammers' ISPs to discipline their users, but stopped when I found evidence that some of those ISPs had simply added my current email addresses to another bulk-mailing list.

Signatures?

[MarvinMouse]

Just as a curiousity, are these signatures just checksums, or are they a more complex algorithm?

I would be interested to learn how these signatures are generated. Since if they are checksums, it will be reasonably easy to defeat (just change one letter in each e-mail message), but if they are something more complex it might become more difficult.

As well, it might prevent good mail from coming through if these signatures are too simple.

Anyone know details at all?

Re:Signatures?

[littlerubberfeet]

Another problem: given the volume of spam sent, there are gonna be GIGS of checksums or algorithms to store in order to block the spam. Ouch, what am I going to do about the old sparC machine with the 500 meg drive that I use as an email server?

Re:Signatures?

[torpor]

Its way more complicated than that. Just read the "whats new" page for a good summary:

http://razor.sourceforge.net/docs/whatsnew.html

I'm frankly quite happy to see Razor come to fruition.

I had exactly the same idea for how to do this (with distributed signature databases) in '93 when I started a well known ISP. The plan was to offer spam-killing as a second-tier service to offer our customers, but alas: at the time, it was considered by management (read: VC) more profitable to allow open spam relays to our subscribers than it was to try to get subscribers to pay for a service like this, so the implementation details went nowhere.

Excellent to see it come to light in the form of working code, OSS style.

Re:Signatures?

[ftobin]

Excellent to see it come to light in the form of working code, OSS style.

Only the client of Razor is OSS. The author has explicitily stated that the server will not be released under an Open Source license. This is exactly why I'm implementing Pyzor, which is a razor-like system but where both the client and server are released openly under the GPL.

Re:Signatures?

[pjrc]

Its way more complicated than that. Just read the "whats new" page for a good summary:
http://razor.sourceforge.net/docs/whatsnew.html

Actually, the version 2 protocol has been in use for some time. On my system, where I installed Razor in February 2002:

paul@wallace ~ > razor-check -v
Razor Client Tools 1.19, protocol version 2

Shame on me. Apparantly I missed Vipul's announcement four days ago that everyone needs to upgrade to version 2.06.

Eventually, Razor is going to use the Nilsimsa Hash Algorithm, which is supposed to be able to detect spams where the spammer made only a minor change to avoid being matched against previously transmitted copies. The Razor V2 protocol has support for this hashing algorithm and others. Who knows, maybe they're already implmented it? Ought to take a peek at the perl code sometime....

Their will?

...hopefully their will be Linux support..

They are going to put in their will to add linux support? Why not get some *before* they die?

Spamassassin works with razor ...

[dzym]

According to README.Debian ...

SpamAssassin is compatible with Razor, an online spam database. Get the package razor, maintained by Robert van der Meulen.

Gah!

[SkyLeach]

If it works anything like existing P2P networks then It will take about a week to stop each spammer and block thousands of non-spam emails simply becuse they contain the same words commonly used by spammers.

:-)

Re:Gah!

[Leo+Giertz]

But they're not worth more than my £0.02. ;-)

Way to fact-check!

[nicwolff]

Prakash drew inspiration for the company from the sci-fi novel A Fire Upon The Deep, by Stanford computer science professor, Vernon Ving

That's "Vernor Vingh".

Re:Way to fact-check!

[SpacePunk]

"Prakash drew inspiration for the company from the sci-fi novel A Fire Upon The Deep, by Stanford computer science professor, Vernon Ving

That's "Vernor Vingh"."

That's "Vernor Vinge" you barbarian.

Here's the URL...

[EnglishTim]

http://www.cloudmark.com/

... because the guy who posted this obviously couldn't be bothered....

Spamassassin for Windows = Outlook?

[pieterh]

So, does anyone actually know of a package using Vipul's Razor or similar that works on Windows and does not require me to switch to a MS product?

Re:Spamassassin for Windows = Outlook?

[lurvdrum]

The spamassassin homepage refers to a Windows port "SpamAssassin Pro" being developed by Deersoft; I have no knowledge of this but it might be what you are looking for?

Re:Spamassassin for Windows = Outlook?

[AWRich]

Deersoft's product requires you to be using micro$oft outlook.

Rich

Re:Spamassassin for Windows = Outlook?

[e4]

I know this isn't exactly what you're asking for, but MailWasher does a pretty good job of managing blacklist/whitelist filtering from Windows. You can pick from any number of public blacklists, as well as create your own for anything that sneaks through.

spambouncer -- nice procmail spam filter

[Sizban]

check out spambouncer at www.spambouncer.org. i've been using it for quite some time now, and it catches most all of my incoming spam. there's some stuff it catches that it shouldn't, but that can be tailored with custom procmail rules and a quick check over the bounce.incoming folder once in awaihle. and it's free and open source, of course.

Re:spambouncer -- nice procmail spam filter

[nrosier]

I used spambouncer before discovering spamassassin (www.spamassassin.org). Spambouncer requires rules, rules, rules to block all unwanted mail AND to not to block all wanted mail.
IMHO, spamassassin uses a much better system of built in rules to check for spam, including Vipul's Razor. It can easily be adjusted: give weigth to certain checks or set a higher/lower threshold for spam-marking. Spambouncer requires procmail rules which are much harder to setup.
Spamassassin made everything much easier; in the last couple of months, it blocked 1 mail which it shouldn't have and also didn't block 1 it should have.

I hate spam

I gotta stop reading Spam. My dick is 354 feet long and it is attracting far too many Linux hippies. :-(

Support and that stuff

[littlerubberfeet]

WHat about Mac support? I am sure those with email servers using the Xserve line (however illogical) would want a product like this. Also, what about ways to differentiate legit newsletter mailings and spam? This has been a huge problem. Yahoo still dumps mail from my account into that Bulk folder that shouldn't be there.

Also, I want to know the technical details.
Anyone with links?
It would be nice to know how this actually works. P2P spam wars??

Re:Support and that stuff

[zaphod123]

The spamassassin program is called from procmail.
There are two ways to use it. One is a simple perl script that is invoked each time you receive mail. For sites that receive a large amount of mail, there is a daemon and client program.

Spamassassin gives each spam quality in an email a score. For instance, if the body of the message claims auto email removal, it gives the message a score of 1.750 plus anything else it finds. You can find all the scores at http://www.spamassassin.org/tests.html

Each user of spamassassin has a user_pref file where you can change the score required for an email to be considered spam. You can also blacklist or whitelist sites in the file.

All of the program is written in perl (except for spamc which is in C), so if you know a little perl you can get a more detailed explanation of it. :)

I surrender!

I give up. I've tried several anti-spam tactics, and they either:

1. Let too much spam through
2. Block some legitimate mail
3. Or, require the sender to do something different, confusing them utterly.

I'll just post my credit card number and shipping address on my web page. Sent me all the junk you want to sell me, just stop sending spam!

Re:I surrender!

[Captoo]

There is another option. If you get your email from a POP3 mail server (chances are that you do, unless you use web-based email), try the Spam Tamer Proxy.

1. It will let all the spam through, but it will eliminate pictures, pop-up windows, web bugs, and other garbage. That makes the spam easier on you and your bandwidth.
2. It will never block legitimate mail. Pictures sent as attachments make it through. (Friends and family send pictures as attachments, but spammers never do.)
3. It doesn't confuse people who send you legitmate email.

So, it's not the same as a spam blocker, but if conventional filtering isn't the right choice for you, I suggest you give it a try.

Re:I surrender!

Yeh, the procmail E-mail Sanitizer of John D. Hardin, does the same thing. Works like a charm. I have never had a virus/worm or other crap gotten through it.

Re:I surrender!

[Captoo]

I hadn't heard of that program before. Based on what I read on their web page, it looks like it focuses on email attachments. It also looks like it handles the attachments very well and is able to discriminate in some cases between legitmate attachments and messy ones.

The Spam Tamer Proxy renames attachments based only on their file extensions. (It uses a user-configurable list.) It also can clean up HTML in email to block other potential problems. It is much easier to configure, but it still does require a little bit of basic computer skills.

Anyone who is interested should try both of them and see which one they like more.

Two questions:

[Mr+Guy]

1) Why outlook? I'd like this for Mozilla (Mailzilla?)

2) How is this a war? I hate unneeded escalation. War is when you fight an enemy you respect enough to fear. Invasions are when you fight an enemy you don't respect enough to fear. This is neither, this is more like ignoring an annoying child.

Re:Two questions:

[SpacePunk]

It's a war!

Everything is a war!

War on Poverty!
War on Drugs!
War on Terrorism!
War on Spam!

TO ARMS! TO ARMS!
WAR DRAWS NIGH!

grammer != grammar

[ABetterMan]

heheh :)

SpamAssasin

[howardjp]

The WELL just installed it a week or so ago and it has been great! It tags correctly about 97% of the time and that is fantastic!

Re:SpamAssasin

It works flawlessly if you're not a native english speaker, and if most of your correspondants are not as well.
The heuristics of SpamAssassin still catch most of the french spam I'm being sent, and has never blocked a single legitimate email yet.

Now if they'd only get people's names right..

[mrbill]

>"Prakash drew inspiration for the company from the sci-fi novel A Fire Upon The Deep, by Stanford computer science professor,
>Vernon Ving, who wrote about a router the size of a planet "that could filter spam," Prakash said. "

Wow, I bet Vernor Vinge is happy about that one!

Re:Now if they'd only get people's names right..

[the+gnat]

I cringed when I read that, but it's really cool that they cited "A Fire Upon the Deep". That was one badass book. Even if his galactic USENET doesn't make too much sense the way it's pictured in the book, the idea of an entire planet whose economy is based around routing network traffic is way cool. Vinge's is probably the most fascinating portrayal of a civilized galaxy that I've read, and (despite his odd contrivances, which I won't give away here) one of the most realistic. Certainly far more original than a "Galactic Empire".

Okay, I'm through trolling for Vinge. Anyone know of sci-fi works of comparable merit published in the past decade? I'd given up until I read his last two...

Re:Now if they'd only get people's names right..

[Cato]

Alastair Reynolds is very impressive - particularly Revelation Space, whose sheer scope is quite breathtaking.

Link Ranking Wars

[Alien54]

I figure that there are so many spammers ....

what if they got into the system and overloaded it while still small so as to promote their own links and to discredit the project? Just a wild thought, not that they would ever be that organized.

I am thinking of the recent Google ranking wars, for example.

for most folks using it, it would be enough to put them off their feed if the spammers polluted the data pool early and strongly enough. Presuming that the average user was not an expert user.

I see this as part of a larger problem of people pushing competing viewpoints on the web.

Alledged nasty group "A" against alledged heroic group "B" - gets messy when things like politics and religion get involved.

A question...

[SubMissionary]

Does anyone else get the image of ninja's hurling canned ham at people when they read the name of this app?

SpamCop

[Mwongozi]

My e-mail is currently hosted at SpamCop, who do a pretty good job of filtering out spam before it even reaches my mailbox. They shunt spam into a seperate folder using the excellent SpamCop blacklist, and can also optionally use additional blacklists including SPEWS, Osirusoft, ORDB, Spamhaus, Monkeys.com, etc. etc.

Combine that with POP3, IMAP, and web access, and also the ability to suck mail out of existing POP3 accounts and I think it's excellent value.

No, they're not paying me to say all that, I'm just an extremely happy customer. :)

Re:SpamCop

[mixbsd]

the ability to suck mail out of existing POP3 accounts

By which time the spam has eaten up bandwidth and briefly occupied space in your pop3 inbox, so there's still a chance that a legitimate mail could bounce due to lack of space.

Client-side "spam-eaters" are all very well and good for removing the annoyance factor, but they don't help with the economics of running a mail-server.

Re:SpamCop

[Chmarr]

That's not true. Spamcop's blocking algoritms work on a RBL-style blacklist, based on IP address of the spammer. Spamassassin uses pattern matching to determine if the spam being received is likely spam and either marking it as such in the headers (so you can procmail it out), or throwing it away. With spamcop, the mail gets rejected even before the DATA portion of the mail.

Re:SpamCop

[Mwongozi]

What's not true? I can't see anywhere where I contradicted anything you just said.

Re:SpamCop

[Chmarr]

The spam does not eat up bandwidth, nor chew up mailbox space, because the 'spamcop method' of filtering email means the mail is blocked before the data portion is received. Ie, its 'sending IP' based, rather than content based.

SpanBouncer is good too

[chowbok]

It's straight procmail, not perl-based. The main problem with it was that it hadn't been updated in nearly a year, but a new version finally came out last Friday.

Re:SpanBouncer is good too

[goldid]

I had WAY more problems with SpamBouncer than with Spam Assassin -- that is far more false positives, which I found very annoying. The scoring system of SpamAssassin (with Razor) is greater in many ways than the simple you-hit-and-die SpamBouncer approach

Rime of the ancient spamfilter

[Ted+Maul]

It is an ancient spamfilter
And it stoppeth one in three
By the long domain list and pattern match
Now wherefore stopp'st thou FREE XXX PICS

The hotmail's doors are open wide
And I am OFFERING OPPORTUNITIES TO MAKE $$$$$
The guests are met, the preference set
May'st hear the merry INCHES ADDED TO YOUR PENIS

[That's enough Coleridge - ed]

Re:Spamassassin works with razor ...it does

[HowlinMad]

I use it with Debian and mutt. Great combination. Dumps all my junk into a junk mail directory where every once in a while I report them all and them delete them. since I run a small mailserver and some of my used use Windows I am glad to hear of this. They get thier SPAM marked and they use filets to keep them out of thier inboxes, but they have no way of reporting them. I amworking on a procmail recipe that will send them the SPAM anyway, but send a copy to me so I can report it. Hopefully this will become a moot point for me.

Hey Ximian!

[SLot]

This would be a welcome feature addition for Evolution.

Re:Hey Ximian!

[Aaton]

I wish I could just get Evolution to show custom headers like the ones I get from Spamassassin....

X-Spam-Status: Yes, hits=23.7 required=7.0 tests=SUBJ_HAS_SPACES,NO_REAL_NAME,OPT_IN,CLICK_BE LOW,EMAIL_MARKETING,EXCUSE _3,BIG_FONT,CLICK_HERE_LINK,MAILTO_LINK,CTYPE_JUST _HTML,DATE_IN_FUTURE,RCVD_ IN_OSIRUSOFT_COM,SUBJ_HAS_UNIQ_ID version=2.20

I like knowing what the hit count is on my spam with out having to keep changing my view to "Show E-mail Source" then back to "Normal Display". I did uses mutt but now that I can sync Evolution with my palm pilot (Address Book and Calendar, still waiting to have Memo Pad support) I might not go back...

Re:Hey Ximian!

[Azog]

Yes, it would be AWESOME if Evolution just had a checkbox in the mail preferences dialog where you could turn on SpamAssassin or other filtering programs.

However, I have SpamAssassin working with Evolution now. It was kind of a hassle to set up but it works... here's the overview:

- get and install SpamAssassin, test that it works by piping a good email and a spam email through it
- check that my fetchmail works, write a .fetchmailrc file
- check that my procmail works, write a .procmailrc file
- disable the regular pop mailboxes in Evolution
- add a new "local delivery" mailbox to Evolution
- wrote a tiny script I called "getmail" that does "fetchmail -m procmail" and make sure that it gets my email from the POP3 server correctly
- added the getmail to my crontab to run every 5 minutes
- added a filter rule to Evolution: if specific header X-Spam-Flag = YES, drop the email in my Spam folder

and that was it. :-/ No more spam! But you can see why having this integrated into Evolution would be nice.

- - - - my .fetchmailrc - - - -
poll mail.arnor.net
user "slashmail" password "secret" is user "thoffman" here
- - - - my .procmailrc - - - -
:0fw
| spamassassin -P
- - - - my "~/bin/getmail" script
#!/bin/bash
/usr/bin/fetchmail -m /usr/bin/procmail >> ~/log/fetchmail
- - - - - my crontab - - - - -
*/5 * * * * /home/thoffman/bin/getmail
- - - - -

Re:Hey Ximian!

[metallidrone]

Here's a tweak that avoids the crontab step. Fetchmail has the built-in ability to run in the background and to check your mail automatically every N seconds (fetchmail -dN, where N is the number of seconds to wait between fetches--I use -d600 for 10 minutes). Just add the following line to ~/.forward

|/usr/bin/procmail

Make sure to check your mail server's docs to verify that is how it likes piping in .forward (I use exim). Then just run fetchmail -d600 from your ~/.bash_profile or so forth (there is a way to run fetchmail as a system service, but it's got some gotchas and isn't as easy).

masses = outlook

[rainTown]

The company does face challenges. It is charged with transforming a tool that's geared for a small Unix developer community into a product for the masses....

Cloudmark's solution requires a free plug-in that plays a minor role in the background of Microsoft's Outlook, the only e-mail client that the product is currently available for.

hmmm having to choose between the lesser of two evils : spam or viruses, i dunno...

my one wish

anything to stop the half dozon "easy your celulite today!" and goatse.cx messages.

I'm skinny and hetrosexual, damnit.

Way to make an incorrect correction!

[lokki]

Try Vernon Vinge.

Excellent author, btw.

Nilsimsa's popularity will be its own demise

[intuition]

Vipul's razor uses something they call "Nilsimsa" fuzzy signatures.

The signatures are used to determine how "close" the email that your are testing is in content to known spam. The source code of this hashing algorithm is publically available.

If this network ever became a real problem for spammers, they will simply use word substitution algorithms or any other number of simple methods to change the email until the nilsimsa's signatures are not close enough to flag the email as spam.

This was the problem with Vipul's razor version 1.0, which was discussed on slashdot, and this remains the problem in Vipul's razor 2.0

Re:Nilsimsa's popularity will be its own demise

[Matts]

Disclaimer: I'm one of the SpamAssassin developers.

I'm not really sure how Razor2 is managing to use Nilsimsa (and despite Vipul saying that Razor is open source, we don't get to see the server, so I can't find out easily).

When I did testing of Nilsimsa for SpamAssassin it turned out that in order to be able to use Nilsimsa you have to use a special comparison function over every single nilsimsa hash in your database. This basically became unusable at about 50K signatures, as when you received an email, you first had to hash it with Nilsimsa, but then you had to use nilsimsa_compare (or whatever the function was called) on each and every one of those 50K entries.

I'd really like to hear how they're doing it. Perhaps Vipul found some way of indexing the search so it wasn't a full scan. If anyone follows the Razor lists and knows how it works, please share.

Re:Nilsimsa's popularity will be its own demise

[Huge+Pi+Removal]

You're one of the SpamAssassin developers? Then let me say a great big THANK YOU!

I installed spamd about 3 weeks ago (calling spamc from procmail), with my users opting in to have their spam filtered. Works like a dream. They're all very impressed.

:)

Re:Nilsimsa's popularity will be its own demise

[Paul+Wright]

There are faster search algorithms than the obvious linear search. The creator of nilsimsa suggested one, and I implemented it to see how fast it was. I found it would be workable for a DCC-like system holding on to 2 million digest codes at a time, handling about 3 million messages a day. The server would need about half a gig of physical memory to retain the entire database in memory. Since a Razor system only holds spam digests rather than the digests of all mail, I imagine it'd be OK for that, too.

I BSD-ified my example code so if anyone wants to use it, feel free.

spelling correction

[Alien54]

argg need coffee

flow in the dark = glow in the dark

heard them up = herd them up

[set head band mode = 1]

fucking worthless

[Lord+Omlette]

Yahoo and CNet, I mean.

Cloudmark
Brightmail

It doesn't work with Outlook Express 6 so I'm in no position to test it :(

Yeah, I remember that discussion

But the key here, again, is cost to the spammer. If something like Razor becomes wide spread, spammers will now need to send each message individually, which requires more time and bandwidth. That may not shutdown the professional spammers, but it might make people doing simple bulk spamming from the ISP of the week think twice.

I'm all for anything that makes spammers pay.

-j

Re:Yeah, I remember that discussion

[intuition]

So you say it won't shut down the "professional" spammer. As that is implied in my original arguement, I agree.

However, I contend further, it wont stop the "amateur" spammers either. All of the amateurs use some spam application that they probably have little idea of how it works, they just know that it does. Spam applications will be upgraded to defeat vipul's razor if it ever becomes popular. I will agree that it does add some extra computing cycles, but I think with a random word subsitution algorithm that relies on probability that the email won't be flagged as spam on the basis of existing signatures could be trivially implemented in linear time.

So to conclude if vipul's razor becomes popular, amateur spam application will contain simple algorithms to defeat it in close to linear time. Vipul's popularity will be its own undoing.

Re:Yeah, I remember that discussion

[ahrenritter]

I don't believe that computing cycles are the contention point here. The difference is in who is paying for the bandwidth. Consider these two hypothetical cases:

A. Not worrying about razor
The spammer loads up their spam program and gives it a dump file of five hundred thousand email addresses. It takes these, and using its knowledge of spam friendly networks, sends one copy of the spam to 500 different relay servers. Each server receives an identical e-mail with 1000 different bccs. The e-mail body is only 20k, adding the 1000 addresses gives you another 20k or so, so the spammer spends 20 megs in bandwith (20k+20k * 500 mails sent)

B. Worrying about razor
The spammer loads up their spam program and gives it a dump file of five hundred thousand email addresses. It takes these, and the message to be spammed, and sends a slightly modified message to each group of we'll say 10 addresses. This way, if one of the messages gets razor'ed, they only lose 9 possible reads. The spamware sends out 100 emails to each of the 500 spam friendly servers. The e-mail body is only 20k, and the 10 addresses only add 1k or less, so the total message is only 21k now, but it is sent out 100*500 times. The spammer has spent over 1 gig in bandwith now.

That doesn't come cheap.

Re:Yeah, I remember that discussion

[pjrc]

...and sends a slightly modified message to each group of we'll say 10 addresses

You'd have to make substantial changes to defeat Nilsimsa (which I'm not sure if Razor is really using yet, but it is planned).

I doubt a tool could be crafted to automatically alter a text message sufficiently to avoid Nilsimsa without also distorting the message so badly that it'd be worthless (it'd have to be automated to be effective). Even knowing where Nilsimsa will decide where the clusters are within the data, you'd need to be able to make a good number of those clusters change, and change in a different combination that ever done previously.

It'd take quite a linguist to craft code to substitute words, phrases, etc and still achieve the same overall message with each one significantly different. Then again, maybe Scott Pakin could do it?

Re:Yeah, I remember that discussion

[Saeger]

Uh, 1 gig of bandwidth is STILL pretty damn cheap. In bulk, that would cost less than ONE DOLLAR per GB, and paying only $1 per 500,000 victims would still payoff.

--

Re:Yeah, I remember that discussion

[ahrenritter]

Yes, but smaller spamhausen typically sign up for dialups to abuse, they couldn't do that with this kind of bandwidth.

Re:MODERATORS ON CRACK

Enlarge Your Boss"
by Anna Lee Hastings, New York, N.Y.

Enlarge Your Boss

Thousands of people all over the world are using
your penis
to make a few hundred extra dollars monthly,
everyone knows that.
So now is the time to refinance
your penis
You can save up to 75 percent on
your penis
It's a fact. Simply by using
your penis
You can make over $5,000 per month in as little as 6 months!
The truth is, if you're not using
your penis
To generate income, you're leaving income on the table.
Here's what the experts have to say about
your penis
"A gold mine."
"An incredible lead generation tool."
"Blows away traditional mailing."
It's
your penis
What are you waiting for?
100% Satisfaction Guaranteed or
your penis
Back!!

But wait there's more!
What do you REALLY KNOW about
your penis
Did you know you can search for
your penis
Right on the Internet?
WE CHECK
your penis
OUT FOR YOU!!!
Amazing stealth
penis
Can track anyone!

If you do not wish to receive future mailings, please click
your penis
We will promptly remove
your penis
from our database.

Copyright © 1999-2002, SatireWire

Spamassassin over Spambouncer

[waldoj]

I've run both Spamassassin and Spambouncer. For the curious, I prefer Spamassassin, and here's why.

I was very impressed with Spambouncer. It was the first spam-heuristic system that I'd used (previously, I'd relied solely on MAPS, ORBS, ORDB, RBL, etc.), and I was very impressed. I found that it rejected a lot of legitimate mail until I grepped my "Sent Items" folder, extracted every "To" field and made that my white list. (The assumption being that if I've e-mailed somebody, I don't mind hearing from them.) That worked very well, and I was happy with Spamassassin. The odd piece of spam would get through, and I still had 1:100 legitimate messages get put in my spam folder. But it made my life much simpler.

Then I tried Spamassassin. The big reason was because I wanted to take part in Razor and know that I was a part of a collaborative process. Also, Spambouncer hadn't been updated in months, which struck me as odd. But I also just wanted to try something different. I found that Spamassassin was better. Not in a way that made Spambouncer look bad, it was just clear that Spamassassin was a superior product. For example, Spamassassin provides a complete scoring in the headers, so you know exactly what criteria caused the message to be block. And I never had to set up a whitelist -- it just works. I still get that tiny little bit of spam that gets through, no more or less than with Spambouncer, but that's really not a complaint. It's very, very rare that a legitimate piece of mail gets caught up in the system. Best of all, the nonexistent addresses on my system that spammers have somehow discovered (big@waldo.net, aldo@waldo.net) can be forwarded via my aliases table to Spamassassin's (Or is it Razor's? I forget.) server to be automatically added to their honeypot collection.

I'll stick with Spamassassin, I think. It appears to be the most mature, stable, simple, straightforward spam filtering product available today. For those looking to set up server-side spam filtering, I highly recommend it.

-Waldo Jaquith

Re:Spamassassin over Spambouncer

For the curious, I prefer Spamassassin

What about for the apathetic?

Re:Spamassassin over Spambouncer

[rw2]

I'm a big fan also, in fact I introduced Taco to it. Folks interested in what the heuristics produce in terms of distribution of SA scores can view a graph of my logs. The three lines are the commonly used thresholds for deciding whether a mail is spam or not. Most folks run at 5, but some that are more paranoid about false positives run at 7 or 10. Myself, I find false positives to be practically non-existent and run happily at five. The missing data is just because I didn't keep statistics on non-spam mails until I had been running for a couple weeks.

Now for a commercial. Craig Hughes has formed a company to bring spamassassin to outlook users . And I'm setting up a hotmail like service at spamassassin.net to help users that don't have the time or ability to setup spamassassin themselves.

Re:Spamassassin over Spambouncer

[mjh]

I found that it rejected a lot of legitimate mail until I grepped my "Sent Items" folder, extracted every "To" field and made that my white list. (The assumption being that if I've e-mailed somebody, I don't mind hearing from them.)

I use TMDA to handle people sending me return mail. TMDA lets me create return addresses that will work for a certain amount of time. During that time, when email is sent to that address it will go through. After that time, I can do lots of things. I can bounce the email, silently drop it, or request confirmation. Confirmation is the process that takes place whenever someone unknown to me send me an email. Once confirmed, that person becomes known and will not need to go through confirmation again.

TMDA is like a firewall for my mailbox. If I send an email, replies will automatically work. Otherwise, you are required to authenticate yourself before you get in. I use it in conjunction with spamassassin. I like spamassassin. It works great, but it's not 100%. TMDA, so far, has been 100% effective at blocking spam, while letting legit email through.

And TMDA is a server based system. So it's possible to set it up to work with any email client that send email through the server. So it'll work for your unix clients or your windows clients...

Check it out.

Re:Spamassassin over Spambouncer

[waldoj]

What about for the apathetic?

For them, I prefer a poke in the eye with a sharp stick.

-Waldo Jaquith

Re:Spamassassin over Spambouncer

[CvD]

I run spamassassin too, and it's very cool. Very pleased with it. I have my threshold at 7 'cause some webmail mailers send a lot of crap in HTML and add some ads at the bottom ('click here for MSN's photo service' or some such bull) which SpamAssassin gives high score. Anyways, I guess I could go through the trouble of setting up a whitelist or changing the scores that it assignes to certain heuristics.

Another gripe I have is that it's still (comparitively) annoying to install. It uses several "non-standard" Perl modules (as in, they weren't installed on my default distro installation). Getting dependencies right for the modules can be a pain in the neck. Of course, then I discovered perl -MCPAN which does a lot of it for you. :-)

I was also wondering if there's anyone who's installed this on a big mailserver, which handles mail, for say 8000 email addresses each getting a couple mails per day. I can imagine the overhead would get significantly large for the machine not be able to handle it (well, I guess you could throw more GHz at it...). Anyone?

Cheers,

Costyn.

Re:Way to make an incorrect correction! ^2

[SpacePunk]

"Vernor Vinge"

If in doubt go to http://www.amazon.com/exec/obidos/ASIN/0812515285/ 102-0508855-7921755

What I find strange

[Brother_Chubba]

What I find strange is the Spammers insistence on my interest in furry animal rape sex..

I mean I've never been to any sites promoting furry animal rape.

Why do they think I like raping furry animals?

Re:What I find strange

[grytpype]

Probably for the same reason they think you

• are heavily in debt
• have a miniscule penis
• are impotent
• have no job
• have no college diploma
• have no insurance
• need prepaid legal representation
• need to investigate/track down various people in your life

• In short, the spammers are advertising... to themselves!

Re:What I find strange

[CoolVibe]

And don't forget the shortage of printer toners... Even if you don't even own a laser printer of copier...

Re:What I find strange

[sharkey]

Don't forget his wish to increase his breast size, as well as interests in Russian women and naked black men.

ISP

[waldoj]

I had exactly the same idea for how to do this (with distributed signature databases) in '93 when I started a well known ISP.

http://www.broadbandweek.com/news/020318/020319_bi z_pangrac.htm

-Waldo Jaquith

Not English, Slashdotlish

[twoflower]

"throw my props "?

I wish I knew what these people were talking about sometimes.

Client-side spam filters

[WG55]

Are client-side spam filters a good idea any more? It seems to me
that if I have to reject spam at the client end, the damage has already
been done, in that I have already paid for the spam coming through
the network.

Lately I've started actively finding the source of the spam and
alerting the postmaster that their server has been cracked. Am I
wasting my time, or should I just be deleting the stuff without
worrying about it?

Re:Client-side spam filters

Use Spamcop. When my spam gets out of hand, I start reporting them and after a week or two, things calm down.

I also use a procmail based filter which I wrote by using good recipes gleaned from a multitude of other projects.

Re:Client-side spam filters

[Matts]

The bandwidth spam uses is a bit of a myth. At the ISP I work at I did some bandwidth tests, and while the testing showed that numerically, spam made up 20-30% of the email, bandwidth wise it only made up about 0.5%. Mostly it's due to people flinging around word documents and pictures and multimedia.

SpamAssassin problems.

[flamingcow]

1) PERL is wonderful for admin scripts, and not too great for systems that have to parse large chunks of mail. It's just not fast enough in an enterprise environment.

2) DCC doesn't recognize MIME parts or do fuzzy checksumming. The lack of both makes it trivial to make spam/viruses that get around it.

SpamAssassin wasn't an option for my ISP because of these issues, so I wrote MessageWall to do most of SpamAssassin's work with enterprise-level speed.

Re:SpamAssassin problems.

[Dossy]

Nice work on MessageWall -- I was thinking of building something like this just the other day.

As a potentially viable commercial product, I was also thinking of using the same "core design" you used for MessageWall (I came up with the same idea) to create a Win32-based POP/IMAP proxy, so that desktop users can take advantage of these features (in case their ISP doesn't).

Does anyone else see any interest in something like this?

-- Dossy

Re:SpamAssassin problems.

[Paul+Wright]

SpamPal

Only 700

[Launch]

"700 per person this year. "

are you kidding me... my hotmail acct gets over 100 a day... At least I know for every week I keep that e-mail address some lucky guys doesn't get spam for a whole year... But then again he isn't going to get his college degree from a non-acredited college or meet girls that just turned 18 and decided to put a webcam in their shower... and let's not forget the 1000s I'm gonna make when this african prince moves all his money into US banks.

Re:Only 700

[homer_ca]

That's an average for all users. I have 3 hotmail accounts. One of them had an easily guessed address. It started getting spam within days of starting the account and gets over 30 spams a day now. Another one I only gave out to friends and never got a spam. A third one I used to sign up for Yahoo groups, and it gets about 2-3 spams a day.

unsolicited [ commercial | bulk | junk ] email

[Martin+Spamer]

This is unsolicited bulk/commercial/junk email, it is not Spam and these are not Spamer's, Spamer is a proper surname, my surname.

Now experience has told some will not believe this and think it's a troll so 1) check my posting history, I don't troll and 2) here is my entry in the UK online phone directory.

http://ukphonebook.lycos.co.uk/servlet/Search?sk in =lycos&type=residential&pagesize=10&name=Spamer&lo cation=Hull&initial1=&initial2=

Yes, my name really is Martin SPAMER;
Yes, it really p!$$ me off when people abuse my name;
Yes, it does cause me no end of grief;
Yes, I've heard all the wise cracks before;
No, I don't find them funny.
No, I refuse to be bullied into using an alias, how would you feel if I equated your name with thieving scumbags.

So if you wish to get on my bright side, do not use the term Spam or its derivatives use the term(s) unsolicited [ commercial | bulk | junk ] email.

thank you.

Martin Spamer

Re:unsolicited [ commercial | bulk | junk ] email

[meringuoid]

I think you'll be fighting a losing battle. Spam is no longer just meat... But the generally accepted term for 'one who spams' is 'spammer', with two 'm's. So, go forth and spelling-flame!

Incidentally, Hormel, the company that actually makes SPAM tinned meat, gets picky about this too. They have no problem with 'spam' being used to mean 'junk email' but prefer it to be lower-case. Their trademark is SPAM. So you haven't been sent SPAM, you've been sent spam...

Re:unsolicited [ commercial | bulk | junk ] email

I find it strange that for someone who doesn't want people to use the word SPAM is actually using an email blabla@nospam.example.com

Re:unsolicited [ commercial | bulk | junk ] email

[thesolo]

This is unsolicited bulk/commercial/junk email, it is not Spam and these are not Spamer's, Spamer is a proper surname, my surname.

You're right, they're not spamers. A person who sends out "spam" mail is a "spammer", not a "spamer".

Do people really think your last name has anything to do with UCE?

Re:unsolicited [ commercial | bulk | junk ] email

[ahrenritter]

I could see your being upset if your last name was spammer, with a small s and a second m, but it isn't. Even Hormel doesn't mind the term spam as long as one doesn't use pictures of their product, and uses a lower case s. And I've always considered them to be too uptight about it. You've certainly put them in their proper place in my book now.

::Shrug::

Re:unsolicited [ commercial | bulk | junk ] email

[pwagland]

by Martin Spamer (Martin_Spamer@NoSpAM.kitv.co.uk)...

So if you wish to get on my bright side, do not use the term Spam or its derivatives use the term(s) unsolicited [ commercial | bulk | junk ] email.

Look at the e-mail address and tell me I am not the only person to find this ironic.

Please?

:-)

Re:unsolicited [ commercial | bulk | junk ] email

[marnerd]

I take great expecption to this! "Spammer" is the appropriate term for these people, and nothing else is acceptable!

Signed,

Lawrence Unsolicited-JunkEmail, Jr.

Re:unsolicited [ commercial | bulk | junk ] email

[mixbsd]

I see the irony, but it's also amusing to see how the address isn't even properly munged. Simply inserting "nospam.", "no-spam.", etc, after the @ and immediately before the domain name isn't going to be very effective, as the ISP's mail server is still going to be contacted with direct to MX spam. In some instances, the mail will still get through.

(Don't know if the user did the munging, or whether slashdot's munging machine is slack).

Re:unsolicited [ commercial | bulk | junk ] email

[rutledjw]

Oh please, get over it. My name is John. Do you have any idea the BS I listened to as a kid?

Thinken that skin up!

Re:unsolicited [ commercial | bulk | junk ] email

[BlowCat]

Be happy you are not Dick

Re:unsolicited [ commercial | bulk | junk ] email

[Martin+Spamer]

Look at the e-mail address and tell me I am not the only person to find this ironic.

Slashdot address munging is responsible. Though I can appeciate the irony.

Re:unsolicited [ commercial | bulk | junk ] email

[fgb]

So what's wrong with the name Martin? ;)

Razor for the Masses

[peterdaly]

"Razor for the Masses"

I was thinking one of the silly metal scooters...

-Pete

Have Your Cake and Eat It Too

[pjrc]

I've been using Razor with Spamassassin for many months. All you need to do it install the razor package (and the various perl modules it wants), and then add a line like this in your .spamassassin/user_prefs file:

score RAZOR_CHECK 5.0

I've also got the other "network tests" enables (blacklists), but I assign them low scores since they have a lot of false positives.

Using spamassassin with razor and the blacklists really works. My spam file has 836 spams automatically filtered between March 1 to today, June 19. Of those 836 messages, 511 have the RAZOR_CHECK string in the "X-Spam-Status" line that spamassassin adds to the header.

Not too bad, considering Razor uses a rigid message digest that fails if the spammer adds any "random" content to the messages. Saddly, it seems like that's becoming more common. Rumor has it that Razor is someday going to use "fuzzy" matches with one of two algorithms that somehow accomplish such a feat. Anyone know when/if this is supposed to happen??

Re:Have Your Cake and Eat It Too

[Eythian]

Rumor has it that Razor is someday going to use "fuzzy" matches with one of two algorithms that somehow accomplish such a feat. Anyone know when/if this is supposed to happen??

It does now. Download the latest.

I absolutely agree this will be defeated quickly

by bulk mail applications.

But it still requires you to actually send out each email individually. You can't just connect to a server and upload the spam and then a long list of people who are about to get screwed over.

That's going to require more time and bandwidth and I'd think increase the chances that "amateur" spammers that don't know what they're doing will get shutdown for more obvious system abuse.

But then, with so many open relays out there... It might just be moot. Only time will tell.

-j

Perhaps

What's the first thing you think of when someone says "bulk" to you? How about "commercial" or "junk"? (Not to mention "junk"s usage in common speech, like, Bro, gimmie my junk.)

Spam is the only term where it's understood that it was intended to be succeeded by email.

Sorry guy, but it's just easier and more elegant to say "spam" than "unsolicited email" or "junk email".

What can I say? I get spam, and it sucks.

-j

Problems with these types of spam tools

[The+Turd+Report]

They are not going work well. Some spam has to be transmitted and delivered before it can be added to the system. Once the spam is recieved at the mail server, the spammer considers it delivered; he will still get paid.

Add blocking at an IP level on the mail server or router for better results.

Re:Problems with these types of spam tools

[gilgongo]

> the spammer considers it delivered; he will still get paid.

In the short term, yes. In the long term, the spammer's paymasters see spam isn't getting the response it was before and will stop. We hope.

Blocking at IP level has its problems too - like what if my IP range gets blocked becuase I have a user with an open relay on there?

Re:Problems with these types of spam tools

[The+Turd+Report]

like what if my IP range gets blocked becuase I have a user with an open relay on there?

I don't think any DNSbls would block your range just for an open relay, but they would list the IP that the open mail relay lives on.

Exactly

That was my point.

-j

Re:Bandwidth (People love their JunkMail!)

[Bloodwine]

We implemented Spamassassin at our ISP and people actually called up complaining that they were not receiving their junk mail (yes, they wanted it).

So we took down the system-wide implementation and now protect domains and users on a customer-by-customer basis (when they ask for it).

Makes me wonder if some sick individuals out there love getting telemarketing calls? Different strokes for different folks, I guess.

Treating the symptom not the problem

Agreed. While I commend the efforts of all of the services out there trying to stop UCE/Spam by filtering, that's like putting a Band-Aid on a sucking chest wound. The ONLY soultion is world-wide legal recourse against the senders. Then (perhaps) we could tolerate the one-shots that slip through.

Now, figure out just where Spam fits on the global docket... but wait! Maybe if everyone HAD bigger penises we wouldn't be fighting over silly things like human rights and the environment. Maybe SPam IS the answer.

Re:Treating the symptom not the problem

To fight them via legal means would require being able to find them. Not many SPAMmers put their real return address in their email.

Razor stopping real mail?

[joostje]

I always wondered, what if someone start sending real emails to razor? Say, the boss sends email tomorrow prepare for xyz", and I don't want thers to receive the email? I just quickly bounce it to razor, and (part of) my coworkers who use razor ll now not see the announcement.

Can Razor really avoid this? (I'll submit the email using different accounts if razor asks for more than one submission; I'll setup the accounts to bounce all spamassassin-filtered email to razor too, so that Razor thinks the accounts are serious spam-cops).

Or am I missing something?

Re:Razor stopping real mail?

[Paul+Wright]

The web page says there's some sort of trust system built into it. Vipul said on the Razor list a while back that they were going closed source on the server side code to prevent people from working out how to defeat the trust system. The web page goes on about how you score for reporting real spam, but does not go into detail about how the system decides what is real spam.

It would be interesting to see how the system coped with:

• Multiple IPs all reporting popular mailing lists as spam (open proxies would be good for this, the spammers already know where to find them).
• Someone getting very trusted and then reporting popular mailing lists as spam. It's easy to get trusted: just post to one of those MLM webboards and report everything you get on your posting address as spam. How long will it take your reputation to decay when you mess up?
• Some mailing lists are badly run. They don't confirm requests to join the list. So some people will be getting spam from these lists. But some people will be getting mail they requested.

I'm sceptical that the trust system could resist a determined assault.

Re:Razor stopping real mail?

[nairnr]

If you are using SpamAssassin, your minimum threshold could be above what a postive razor check would contribute. This may sound stupid, but spam tends to look like spam. On a lot of the spam I get the scores do not tend to be right near my cut off, but can be substantially higher. So even if your a real email is sent by accident or on purpose to razor, it may still not be enough to trigger spamassassin by itself.

I don't auto send to razor, I sen to a seperate folder, quickly scan them for any false hits, then I will batch it up to send to razor. That prevents me from that problem, and it doesn't add on that much time to my email processing.

Re:Razor stopping real mail?

[Your+Pal+Dave]

Well, in my razor-caught inbox I have 15 legitimate posts from the debian-user mailing list, and one spam from my new pal COL.ABRAHAM MAKOKO of the Congo with a sure-fire business proposition. This isn't very reassuring.

perphaps rewrite SMTP

anyone thought of rewriting the email protocal to add features that prevent forging signitures or spoofing of the senders address

Here's how they find you

[freeweed]

Best of all, the nonexistent addresses on my system that spammers have somehow discovered (big@waldo.net, aldo@waldo.net)

They just scan /. Bam! Discovered! :)

It hasn't happened yet

[Paul+Wright]

I make the same point to Vernon Schryver, who wrote the DCC, which is also based on distributing message digests. His reply was that the DCC has been around for ages and not one spammer has had the brains to do this (and that people who believe that what they are doing is not spam will not do it, since it is a tacit admission that they're attempting to evade filters). Maybe the DCC just isn't popular enough either.

I've seen mention of systems which use "ephemeral signatures", that is, they change which part of the message they use for the signature from time to time. This makes it hard to write spamware which defeats the system. That would be an option if mutating the message became popular.

Re:It hasn't happened yet

[homer_ca]

One thing I've seen spammers do to evade filters is munge the HTML source by randomizing line breaks or inserting nonsense tags like [!asdf] . They especially like to use line breaks to break up common spam phrases like "save 70% on your life insurance!". It renders all on one line, but it's split across lines in the source so dumb filters will miss it. Not sure if DCC or Razor account for this by ignoring nonsense HTML tags or ignoring line breaks in HTML mail.

Re:It hasn't happened yet

[Paul+Wright]

I've seen that too. I think they're doing this to break up the phrases SpamAssasin uses, rather than as a hashbuster. It'd be easy to strip out HTML before doing the comparison, although I'm not aware of any system which does that at present.

Re:It hasn't happened yet

[Isofarro]

Run the HTML source through something like Lynx - which will parse out just pure text - then spam-parse that. HTML is just text with funny markers in it (tags). Eliminate the tags - and ignorable white space.

for windows users

[Datasage]

A few weeks ago I found a program for pop3 mailboxes that scans all incomming mail and against open relay lists. it also has options that allow you to whitelist an email address that got black listed. For the most part its been fairly accurate. For more information go here

Re:Bandwidth (People love their JunkMail!)

Spam is like comfort noise on a cell phone. It tells you that the system is working...

BTW, instead of blocking Spam, you should return it all to the senders. You can still let copies through to the few people who ask for it as well. At least that way, you waste the spammer's bandwidth and disk resources too.

Re:Bandwidth (People love their JunkMail!)

[homer_ca]

Depends on what you consider spam. When I tested Spamassassin, it caught a lot of subriber newsletters from places like Cnet and ZDnet. They're legitimate mail but they have many characteristics of spam like HTML-only, web bugs, advertising, unsubscribe instructions, etc.

Re:Free speech is meaningless

[schon]

Now we're reading about people impeding commercial entities' right to advertise.

Uhh, Seth, if it really is you, I just lost all respect for you. Spam is NOT about censorship, or advertising - spam is harrassment.

What about MY right to be free from harrassment?

Are restraining orders issued by judges "censorship"? No, they're protecting victims from unwanted contact. This is no different, except for the fact that the victims in this case don't need a judge

The simple fact that someone employs a spam filter means, by definition, that they don't want to be harrassed.

Of course, if you disagree with me, please post your phone number here, so that I can set my computer to autodial you every 15 minutes with my "special offers."

Can I do this with spamassassin?

[vondo]

I'm currently using spamassasin with procmail to filter spam, which is nice, but it has introduced another failure point.

Basically, I forward all my e-mail from an e-mail gateway to my own box, run spamassassin, and then forward it off to my IMAP server (the gateway and IMAP server are out of my control).

What I would like is to run a cron job, look at what's already in my IMAP inbox, examine the new messages, and put them in an appropriate folder if they are flagged. I also have co-workers who's gateway and IMAP server are the same, so they are SOL at the moment. A solution like this would work great for them.

Now since there are Perl front ends to both IMAP and Spamassassin, what I want to do shouldn't be that hard to write, but has someone else already written it?

Cloudmark Injured my Outlook 2000

[Deton8]

Excitedly I just tried Cloudmark on Outlook 2000. Just as soon as I click on an imcoming email, somehow the mail is deleted and it doesn't even go to the deleted folder. I just lost some incoming mail! Anyone else find this bug?

Re:Cloudmark Injured my Outlook 2000

By default, incoming Spam goes to a Spam folder. You can change this behaviour in Outlook -> Tools -> Options -> SpamNet
One of the options is to move the Spam the the Deleted Items folder.

Re:What a hypocrite

[symbolic]

The guy who co-founded Napster, software whose focus it was to allow the unlawful distribution of copyrighted material, is now trying to fight something else that's every bit as troublesome.

Re:Way to make an incorrect correction! ^2

[lokki]

I know, I know...

::hangs head in shame::

Spamassassin/Razor for Windows/OutlookExpress?

[jimmcq]

Is there a Spamassassin/Razor type product that works with OutlookExpress for Windows?

Unforunately Cloudmark's Spamnet only works with Outlook, not OutlookExpress.

Re:Spamassassin/Razor for Windows/OutlookExpress?

[astroblue]

I just got a reply to this question from the folks at deersoft.com saying "The initial release will be for Outlook, but Outlook Express will follow soon behind, and then possibly Eudora and Netscape/Mozilla."

Tool for spammers?

[KrunZ]

Can spammers use the tool to check if email accounts are active? E.g. by sending individual and different spam-mails to some email-accounts and after some time check which mails Razor put as spam.

Hash Cash

Why don't we just implement hash cash methods? Increase the bit length every couple of years by one and we're safe. Do a search on google for more information.

Basically it's such that the problem you're given (which you must solve) is so large that you spend some amount of physical time per mail in solving that. So, if you intend to send 1 billions spams, you'll be ready at about year 135000 or something.

Re:Hash Cash

[Dwonis]

What about D. J. Bernstein's "Internet Mail 2000" idea? As far as I can tell, it's a system where the recipient has to actively fetch mail from other hosts, so you could just choose to not fetch mail from spammers.

Spamcop uses the 'collaborative method' too.

[Chmarr]

I use Spamcop to filter my incomming mail at the MTA level, and I've been exceedingly happy with it. Apart from one or two that 'slip through', the only spam I receive nowdays comes through MTAs I have no control over.

Quick brief on how it works. There are two portions:

- Reporting tool, that allows you to forward spam to SpamCop for analysis. This will pick apart the headers and body, find out where the spam originated from (even if it's gone through legitimate relays and aliasing systems, such as mailing lists), and will send complaints to the relevant owners of the IP block owners, MTAs and web sites. It does a VERY good job of figuring out who's responsible.

- Blocking tool that uses a RBL-style blocking list, which lists IP addresses of spam originators. If enough spam gets reported within 24 hours, the IP sending the spam gets added to the list. You can use this to block addresses where spam has originated from so you dont even receive the spam. People get their IP addresses unblocked only if spam stops being sent from that IP.

The system is very good. It relies on you and others reporting spam to SpamCop in a very workable collaberative effort.

http://spamcop.net/

LART THE ISPs!

[wowbagger]

The single best thing all of us who know how to run traceroute and whois can do is LART THE ISPS THAT HOST SPAMMERS!

I've been forwarding every spam I get that come from a Verio hosted site, or spamvertises a site hosted on Verio to Verio and their parent company, NTT. I'm using bitch-list.net to do so, since they have a bazillion email addresses for Verio. I make sure the email has the spam attached, and since Verio has claimed the cannot read attachments (***cough***BULLSHIT****cough***) I also paste the mail headers into the message, along with a WHOIS and traceroute showing it to be a Verio customer. When they complain, I tell them "MY message isn't spam - your customer contacted me, so a prior business relationship exists. You want it stopped, stop the spammer."

I won't say it is working, but if 10% of everybody who got these spams did as I do, then Verio's help desks would be so clogged that they couldn't HELP but see the damage on the bottom line.

Re:LART THE ISPs!

" I won't say it is working, but if 10% of everybody who got these spams did as I do, then Verio's help desks would be so clogged that they couldn't HELP but see the damage on the bottom line. "

Except at the same time costing small ISPs time and money being lost to dealing with your (after the first time) now abusive complaints, that they can no longer afford (time or money) to fix the problem at hand.
In addition, you cost them extra money with this work, and so what does the business do? Whatever it takes to Make money.

Just remember that for every abusive (and lets be honest here that after informing them of a spammer, sending the spam back to them repeatidly to multiple email addresses has NO useful function other than to abuse the ISP) they will PURPOSLY HOST SPAMMERS because they make up the cost difference you are costing them.

When the 'spam fighters' are at the same level of asshole as the spammers, there is no difference anymore, so your causing them to choose the route that is the same amount of hassle but makes them money.

Please stop doing this, as i want spam to stop as well.

Re:LART THE ISPs!

[smnolde]

This is exactly what I do... plus use spamassassin, four RBLs, and block on sending domain *just* before RCPT, I can block a whole lotta crap.

Examples:
2002-06-17 00:05:50 recipients refused from H=f195.law12.hotmail.com (hotmail.com) [64.4.19.195]
2002-06-18 07:18:21 17KH08-0006Zo-00 mx02.hotmail.com [64.4.55.135]: Connection refused

A combined use of measures *really* does work to reduce my spam intake.

Re:Bandwidth (People love their JunkMail!)

[Peyna]

That's why Spamassassin is highly customizable. Using the default ruleset it will catch things like that, but you can easily change how it works.

Alternative to SpamAssassin that Uses Razor

[al3x]

Check out Blackhole by the Groovy Organization, which integrates really well with Qmail but will work with just about any MTA. I found SpamAssassin's documentation to be mediocre at best, and had a helluva time getting it operable. Blackhole worked right off the bat for my Qmail/Courier IMAP/OpenBSD 3.0 setup, and can use Razor amongst other filtering methods. The software is constantly updated, and the developer plesant and responsive. Give it a try!

Re:Plural ( spiraling OFFTOPIC )

[++good-duckspeak]

Regarding your sig:

-- Worst Episode Ever, AOTC is.

Are your sure? I've become convinced that all episodes except ESB are pure garbage that I only enjoyed the first time because I was so young.

So it is the worst episode... excepting the others.

Pyzor for an open source *server*.

[Moderation+abuser]

Pyzor works in a very similar way to Razor, but the client and server are open sourced. The Razor *server* is not open sourced.

http://pyzor.sourceforge.net/

Oh, BTW, Spamassasin *uses* Razor.

It's two nouns in one!

[fm6]

Sorry Martin, but two things can have the same name. It's not like you can trademark nouns!

Troll Alert! - #582901 is a troll imposter

The above account is a fraud

The real Seth Finkelstein has slashdot uid #90154

The name is also a subtle misspelling

My name is Seth Finkelstein, the troll is using the name Seth Finklestein

I did not post the above message in this thread. I have enough troubles without troll imposters.

Though this message is posted anonymously, I will attest to it and verify it if needed. Other message posted by similar-looking accounts, or not attested, are frauds. - Seth Finkelstein, uid#90154

Re:Troll Alert! - #582901 is a troll imposter

[Seth+Finklestein]

Honestly, Michael Sims posting anonymously, this antagonism has simply gone too far. If you want trouble, then get an account and take it to Trolltalk. Otherwise, stop harassing me.

Spam filtering +Virus scanning = MailScanner

[M1m3R]

I've got MailScanner...
http://www.sng.ecs.soton.ac.uk/mai lscanner/
...run ning on my personal server. It's a "wrapper" for SpamAssassin and a number of server-side virus scanners. Pretty cool tool.

Troll Alert! - #582901 is a troll account

NO, it's not me. It's a troll impostor using an account with a look-alike name.

The real Seth Finkelstein has slashdot uid #90154

The name is also a subtle misspelling

My name is Seth Finkelstein, the troll is using the name Seth Finklestein

Though this message is posted anonymously, I will attest to it and verify it if needed. Other message posted by similar-looking accounts, or not attested, are frauds. - Seth Finkelstein, uid#90154

Re:Troll Alert! - #582901 is a troll account

[Seth+Finklestein]

Listen, troll, just because I have controversial opinions doesn't mean I have to be ignored. I'd sooner use Windows than listen to the wild accusations of one Anonymous Coward.

If "Seth Finklestein" (a subtle misspelling of my name, Seth Finkelstein) really wants to make accusations, he should burn his own karma and post logged-in.

You missed the point

[Nf1nk]

This comes back to problem of paying for some one elses advertising. Before telcos started chageing per meg of download (some as high as $.20 per Mb) it was hard to put a cost on that 15k download (some spams lately are using html tags to pull in images that weigh in at 150kb or with a little math $.03) after recivieng 100+ 15k spams a day you are losing around $.03 assuming that there are no bloated images attached. Multiply that time 365 (spammers don't take days off) adn you wasted around $10.00 on advertising for some one else. And that is assuming that your time is worthless.

Whenever i here someone defending spam the only thing I can think of is that they must be spammer or they are teminaly clueless.

My ISP runs Spamassassin...

[Yottabyte84]

It lets through, on average, one per month.

Not leaving *nix behind.

[jordan]

SpamNet is the name of our Windows solution -- You can still use the system on *nix by downloading the Razor2 agents and SDK.

--jordan

I use ask

[kwerle]

Seems to work 100%. It sends mail back to any unknown sender to confirm that they really wanted to send me email. Of course spammers never confirm.

http://a-s-k.sf.net/

Naah...

[Dimensio]

I prefer flaying alive, pouring bleach over their exposed muscles and live immolation. That's for small-time spammers, I'll have to think of something really nasty for the hardcore ones.

Re:Bandwidth (People love their JunkMail!)

[CoolVibe]

you can also set up spamassassin to just tag spam with a rfc 822 header, so customers who care to find out how procmail works can filter it out.

That's what I did once. It didn't modify the mail's body, it just added a convenient X-Spam header.

Razor weights in SpamAssassin

[hedley]

I trust Razor implicitly these days and I upped my threshold for seen in razor to 7.0. My spam threshold is 5 so I never see razor listed email.

SpamAssassin is great! I tell all my friends about it.

Hedley

SpamAssassin integration into MS Exchange world?

[johnstewart]

I took a look at spamassassin a few months ago and also thought it looked like a great package.

However, it makes the assumption that the UNIX box it is running on is the final destination for the mail it tags.

My frustration is that I have postfix running on my Internet mail gateway, sending mail internally to our MS Exchange server. This is the Way of the Corporate World, and no amount of bitching and moaning will change it. It's nice to have postfix on the outside; I trust it. But Outlook/Exchange is the way I, my users, and most companies interface with email.

However, I've yet to find a good way to have spamassassin tag the mail on the way through the postfix server. Sounds relatively trivial, but nothing that was out there when I last looked was simple to configure or reliable.

This has *got* to be a common situation for many of us. Is there a Good Solution yet for those of us who'd love to use spamassassin but can't run it on the final mail server?

It is an Outlook-only product too

[Pac]

I checked it. No luck.

Details sketchy

If this is a peer to peer BLACKLIST system for known SPAMMERS, then this will win hands down. Everyone sends the spam to a central repository and then it uses that to filter spam, this would be good. Very good. Spammers would be blocked so fast their bulk emailers would spin!

Razor for Microsoft Outlook already exists

[oomcow]

This new startup isn't offering anything new. Just look at the SpamAssassin page. There's a link to Deersoft's Microsoft Outlook version of SpamAssassin, which already exists and uses Razor, so uses the same democratic spam blocking techniques.

http://www.deersoft.com/sp_pro.html

Re:Razor for Microsoft Outlook already exists

Deersoft's Outlook plugin is not free. SpamNet is. That's quite a big difference.

My $.02

[why-is-it]

Rather than a client side tool like SpamNet, I'd like to see something that sits along side mail servers.

Absolutely!

I think that we could dramatically reduce the amount of SPAM out there is we did the following:

All SMTP servers should do a reverse lookup on the IP address of any host that attempts to deliver mail to it, and require any host attempting to send mail to it to identify it's domain. If the domain the mail server provided does not match the domain the IP space is registered to, the mail server should refuse to accept the message and drop the connection.

Since most of the SPAM I receive comes from non-existant domains, I think that something like this could help.

Re:Free speech is meaningless

[Seth+Finklestein]

Spam is not harassment, because of schemes like Guaranteed Opt-In. When you sign up to one of my Guaranteed Opt-In mailing list, you're getting offers tailored to your needs. If you don't want to receive them, simply use the Auto Unsubscribe button located in the Flash movie which accompanies all of our Guaranteed Opt-In offers.

Re:SpamAssassin integration into MS Exchange world

[dhunley]

You can have sendmail cal MIMEDefang through its milter interface. MIMEDefang then will call SpamAssassin for you. I do this in linux-sxs.org and it works great. All inbound mail gets a X-Spam-Level header that the user can then filter on.

SMTP blocking

[Adnans]

I prefer to block SPAM at the door with Exim. This does mean that you will have to your own MX hosting which might be more trouble than it's worth for most folks. It also requires mail filtering since you typically detect a source of spam when one ore more messages get through. After 3 months of monitoring I have collected a number of hostmask (reverse-DNS challenged hosts are automatically blocked). This collection manages to block out about 98% of all SPAM messages.. during the SMTP handshake! The remaining 2% are new messages from (mostly open Windows NT) relays that do get blocked by the other filters. Some of the more notorious and persistent sources:

*.pacbell.net
*.mb0?.net
*.client.dsl.net
*.dsl.att.net
*.attbi.com

Today's addition: *.passionup.com :) Given, there are still a couple of messages that pass through all the filters, but the last such message I got was about 2 weeks ago. Not fullproof, but getting htere...

-adnans

I think this has already been done AND patented

[cjsnell]

I'm fairly certain that the core technologies that this service uses were patented in 1997 by Bright Light Solutions, who later became BrightMail.

Here's a snippet from their patent:

1. A system for controlling delivery of unsolicited electronic mail, comprising:

a communications network;

a plurality of user terminals coupled to said communications network, each of said plurality of user terminals having a unique e-mail address, wherein each of said plurality of user terminals comprises a filtering application for receiving incoming electronic mail messages addressed to said unique e-mail address of said user terminal and filtering said incoming electronic mail messages based upon stored filtering data; and

a control center, comprising

a distributor for generating a probe address and transmitting said probe address to at least one site on said communications network, wherein said probe address is different from each of said unique email addresses of each of said plurality of user terminals,

a processor for receiving electronic mail messages addressed to said probe address, and for extracting source data from said received electronic mail messages, and

a database update signal generator coupled to said processor for generating and transmitting a database update signal incorporating said extracted source data;

wherein each of said plurality of user terminals receives said database update signal from said control center, updates said stored filtering data in response to said database update signal, and filters electronic mail messages received by said user terminal in accordance with said updated filtering data.

2. A system according to claim 1, wherein said user terminals filter electronic mail messages sent from other of said user terminals in accordance with said updated filtering data.

3. A system according to claim 1, wherein said probe address is transmitted to sites on said communications network that provide address information for senders of unsolicited electronic mail messages.

4. A system for controlling delivery of unsolicited electronic mail, comprising:

a communications network;

a plurality of user terminals, wherein each of said plurality of user terminals has a unique e-mail address;

a server coupled to said communications network and each of said plurality of user terminals, wherein said server comprises a filtering application for receiving incoming electronic mail messages addressed to said unique e-mail address of each of said plurality of user terminals and filtering said incoming electronic mail messages based upon stored filtering data; and

a control center, comprising

a distributor for generating a probe address and transmitting said probe address to at least one site on said communications network, wherein said probe address is different from each of said unique email addresses of each of said plurality of user terminals,

a processor for receiving electronic mail messages addressed to said probe address, and for extracting source data from said received electronic mail messages, and

a database update signal generator coupled to said processor for generating and transmitting a database update signal incorporating said extracted source data;

wherein said server receives said database update signal from said control center, updates said stored filtering data in response to said database update signal, and filters electronic mail messages addressed to each of said plurality of user terminals in accordance with said updated filtering data.

5. A system according to claim 4, wherein said filtering application updates said filtering data in response to said database update signal by adding said extracted source data to said filtering data stored in said server.

6. A system according to claim 4, wherein said server also filters electronic mail messages sent from each of said plurality of user terminals.

7. A system according to claim 4, wherein said probe address is transmitted to sites on said communications network that provide address information for senders of unsolicited electronic mail messages.

Achilles heel

[pizza_milkshake]

In an interview, Prakash and company CEO Karl Jacob said Cloudmark's software solves the problem of identifying spam and quickly updating e-mail filters by harnessing the intelligence of the Web community at large.

Ad that is why it will never work.

Re:SpamAssassin integration into MS Exchange world

[johnstewart]

Well, I gave up on sendmail years ago. Postfix rocks in nearly every way I've found, up to now. Milter is the first feature sendmail had that postfix did not, that I needed.

However, the lack of spam tagging is worth it to me. I still sleep better at night without sendmail waiting to get rooted.

Avoiding Spam

[RAMMS+EIN]

One major factor in avoiding spam, IMO, is stay away from hotmail. Just opening an account with them gives you Wonderfull Offers You Never Need, All FREE!! within two weeks. No, really, we don't give away your email address to spammers, not without your permission.

Filtering messages at the MTA level...

[doorbot.com]

...while still connected in SMTP session?

At home I've been using a system of somewhat complex Sendmail filters and header checks which validate a message's headers before the message is officially accepted (according to the client). I use this to stop spam by effectively bouncing the message even after the entire body has been sent -- but the message bounces before the (evil) SMTP session is closed.

However, Sendmail's options for this are rather limited and at the moment I'm evaluating a Postfix/SpamAssassin/Razor setup to flag and filter spam. It seems to me that SpamAssassin can only filter messages which have been accepted by the MTA (same with Razor). To me, this is unacceptable.

What I'd like is the following:

Line by line checking of the SMTP session, specifically the DATA phase. If any line matches my ruleset (and thus is spam), immediately return an error code (553 you're an evil spammer) and then disconnect the client. I think Postfix allows for this but I'm not sure (Postfix says it will for a long pause prior to the error as well, which is nice).

SpamAssassin/Razor filtering after the DATA phase (after a "." on a line by itself) but prior to the return of the message accepted code. This would enable me to still "bounce" messages directly to the sending server, while not actually accepting the message.

Different rulesets (perhaps some global, some site specific) for different domains/addresses. Eg, I want firstsite.com to use a very restrictive check of the headers (both for proper format and against SpamAssassin), while secondsite.com only uses SpamAssassin and doesn't check for silly header mistakes.

Right now, Sendmail does a pretty good job for me, but I have a problem with valid messages getting rejected because the sender's MTA does stupid things, like use improperly formed Message-IDs or leaves them out entirely.

I thought so at first but I don't think it does.

[Colin+Smith]

I initially thought it might when I first heard of Razor, but I don't think it does.

Upon receipt of incoming mail addressed to the spam probe addresses, the spam control center automatically analyzes the received mail to identify the source of the message, extracts and processes the source data from the received message, and generates an alert signal containing the processed source data. The alert signal may also contain filtering instructions used to enable network servers and user terminals to automatically detect spam. This alert signal is broadcast to all network servers or all user terminals, or both, within the communications network.

Razor doesn't attempt to determine the source of a mail, it doesn't create an alert signal of any kind and doesn't broadcast a message to network servers or user terminals.

It doesn't infringe that patent.

As always, read the EULA carefully

[Krelnik]

I don't run my own mail server, and the idea of contributing to the signature base appeals to me, so I just downloaded this thing to try it out.

Check out this excerpt from the EULA:

Certain third-party modules may be bundled with the Software and may be provided to You subject to separate license terms, in which case they would not be covered under this Agreement. Any such separate license terms are provided in a text file accompanying each individual third-party module.

Sure sounds like a Spyware clause to me! I'll let you know when I finish installing...

Re:As always, read the EULA carefully

[Krelnik]

Well, Ad-Aware gives the box a clean bill of health post install, but given the fact that this is a beta, I wonder if they plan on adding other components later?

Re:Flying car

[Bat_Masterson]

Your flying car is at Moller.

8-)

Re:Bandwidth (People love their JunkMail!)

[Bat_Masterson]

Problem is that most (all?) SPAM is not coming from the person it appears to be coming from, so sending it "back" to that person is really just perpetuating the SPAM rather than wasting his bandwidth.

Installing SpamAssassin for KMail users

[RPoet]

You don't need a fancy fetchmail/procmail setup to use SpamAssassin. MandrakeForum has an excellent HOWTO on how to set it up in KMail, or indeed any MUA that supports filtering through an external process/program. Works like a charm here - I'm never looking back!

Client authentication - false reporting of mails

[Colin+Smith]

One of the problems Razor has is the false reporting of mailing lists as spam. e.g. Someone continually reports the CERT advisories as spam, as a result you have to specifically "whitelist" the CERT mailing list in order to get the advisories.

The problem is that Razor automatically trusts the spam reports. I'm not sure if that's still true of Razor 2.

Pyzor is being designed with client authentication in mind, you'll get an account on the server and the client will authenticate itself when it connects, then your report spam will be logged against your acount. If you report mail as spam falsely, you'll lose your account.

insightful, actually

[MisterSquid]

Sure, on one level it's funny, but I think grytpype's post has been mis-moderated; the comment is "insightful," a window into the pathological psychologies of spammers who want your click.

msq

What about The Bat?

[orrd]

The plug-in only works with Outlook? Who still uses Outlook?? What about The Bat?

Want volume? Use Hotmail

[m0i]

Apparently, whoever needs volume to achieve something goes the Microsoft way; in this case, Outlook users. The quickest way to achieve the critical mass required for their system to work would be to have an agreement with Hotmail, which is already probably using this technology and is self-sufficient for the task, given the volume they deal with.
Now, why do I still get spam in my hotmail box, and why does it always come from the same sources? Do they keep their eyes closed for some specific UCE suppliers?

Re:Plural ( spiraling OFFTOPIC )

[DrSkwid]

I'm probably not sure actually just that ATOC was the last one I saw. The pace of the story is just so weird. I don't think Lucas is much of a story teller and has found himself out of his depth.

He should have stuck to Monkey Island.

The hype of Star Wars on /. has always puzzled me. There are so many more well crafted examples of the art of cinema to choose from.

Re:Plural ( spiraling OFFTOPIC )

[DrSkwid]

lol @ ATOC again.

I put ATOC instead of AOTC when I first did my sig.

See even Lucas couldn't get that right. The world needs acronyms that scan not that twist the tongue.

Screw the karma, I've got points to burn. The karma kap kills the RPG element of /.

I was looking forward to posting @ +3 for my 500 karma after years of devoted service. Imagine EverQuest keeping the level cap @ 50 because accounts were being traded offline. Ridiculous.

Who want's to REALLY stop spam IMMEDIATELY?

[evilviper]

People seem to be putting a lot of work into a lot of different SPAM blocking schemes... The problem is that they are all reasonably easy to defeat.

So, why has no-one begun using the simple, full-proof method? Just have a phrase that must appear in the subject-line of all your e-mail.

So, my phrase will be 'loaded' (note: the only way this system may become ineffective is if everyone choose similar phrases). Now, as I give everyone my email address, I tell them 'loaded' must be in the subject of every e-mail they send me. I set up filters in my (free, web-based) e-mail account to throw away anything that doesn't have the phrase 'loaded' in the subject line.

Now, assuming I'm not careless about how I note my phrase on message boards and web pages, I should never again recieve a single piece of spam.

It's just that simple. No David verses Golliath... No million-dollar charity organizations that manually filter out spam. No more thousands of hours writing rules to block e-mail that doesn't perfectly match the rfcs... No more complex programs that may be fairly easilly defeated by the spammers.

The single problem is mailing lists. For each list to which you subscribe, you must write a single rule to deliver mail from that 'To:' or 'From:' address, into your Inbox, rather than your Trash.

Blocking SPAM, it's just that simple, people. And if the idea spreads, the spammers will completely stop, as there's no more profit to be had.

Blocking spam is not enough.

[Fuzzums]

If I receive spam from the Netherlands (I live there, you know) I just LOVE to go to here to find their number and call the fuckers. I found out I wasn't the only one calling by the tone of the voice on the other side of the line.

I just, friendly, explain them that i was not not interested in their product, I was really sorprised to know I had an erection problem, ask them if they thought about the negative publicity and so on. Every minute they don't work is costly for them.

An other option you can try is to send them a free fax explaining the same thing. Maybe you can offer them to respond with a fortune cookie-fax (man who send spam will receive fax) every time you get spam from them.

Don't just sit there pressing the delete button, accepting the spam as part of e-mail, but fight back. Not by hiding behind spamblockers, but by getting to the spammer.

Oh. My personal offer is this: "You're today's lucky spammer. You've been selected, out of all today's spam, to get a call for each received spam today. We'll gladly tell you what was offered in every spam. This all is paer of our mail policy in which you opted in by sending me spam. You'll be hearing from us today. Thank you"

Vinge

[crisco]

Heh, I just finished that one, came across it at a library while I was looking for something new to read. Vinge had entered my consciousness from /. or somewhere on the internet but I'd never read any of his stuff(for an avid reader and a sci-fi fan I've missed quite a bit of good stuff). Now I've gotta hunt down more, that was an amazing book.

Re:Vinge

[the+gnat]

"A Deepness in the Sky" is almost as good (but not quite). The human cultures are more interesting in it- the aliens are completely different but no less fascinating. The plot, unfortunately, sort of loses steam whenever he switches focus back to the humans. (Part of the reason for this may have been that it's a sequel, and I know what eventually happens... so it seems that the novel almost ends on a depressing note)

Regardless, I'm amazed at his ability to imagine non-human cultures- and then describe them in familiar terms, even though they're totally different. It's giant spiders in this one.

its???

---aw, gee, I wuz only reading this sub thread because I thought you were talking about "tits".

who cares about "it's"?

Collective -- consider the etymology

[jonadab]

I think the etymology of the term will best answer your
question.

The original thinking was that there are not separate
plural and singular forms. This goes along with (part of) why
the term "spam" was chosen to represent the stuff. Like the
meat, there are no clear divisions between pieces; it's all
just _stuff_.

Think about it. If your mailbox contains 100 messages
(yeah, you wish it were so few...), and all of them are spam,
and 100 other people (again, never so few...) like you also
received 100 messages, all spam, and without sophisticated
IP subnet tracking none of you can easily tell who sent any
given message, and you're all receiving messages from a
different subset of the set of all spammers, and each spammer
sends you a different subset of his set of all messages...

So, any given message you received is very similar to a
random subset of the other ones you receved _and_ was also
received by a random subset of your 100 friends, each of
whom also has a random collection of messages that are
very similar to this one, but may not be exactly the
same as the ones you have...

What you have (all of you, collectively) is a messy
conglomeration of mixed parts. Like the Hormel product.

There is no important semantic distinction between one message
and the next, or between the same message received by different
people, or sent using different relays... it's not generally
useful to talk about an individual message. Collectively, it's
all just spam.

When you want to start filtering it, you (or your filtering
agent) have to look at each message individually. Especially
if you're building a database of known spam. But otherwise,
it's all just spam.

There were at one time some other terms to go along with
spam: jello and velveeta come to mind. The thinking was
that junk posts to usenet were different from junk email,
and that multiposts were different from crossposts, and
multiposts to one newsgroup repeatedly different from
(nearly) simultaneous multiposts to multiple groups, and
so on and so forth. These distinctions turned out to
be unimportant, largely because the same stuff gets sent
in all of the above ways, and so now it's all just spam.

Read the RFC

Congrats, you managed to slave SMTP to DNS.

Reverse DNS is NOT A REQUIREMENT TO HOST MAIL. Or any other service for that matter.

Read the related RFC's. Anyone who bounces mail based on a lack of a reverse lookup has no concept of how to properly run a host.

Re:Read the RFC

[Adnans]

Reverse DNS is NOT A REQUIREMENT TO HOST MAIL

It is for me. And seeing how it defeats about 90% of ALL incoming SPAM I think I'll keep that requirement. If you don't take the time to properly configure reverse-DNS lookup, if only for your SMTP server, I simply bounce your message with an appropiate 50X reply. If you can't live with that, tough!

Read the related RFC's

LOL. What the hell does an RFC have to do with combatting SPAM at my doorstep?

Anyone who bounces mail based on a lack of a reverse lookup has no concept of how to properly run a host.

Riiiiight! :)

-adnans