Slashdot Mirror
Spam Blocking Engine for OpenBSD
mkeke writes "In a post over at OpenBSD Journal, Theo states that he has written a spam blocker that works with pf and Spews.
It looks darn cool :)"
← Back to Stories (view on slashdot.org)
← Back to Stories (view on slashdot.org)
Why even bother with Spews? Why not Spamcop, who doesn't block half the planet?
Dude, where's my packet?
Because that would require every user to install Spamassasin. This solution from Theo is server-side, which means that the users don't have to do anything in particular to get rid of the spam.
Why drive a Ford when you've already got a Chevy available? It's a matter of choice, preference, features, etc.
-- "Other than that, how was the play Mrs. Lincoln?"
To me, this seems exactly the right strategy, although how well it works in practice will be interesting to watch.
Helium balloons want to be free.
It might only take a minute, but I RESENT having my system used/abused in this manner by some opportunistic prick who feels that my resources are fair game in his moneymaking scam de jour. If everyone ignored the problem, as you suggest, it would only get worse. Spammers need to be smacked in the (pick a place) to let them know that what they're doing is wrong and wasteful of everyone's resources.
Spam is annoying, but it isn't that big of a problem that we need Slashdot posts every day about it..
Annoying to the end-user, yes. To an ISP or firm with a large mail server it is more than that. Spam fills disks, uses bandwidth, wastes employees' time, etc etc. This is a super idea.
Trolling is a art,
- Let some customers spam
- ignored abuse complaints
- did nothing while when that particular spammer's IP was listed.
- Only took action against a spammer when
the SPEWS listing expanded to include non-spamming customers
- Whinged that SPEWS was unfair and not the right
way to do things
Every day SPEWS proves itself necessary and effective at getting otherwise unwilling providers to remove their spammers. Note that SPEWS uses an escalation process. The provider has to ignore complaints for a while to have the IP range expanded to include non-spammersIf you can suggest something that is half as effective at raising the cost for spammers as SPEWS, please suggest it. SPEWS forces providers to decide whether they want to host exclusively spammers or host exclusively non-spammers.
But if your goal is merely to filter spam (making life easier for the spammers) then you are right. SPEWS is not the way to do that.
Prime numbers are exactly what Alan Greenspan says they are -S. Minsky
I remember when I applied for a Mead mailing list and got a nasty letter back saying 'your SPAM has been rejected!' just because I sent it from a Rogers.com address, so I know what it's like to be blacklisted like in SPEWS, and it sucks. That's not the way to do it.
Also, this new spam program retaliates and the law is very nasty about vigilantism and retaliation, perhaps because it threatens their monopoly. I don't want to see a spammer WIN in court, do you?
Also, program like popfile doe a great job of removing spam.
My advice is to forget kicking the spammers ass and just make their work vanish down a black hole like it will WHEN BAYESIAN TECHNIQUES ARE USED AT THE ISP END hint hint...
It's Christmas everyday with BitTorrent.
I think too many hosting companies are far too lenient when it comes to booting spammers -- if they do anything at all. Honestly, I think going overboard on blocking will be a great asset in getting these clowns off their behinds.
It is impossible to get off their list
That is lame, if they have cleaned up their act. I'd say make it easy to be taken off once. After that, forget about it. Having little anti-spam programs running on every PC is just silly. Unless serious action is going to be taken, it's just wasted effort.
P.S. Ever notice spew is oops backwards :)
First of all, I don't think most network administrators -- or their bosses -- know what they're getting into when they use Spews to police their network. If you are an admin who signs your company up for it, be prepared to have this conversation:
And -- you think Spews is effective? After being put on their list I had a grand total of one person unable to receive my mail. I have a dozen other people using my server to send and receive mail to hundreds of people, and according to my logs, among all of us, the sum total of people who couldn't get our email was two. That's the most pitiful boycott I've ever seen.
I can already do this right in the MTA. I use Exim, but I know sendmail and other MTA's can do this as well.
However, I find it funny (hypercritical) that the weblog is hosted by a ISP that tolerates spam, Hurricane Electric. Specifically:
- Hurricane Electric's customers include major spammers, such as Bulk ISP Corp.
- Hurricane Electric's customers often show up in my spam trap, usually harvesting email addresses.
- Hurricane Electric's mail servers have open relays, which allows spammers to spam using their servers. Yes, I know it makes it easier for HE's customers to read email anywhere, but it allows spammers to flood others with spam also.
I'm sure others can add more, but I have other things to do . . .Spews put FOUR CLASS A's on their list. That's right -- a quarter-million IP numbers were blocked because they didn't like the policies at four IP numbers.
Perhaps you meant class B's? Four class A's would have been 67 million. I doubt even SPEWS is that stupid. Wait, this is SPEWS we're talking about.
>
> Spews is worse than the spammers, because at least I can ignore the spammers.
If you want an effective spam advisory system that actually lists spamhausen, use SPEWS.
SPEWS is better than MAPS, because the spammers discovered they could ignore MAPS.