Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spam Meeting Wrap-up

Posted by michael on from the spam-and-eggs-and-spam dept.

wendigo2002 writes "Get used to that daily flood of e-mail come-ons, Viagra offers and lucrative enticements to invest in Nigerian pyramid schemes. Internet gurus, software designers and lawyers today ended a three-day Federal Trade Commission discussion on combating spam by concluding neither technology nor laws are yet capable of completely dealing with the plague."

2 of 188 comments (clear)

  1. Washington Post coverage by Kappelmeister · · Score: 4, Informative

    The Washington Post takes a slightly more sensationalist take on the "bare knuckle," "historic" forum.

  2. Spam is dead by ajs · · Score: 4, Informative
    Get used to a mailbox full of ... whatever you want, including nothing.

    Spam tools are currently at the point tht detection of spam is a near-certainty and the probabilities for false-positives (e.g. good mail getting called spam) are measured in the 0.00n-0.0n% range (that is n in 100,000 to n in 10,000) which can almost always be improved on locally by the user through various means that are anti-spam-tool independant.

    SpamAssassin is currently my tool of choice. It's very flexible, can be used with any UNIXish mailer and is just getting frighteningly better over time.

    SA's recent addition of Razor2, a Bayesian filter and improved handling DNS blacklists (which SA weights so you can apply them withour worrying about slicing large and useful parts of the Internet out of your field of view) have reduced many concerns that folks had before about active abuse of SA's rule-base in the past. The speed with which this system applies hundreds of tests to a message is also quite stunning, and a major boost to Perl's tacit reputation as a "slow" language.

    The biggest problem with SA right now is probably the inability to scale up to the mid-range ISPs and medium-sized business without SERIOUS harware allocation due to the heavyweight neature of its testing. That's my personal mission for SA over the next year or so. My goal is to make SA a reasonable option for anyone that has to process orders of magnitude more mail than your average ISP (e.g. AOL).

    When the upcoming 2.54 comes out, I HIGHLY recommend checking it out. You can install SA on most UNIX-like systems, as long as they have Perl installed by typing (as root)
    perl -MCPAN -e shell
    following the configuration process if you have not done so for Perl before, and then typing
    install Mail::SpamAssassin
    After that it's just a matter of how you want to configure your MTA to talk to SA. I recommend using SA in "spamd" mode with sendmail and procmail. If you already use sendmail with procmail delivery, you just have to change your .procmailrc by adding rules to invoke SA, and there are good examples of that on the SA site. You can also use qmail (officially qmail doesn't support this kind of thing, but if you use the standard set of patches that most every has to apply, it's reported to work fine) and postfix (though postfix has some complexity when it comes to setting up any kind of uni-directional filtering).

    Good luck!