What's in Your Spam-Fighting Arsenal?

Spamhunter asksL "Everyone has their favorite tools to stop spam at the inbox, whether it's using a scoring tool like SpamAssassin, bayesian filters, or something as extreme as challenge/response whitelists (which creates a few problems itself). What I'd like to know is, what are your tools for actively investigating and shutting down spammers? I've found information sites like SPEWS and Spamhaus to be invaluable in tracking down spam gangs and spam-friendly ISP's in order to put pressure where it belongs. Sometimes just chasing the chain of ownership in WHOIS is helpful. What tools, approaches, and resources do you find helpful?"

Several layers of paranoia

[ShaiHulud-23]

I use SpamAssassin to sort and tag the spam server-side, with my threshold set at 5. Or rather I should say the ISP hosting my domain uses SpamAssassin, I don't have full control over the mail server.

Then I use Mailwasher mainly to preview the messages on the server before downloading them. Mailwasher has its own filters to tag and bag spam, and they're pretty good. Do NOT use Mailwasher's fake bounce feature, it only contributes to the problem. I get the full source of the messages before downloading and report them to SpamCop.

I then use Mozilla Mail for the actual downloading and reading, which of course has its own Bayesian filtering, but messages have already gone through two other filters before they reach it. The funny thing is that even though I preview the messages with Mailwasher, I don't delete them on the server, I want them for training purposes.

I use throw-away accounts on SpamGourmet if I need to sign up for anything online.

I only get maybe three spams a week to my real email address, so all of this may be a tad extreme. But perhaps this paranoia (I'm also very protective of my email address to begin with) is *why* I get so little spam.

My Hotmail account, OTOH, was getting about 20-30 per day, five or six of those were making it past the filters into my inbox. Since I don't use the account for much serious correspondance, I finally set myself to "Exclusive" and whitelisted those few domains that I actually want to get mail from.