Slashdot Mirror

← Back to Stories (view on slashdot.org)

University Capitulates, Switches Off Spam Filters

Posted by timothy on from the spammers-should-be-castrated dept.

Heraklit writes "As reported on German news site Heise, the system administrators of the Technical University of Braunschweig have temporarily given up the fight against spam. Because of the legal obligation to deliver all mail and of the delay time exceeding critical 5 days(!), they decided to switch off all filter mechanisms. Before, the 20 servers dedicated to processing e-mail alone had been breaking down under a load of 100000 unprocessed mail messages, ca. 98% of which had been spam or viruses. ... A similar e-mail jam occurred recently at the IT central of the German Federal Government. Is this the beginning of the end of e-mail?" (The Fish may be useful.)

12 of 470 comments (clear)

  1. Re:First Post by Anonymous Coward · · Score: 5, Informative

    Wait, don't tell me.

    1: They refused to use blacklists to cut the load.
    2: They refused to publish SPF records and use SPF to block all the email forged to look like it's from their domain, significantly cutting the spam load.
    3: They used one of those "commercial-grade" virus/spam mail scanners that's designed to use entirely Bayesian scanning without ever setting time-outs on the generated rules, and which was written for "completeness", not speed.
    4: They forgot to set up a honeypot machine to auto-block spam domains.
    6: They underbudgeted for the servers to actually do the mail handling, forgetting to set up up appropriate MX records with good fallover behavior, so when any of their served domain's MX record listed machine blinked that entire domain went offline.
    7: They're using MS Exchange SMTP servers, which bog down incredibly under load, especially if you run any separate service such as spam processing.

  2. Self-Destructing E-Mail helps by MikTheUser · · Score: 5, Informative

    www.spamgourmet.com has always worked well for me. Give your adress to whom you want, receive just as much mail from them as you want.

  3. Re:20 servers for only 100,000 messages? by chris_eineke · · Score: 4, Informative
    we get approx. 100K emails per day and we have no problem pushing them through spamassassin on a single server with dual 2.8 xeon processors.>
    RTFBT! (Babelfish Translation) They are processing 10,000 emails an hour and we don't know what kind of servers (old, old p2-233 boxen maybe?) they are using. Right now German univer-cities dn't have enough money to buy f'ing chairs and seats for their buildings.
    --
    "All you have to do is be fragile and grateful. So stay the underdog." Chuck Palahniuk, Choke
  4. Reverse DNS to MX record checking.... by kraemer · · Score: 4, Informative

    Why dont these people start using reverse DNS to MX record verification? It checks to make sure the machine sending you email has a real reverse DNS that matches their MX record. If not, it disconnects. Combine that with the real time black hole list and you'll never see spam again! This mail package does it: Icewarp

  5. Re:Another riduculous law! by AndyChrist · · Score: 4, Informative

    Some university departments run on email. If you don't deliver reliably, you could create chaos in some classes.

  6. No, sendmail by marnanel · · Score: 5, Informative

    7: They're using MS Exchange SMTP servers, which bog down incredibly under load, especially if you run any separate service such as spam processing.

    Nah, it's sendmail:

    $ dig -t MX tu-bs.de
    [...]
    tu-bs.de. 172738 IN MX 10 rzcomm5.rz.tu-bs.de.

    $ telnet rzcomm5.rz.tu-bs.de smtp
    Trying 134.169.9.40...
    Connected to rzcomm5.rz.tu-bs.de.
    Escape character is '^]'.
    220 rzcomm5.rz.tu-bs.de ESMTP Sendmail 8.11.1/8.11.1; Mon, 24 May 2004 04:00:51 +0200 (METDST)
    --
    GROGGS: alive and well and living in
  7. Re:OpenBSD has a Good Solution: spamd by benna · · Score: 4, Informative

    I seem to recall the whitepaper about this method being posted on slashdot a while back. My free email provider (softhome.net) implements this and it works ok but it still lets quite a bit through. It seemed like a great idea in theory though.

    --
    "It is not how things are in the world that is mystical, but that it exists." -Ludwig Wittgenstein
  8. Re:Question? by Seumas · · Score: 5, Informative

    Simple problems have simple solutions.

    You can increase the threshhold at which you declare spam to be spam. Allows for more misses, but reduces the false positives to, essentially, nothing.

    Or, you can just tag likely spam with ***SPAM*** in the subject and let the user deal with it.

    Or even better, you can direct likely spam into a specific IMAP folder on the server that the user's client can subscribe to and they can glance at their personal SPAM folder on the server whenever they want without having to download all the bodies.

    As someone who personally uses postfix+procmail+spamassassin+razor and recieves 4,000 emails per day, I am currently filtering out 98% of the spam on the server and have had ZERO false positives in two years and 2.9million messages.

    Statistically, you will eventually get some false positives - especially if you have a large userbase (as opposed to just one or two accounts). But if one out of every few million messages isn't acceptable, you can just use one of the previously suggested methods.

    The worst you can do is nothing at all.

  9. Re:20 servers for only 100,000 messages? by Seumas · · Score: 5, Informative

    No, Sendmail:

    220 rzcomm5.rz.tu-bs.de ESMTP Sendmail 8.11.1/8.11.1; Mon, 24 May 2004 06:46:39 +0200 (METDST)

  10. Perhaps they need some Canadian help... by MagicFab · · Score: 4, Informative
    Linux Journal recently featured an article on How HEC Montréal's new mail installation handled the spam and virus explosion of early 2004.

    The measured UBEs over a 3 moth period were 172,887 - only for their top-25 most spammed employees!

    --
    Notepad specialist & FAT administrator, group training available
  11. Re:Spam And Viruses by Wastl · · Score: 5, Informative
    Much better way: reject viruses in the SMTP transaction. The SMTP client is then responsible for notifying the sender. If that client is a virus or worm, it will do nothing; no one is bothered. If it's a false positive, the sender will get the bounce. Reliable, unobstrusive.

    Two things:

    • in many countries (e.g. Germany) you are actually obliged to deliver a message, regardless of whether its a Virus or not, or at least send the recepient a message that he received an email and can fetch it by some means.
    • your proposal is short-sighted: most viruses are already relayed via several systems before they reach my mail server, so a bounce would be generated in any case; I suspect that this is true for most other systems as well.

    The approach that we take is the following: We mark virus messages with a special header and deliver them in a dedicated folder in the user's mailbox. Most users simply delete all messages in this folder, but then it is their choice, we abide to all laws and do not generate bounce messages.

    Sebastian

  12. Re:translation by orin · · Score: 4, Informative

    To quote the post directly above you ...

    No, sendmail (Score:5, Informative)
    by marnanel (98063) on Monday May 24, @12:04PM (#9234290)
    (http://marnanel.org/)

    7: They're using MS Exchange SMTP servers, which bog down incredibly under load, especially if you run any separate service such as spam processing.
    Nah, it's sendmail:

    $ dig -t MX tu-bs.de
    [...]
    tu-bs.de. 172738 IN MX 10 rzcomm5.rz.tu-bs.de.

    $ telnet rzcomm5.rz.tu-bs.de smtp
    Trying 134.169.9.40...
    Connected to rzcomm5.rz.tu-bs.de.
    Escape character is '^]'.
    220 rzcomm5.rz.tu-bs.de ESMTP Sendmail 8.11.1/8.11.1; Mon, 24 May 2004 04:00:51 +0200 (METDST)