Slashdot Mirror

← Back to Stories (view on slashdot.org)

University Capitulates, Switches Off Spam Filters

Posted by timothy on from the spammers-should-be-castrated dept.

Heraklit writes "As reported on German news site Heise, the system administrators of the Technical University of Braunschweig have temporarily given up the fight against spam. Because of the legal obligation to deliver all mail and of the delay time exceeding critical 5 days(!), they decided to switch off all filter mechanisms. Before, the 20 servers dedicated to processing e-mail alone had been breaking down under a load of 100000 unprocessed mail messages, ca. 98% of which had been spam or viruses. ... A similar e-mail jam occurred recently at the IT central of the German Federal Government. Is this the beginning of the end of e-mail?" (The Fish may be useful.)

6 of 470 comments (clear)

  1. Re:First Post by Anonymous Coward · · Score: 5, Informative

    Wait, don't tell me.

    1: They refused to use blacklists to cut the load.
    2: They refused to publish SPF records and use SPF to block all the email forged to look like it's from their domain, significantly cutting the spam load.
    3: They used one of those "commercial-grade" virus/spam mail scanners that's designed to use entirely Bayesian scanning without ever setting time-outs on the generated rules, and which was written for "completeness", not speed.
    4: They forgot to set up a honeypot machine to auto-block spam domains.
    6: They underbudgeted for the servers to actually do the mail handling, forgetting to set up up appropriate MX records with good fallover behavior, so when any of their served domain's MX record listed machine blinked that entire domain went offline.
    7: They're using MS Exchange SMTP servers, which bog down incredibly under load, especially if you run any separate service such as spam processing.

  2. Self-Destructing E-Mail helps by MikTheUser · · Score: 5, Informative

    www.spamgourmet.com has always worked well for me. Give your adress to whom you want, receive just as much mail from them as you want.

  3. No, sendmail by marnanel · · Score: 5, Informative

    7: They're using MS Exchange SMTP servers, which bog down incredibly under load, especially if you run any separate service such as spam processing.

    Nah, it's sendmail:

    $ dig -t MX tu-bs.de
    [...]
    tu-bs.de. 172738 IN MX 10 rzcomm5.rz.tu-bs.de.

    $ telnet rzcomm5.rz.tu-bs.de smtp
    Trying 134.169.9.40...
    Connected to rzcomm5.rz.tu-bs.de.
    Escape character is '^]'.
    220 rzcomm5.rz.tu-bs.de ESMTP Sendmail 8.11.1/8.11.1; Mon, 24 May 2004 04:00:51 +0200 (METDST)
    --
    GROGGS: alive and well and living in
  4. Re:Question? by Seumas · · Score: 5, Informative

    Simple problems have simple solutions.

    You can increase the threshhold at which you declare spam to be spam. Allows for more misses, but reduces the false positives to, essentially, nothing.

    Or, you can just tag likely spam with ***SPAM*** in the subject and let the user deal with it.

    Or even better, you can direct likely spam into a specific IMAP folder on the server that the user's client can subscribe to and they can glance at their personal SPAM folder on the server whenever they want without having to download all the bodies.

    As someone who personally uses postfix+procmail+spamassassin+razor and recieves 4,000 emails per day, I am currently filtering out 98% of the spam on the server and have had ZERO false positives in two years and 2.9million messages.

    Statistically, you will eventually get some false positives - especially if you have a large userbase (as opposed to just one or two accounts). But if one out of every few million messages isn't acceptable, you can just use one of the previously suggested methods.

    The worst you can do is nothing at all.

  5. Re:20 servers for only 100,000 messages? by Seumas · · Score: 5, Informative

    No, Sendmail:

    220 rzcomm5.rz.tu-bs.de ESMTP Sendmail 8.11.1/8.11.1; Mon, 24 May 2004 06:46:39 +0200 (METDST)

  6. Re:Spam And Viruses by Wastl · · Score: 5, Informative
    Much better way: reject viruses in the SMTP transaction. The SMTP client is then responsible for notifying the sender. If that client is a virus or worm, it will do nothing; no one is bothered. If it's a false positive, the sender will get the bounce. Reliable, unobstrusive.

    Two things:

    • in many countries (e.g. Germany) you are actually obliged to deliver a message, regardless of whether its a Virus or not, or at least send the recepient a message that he received an email and can fetch it by some means.
    • your proposal is short-sighted: most viruses are already relayed via several systems before they reach my mail server, so a bounce would be generated in any case; I suspect that this is true for most other systems as well.

    The approach that we take is the following: We mark virus messages with a special header and deliver them in a dedicated folder in the user's mailbox. Most users simply delete all messages in this folder, but then it is their choice, we abide to all laws and do not generate bounce messages.

    Sebastian