Slashdot Mirror

← Back to Stories (view on slashdot.org)

Interview With The SpamAssassin

Posted by Zonk on from the thin-pink-line dept.

comforteagle writes "Howard Wen has conducted an interview with Daniel Quinlan of SpamAssassin. In it he explores what keeps Daniel motivated in the face of the unrelenting torrent of spam and new spamming techniques, as well as, what is working - what is not, and what he predicts spammers have up their sleeves next for defeating spam detection." From the interview: "If you don't mind deleting spam manually, that's your prerogative, but don't complain about it. If your ISP doesn't do a good job fighting spam, then switch ISPs or install your own anti-spam software. There are a lot of choices out there."

11 of 202 comments (clear)

  1. Complain as much as you can! by iolaus · · Score: 5, Interesting

    "If you don't mind deleting spam manually, that's your prerogative, but don't complain about it. If your ISP doesn't do a good job fighting spam, then switch ISPs or install your own anti-spam software. There are a lot of choices out there."

    How the hell do you think the national do-not-call list came about? Because people bitched and complained! I agree there are spam solutions out there but I still think there should be an easier, more fool-proof, and legally backed way of opting out of spam.

    --
    I find laziness to be an excellent motivator.
  2. SURBL by JohnGrahamCumming · · Score: 5, Interesting

    OSDir.com: What's the most effective anti-spam technology that SpamAssassin uses right now?

    Quinlan: I think network rules are the most effective single technology, in particular, the URI rules that use SURBL, looking for spammer domains in Web links.

    The SURBL can be found here: http://www.surbl.org. It's a very good thing, so much so that spammers are starting to try to get around it by doing stuff like this:
    Copy the following URL removing the space into your browser:

    www. spammer-site.com
    John.

  3. Re:gmail has good spam protection by winkydink · · Score: 3, Interesting

    I agree that Google has good protection, Even with slutting my email address by publishing it on /., the amount of spam that makes it into my gmail box is surprisingly small.

    --

    "I'd rather be a lightning rod than a seismometer." -Ken Kesey

  4. A spam "bubble"? by antifoidulus · · Score: 4, Interesting

    From TFA:
    The greater challenge is that the new techniques never stop coming. It's possible spammers will eventually run out of tricks, but it definitely hasn't happened yet. Most techniques backfire fairly in the long run, and make it more obvious that a message is spam.
    You gotta wonder if there is a spam "bubble" that will burst pretty much like every other bubble. It started the same way, a few scammers got the idea of sending out scams via email and were quite successful, and everyone else started to jump on board. But soon enough(hopefully) people will learn their lesson and spam will slow....maybe I'm putting too much faith in people.
    But it is interesting to see how many "me too" trends there are in spam. Up until about 2 years ago, I never received a 419 scam, but now I get at least one a week. Up until about a year ago, I never received a rolex email(typically the domain of brick and mortar(ok, urine soaked streetcorner) drifters), but now I get a few a day.

    --
    Monstar L
  5. All I can say is... by Anthony+Boyd · · Score: 4, Interesting

    ...God bless Daniel Quinlan and people like him. I have had a hell of a time with my daughter's email. A LOT of Web sites for kids have a "mail a friend" option. At one point my daughter wanted to use that option on a few sites. These are kid-oriented sites with privacy statements, so the sites felt trustworthy.

    Fast forward to two weeks later, and one of those #@!&^ing sites has sold her email address to every spammer in the nation. My little kid got 196 spams yesterday -- for Viagra, lesbian cheerleader porn, you name it. So I have become heavily interested in every anti-spam product known to man. I've got 'em on the server, and got 'em on the client. Right now, with redundancy, this is 99% accurate, and my daughter gets only messages from friends and family. My biggest problem is not that spam gets through, but that false-positives block a legit message every now & then. That is the area I hope improves the most.

    --
    My Greasemonkey scripts for Digg &
  6. Re:gmail has good spam protection by int2str · · Score: 4, Interesting

    I disagree completely.

    I'm subscribed to the Linux kernel mailing list with a GMail account and it constantly marks legitimate messages as Spam. Since the emails have such a common format and subject matter, that's really surprising.

    On the flip side, many Spam messages and phishing attempts make it through GMails filter.

    My small business mail server running Spamassasin and some blacklists is much more efficient compared to Gmail.

    Cheers,
    Andre

  7. Re:gmail has good spam protection by snorklewacker · · Score: 4, Interesting

    gmail's spam filtering annoys the hell out of me: No whitelists. I'm subscribed to a spam discussion list, so it trips spam filters all the time, and I'm constantly having to fish messages out. I don't care that it classifies it as spam, I'm just annoyed at the fact that I cannot ever override its judgement.

    --
    I am no longer wasting my time with slashdot
  8. Re:gmail has good spam protection by Anonymous Coward · · Score: 1, Interesting

    That's correct. I had an extra gmail invite so I set it up and signed up for about 100 high volume mailing lists and a bunch of news alerts from cnn and google. I have received about 25,000 emails from these groups and have about 500 messages in the spam folder. 99% of the messages in the spam folder are mailing list messages.

    Not that I care or anything, I just want to see what happens when I reach the gigabyte limit. I'm at 40% right now.

  9. Re:you'ved been spammed! by Anonymous Coward · · Score: 1, Interesting

    Then how about making those enhancments into additional modules/tests for SpamAssassin? Then everyone can benefit or they can disable that feature if they dont want it.

  10. spamass + mimedefang milter == peace by SCHecklerX · · Score: 2, Interesting
    I drop more stuff these days before it even GETS to spam assassin to be analyzed.
    • Reject if on the spamhaus list
    • Reject if claiming to be your mail server in the helo
    • Reject if claiming to be RFC1918 space in the helo
    • Reject if there isn't a '.' somewhere in the middle of the helo (simple way of checking for FQDN)
    In addition, configure sendmail to do rcpt flood rejects, and even better, enable greet_pause. I've rejected quite a few with those.

    Anything that gets through all of that is then analyzed by spamassassin. WIth Bayesian training, my current threshold is 3.0. Anything legit is normally -2.0 or less. I Totally DROP through mimedefang anything greater than 7.0. Anything from 3-7 is dumped in a special folder on my local account via procmail. I analyze that stuff every now and then to see if it is time to once again lower the thresholds.

    Also, continue to do the RBL checks in spamassassin (although it's a little redundant since I check spamhaus in mimedefang). That way you also get scoring based on SURBL..good stuff.

  11. Re:Business cards by bsdbigot · · Score: 2, Interesting

    Although he would disagree that he is a "tax evader," you should check out this guy Larken Rose, recently under endictment, who qualifies for that title about as much as anyone possibly can. Much interesting reading, there, if you want to know about the inner workings of the IRS and tax laws.

    --
    main(){char I,l,O[]={'-',1-1,0,(1<<5)-1,0+'-',-10-1,-10,11-0,- 1,-100};for(I=l=0;l<10+0;put