Slashdot Mirror
I am the Most Spammed Person in the World
jefp writes "In November 2004, Microsoft's second-in-command Steve Ballmer made some headlines by mentioning that Chairman Bill Gates was getting four million spams per day. At the time, I was dealing with a little spam problem of my own - I was getting around a million spams per day. I found it a little comforting that my problem wasn't quite as bad as Bill's. However, a couple of weeks later Ballmer corrected himself, saying he mis-remembered the stat and Gates actually gets four million per year.
This means I was getting one hundred times as much spam as Bill Gates.
I've written a tutorial explaining why I get so much crapmail and how I deal with it."
I'm pretty sure whoever runs nowhere.com can give you a run for your money in the most spam inbound. Although a lot of those are probably from organizations thinking they're sending to legit opt-in requests.
I like his slam on qmail. Does djb ever address such concerns?
-mkb
thanks for the plug xtracto, I created and maintain dodgeit.com :-)
We were getting well over 1 million spams a day before we started using DNS blacklists. I'm stunned that the story author is weathering the storm with sendmail. I never could configure that beast. Dodgeit is a postfix shop.
slashsearch.org - slashdot search. powered by google.
This guy's SMTP server:Pipelining is turned on for untrusted hosts. Nice.
Either way, a good portion of the spam hitting my system never even makes it to EHLO/HELO time because if there's any sort of resolution problems with the dns/rdns or if the hostname contains the IP address in it (RFC violation) I delay the connection 20 seonds before the greeting. RFC states clients WILL NOT send data unless asked to do so, except for pipelining which is not advertised for untrusted hosts. When the MTA sees a bunch of incoming crap, it drops the connection because they violated the RFC rules for handshaking (clients MUST wait for the greeting). This does not affect legit MTAs with temporary problems.
I go through a whole bunch of other checks even before DATA time, delaying at each step if there's a problem. 90% of the spam/viruses never even make it to scanning for spam/viruses because they violate something before that and the connection get drops (or they drop it from waiting). Once again, delaying 20 seconds does NOT affect legit MTAs.
Big writeup on SPAM filtering
My MTA
I have had the same address since 1989, long before there WAS a spam problem. My email address was all over Usenet when Cantor and Seigel sent out their first spame, which means it's all over Google Groups. The horse is so far out of the barn its grandchildren are headed for the glue factory.
In 2000, the last time I added it all up, I was getting 300M a month *after* applying blacklists. At this point my mailserver is blocking several countries and ISPs, using multiple blacklists, and running some custom greylist software I wrote myself (for qmail... sorry, Jef), and my local mail client's only seeing 20-30 spams a day out of the hundreds of thousands (maybe as many as a million, it's too depressing to keep track) of delivery attempts that show up in my logs.
If you don't mind changing your email address now and then, more power to you, but I'm damned if I'll give the bastards the satisfaction.
A billion MIPS for defence, but not a byte for tribute!