[Mailman-Users] How to stop spam emails
Brad Knowles
brad at shub-internet.org
Mon Dec 10 09:14:14 CET 2007
On 12/9/07, Cyndi Norwitz wrote:
> But this isn't useful to me. Oh, I'm sure some of the really bad spam
> would go away, but this is a health list and so there are *a lot* of false
> positives because we mention a lot of spam-like keywords. So I'd have to
> set the spam level pretty high.
It depends on how your ISP runs SpamAssassin. It is possible to run
it in a manner where the user has full control over what rules and
what scores will be applied to their mail, and when you train
SpamAssassin by feeding it examples of spam that has gotten through
or ham that has accidentally been mis-identified, these rules and
scores will be updated as necessary.
I've been seriously fighting spam for about twelve years (as the Sr.
Internet Mail Administrator for AOL, I wrote some of the earliest
comprehensive anti-spam measures for sendmail, which I then
re-published to the community), and I've spoken on this subject at
conferences, I've been a member of the IETF/IRTF Anti-Spam Research
Group, and was the head of the Best Current Practices sub-group.
I can tell you, with some authority, that the only effective way to
run SpamAssassin is to do so using these per-user methods. And that
if you (the ISP) do actually run it in this way, you really can quite
effectively catch or identify most spam, even in environments where
you would otherwise tend to generate excessive false positive matches.
Of course, that doesn't mean that your ISP is actually going to do
any of these things.
> Here's what I want:
>
> Subscribers who are unmoderated to be whitelisted.
> Non-subscribers who I have set to auto-accept to be whitelisted.
That doesn't work, either. Spammers troll the archives of mailing
lists to find addresses they can use -- to spam those mailing lists,
among others. You can't just auto-whitelist all addresses in certain
classes.
> Potential spam from the moderated box to be sent to my graymail (my ISP's
> name (or maybe a common name, I don't know) for suspected spam--they send
> an email each night with the from and subject headers).
No, that's not a common name. I've been in this business for nearly
twenty years, and in all that time, I have never heard this
particular term used in this manner. More common terms are folders
with names like "quarantine" or "probable spam".
--
Brad Knowles <brad at shub-internet.org>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>
More information about the Mailman-Users
mailing list