[lug] Stopping the New Generation of Spam

Daniel Webb lists at danielwebb.us
Sun Dec 3 19:16:51 MST 2006


On Sun, Dec 03, 2006 at 03:14:41PM -0700, Collins Richey wrote:

> My answer may not be suitable for you, but I dealt with this
> permanently about 2 years ago. The answer is a gmail account. gmail
> has a very good, continuously learning spam filter. All spam is
> trapped under a spam label.where you can analyze it if you prefer. I
> don't. I just whack the entire label daily (ca. 100-300 per day). If
> you are even lazier, you can just let it pile up, and google will
> trash the spam after 10 days. I get about 10 misses per week that I
> need to manually tag as spam.
> 
> Different strokes for different folks. I'm rapidly forgetting
> everything I once new about running my own mailer plus spam filtering
> and loving every minute of it.

Have they ever mentioned their false-positive rate for the ones classified as
spam?  I imagine they're fairly good, but that would bother me.  Back when I
was using a spam tagger, I got complacent because it was so good (this the
early days before spammers got wise to them) and started just deleting them
without looking at them.  Of course, I found out later that one of the ones I
deleted was important and I missed out.  If you have to look at the messages
individually anyway then what's the point?  

Should people send important messages by email?  No.  Do they sometimes?  Yes.

I'm currently only using greylisting.  It's about 80% effective, although I
think it may have dropped to 60-70% effective lately.  The spammers seem to be
using more zombies with relays that retry.  The nice thing about greylisting
is no silent false positives.  If it's a legitimate email and the greylisting
messes up delivery, the sender's mail server will notify the sender that their
message bounced.  If that doesn't happen, then the sender's SMTP server is
broken and I'm not going to try to work around that.  I like Sean's idea of
setting up all the spam checking at SMTP-time, that would mean ALL spam
filtering would have that property of zero silent false-positives.  




More information about the LUG mailing list