4/16/04

My Current Spam Barrier

Almost a year ago, I wrote a column entitled Spam Control. I thought I would give a brief update. I am assuming you have read the previous column.

First, I am very happy with the results. Almost no spam gets through to me. By "almost" I mean 1 in 200 or better. Those that do get through are often borderline spam. For example, because I occasionally write for Information Security, my e-mail address there receives a bunch of unsolicited press releases. I also sometimes get really short e-mail addresses that looks to me like someone wasn't really sure how to use his bulk e-mail software. But mostly, I get no spam.

Since that column, I've made the following changes:
  • I've taught SpamAssassin with a bunch of "spam" and "ham." I've cut back dramatically on the number of regular expresses I use for spam-blocking in PostFix tables. In other words, I am depending on SpamAssassin more. (The long regular expressions caused my e-mail server to sink into an abyss of stalled processes once or twice.)
  • I've set PostFix to remove anything with a very large spam value, and to hold anything marked as spam, but with a lower value.
  • Occasionally, I use IMAP to pull down the headers on all the "held" e-mail. Usually, it is a less-than-a-minute process to pull down and visually scan the headers.
As you can see, you'd not need to know anything about me or my "ham" to quickly scan these, mark and delete them, and update the server. As I said, a minute or less a day.


In the example, there is one e-mail message that was from someone I knew. Was it spam? It had all the characteristics. And it was forwarded a bunch of times. So, I did notice it and I read it. But, it was one of those "pass this on to everyone you know" sort of e-mails. So, well-done, SpamAssassin.

I don't use any (to speak of) anti-spam processing on my desktop. And my set-up will scale. I am not doing anything that you could not do in a very large organization.

No comments: