[vox-tech] Re: What anti-spam techniques do you use?

Peter Jay Salzman vox-tech@lists.lugod.org
Tue, 5 Feb 2002 01:51:48 -0800 

hi john,

there's not much you can do once the mail is delivered to your mailbox.

that means if mail is going to someone else's server, you either need
them to cooperate with proactive methods or you need to filter spam
passively and complain retroactively.

since most of my mail comes to dirac.org, i deny access to the smtp port
by anyone sending mail from a known open relay using ordb.  if your mail
goes to someone's server, this may not be an option for you; you'll have
to ask them and hope they're not spam friendly.

in addition, when spam comes from a non open relay, i drop the sending
IP address into /etc/hosts.deny so they get exactly one chance and one
chance only to spam me (and i fire off a complaint to spamcop to boot).
again, if your mail is going to someone else's server, this may not be
an option for you since you're prolly getting email via imap or pop.

although the answer really depends on how you get your mail, it's pretty
safe to say that if you use imap/pop/.forward, your only option is to
filter spam based on content and sending location.  note the word
filter.  meaning, as far as the spammer is concerned, his email got
through and the spamming attempt was successful.  you don't see the
spam (if it gets filtered by your procmail rules), but he/she doesn't
know it.  this is what i mean by "passive spam control".

my suggestion is this:

get an account on someone's machine that is spam unfriendly.  let them
take care of the details like implementing ordb/orbz and hosts.deny
filtering (there are a few options here, like postfix's spam filtering
which is functionally equivalent of me dropping IP's into hosts.deny).

buy a domain and have your email sent to your broadband enabled system
directly.  this gives you direct control over who gets to use your smtp
server

otherwise, you're pretty much relegated to after-the-fact filtering.

pete

ps- most of my spam these days are coming from asia (russia, china,
hong kong, korea, etc) and east europe.  in particular, hinet.net,
netvigator.com and ethome.com are the worst offenders.  i can safely say
that these ISP's (which seem to be major players in the asian ISP
market) are downright spam friendly.  my complaints are completely
ignore.  i would say they're responsible for about 30% of the spam that
i get these days. 

cc'd to vox-tech.

begin John C. Alden <jcalden@dcn.davis.ca.us> 
> 
> My DCN address is getting pummeled more & more with spam. Now it's
> about 75% of all the mail I receive. Don't know where they're getting
> it, but I'm getting TIRED of it, (those steenkin' bastards).
> 
> What techniques and/or tools do you use for spammers not using a major
> service (aohell, earthlink, msn) that has an abuse@ address?
> 
> I even got one spam with subject: UCE: E-mail Advertising Services "We
> are offering legal, ethical direct bulk e-mail services.  This is for
> companies who want to send out at least 1 million messages per month."
> 
> Jeez. A million spams a month. Can't tell if they were nicely
> attempting to comply with some law (adding "UCE:" prefix), or if they
> were trying to be cute. Or simply stupid.
> 
> Anyway, any help would be appreciated.