[TriLUG] alternate ways to reduce spam (was: OT: Google advertising for spammers?)

David M. turnpike420 at gmail.com
Tue Aug 31 13:28:18 EDT 2010


I use postfix with spamassasin.  In postfix I set a separator to "-" and
also over the last few years created separate email addresses for various
sites I submit to.  For example, if I was to join the Cathulu website, it
would be username-cathulu at mydomain.com and postfix will simply deliver to
"username".  I think the default separator in postfix might be "+" but it
was suggested to me that not all webforms use proper email validators and
will reject the "+" (apple.com rejected it at one time).  If I do get spam,
I can see who leaked the address... OR who's outbound SMTP is being spied
on, like Fidelity for example.  I got a lot of "hey buy this penny stock
now, it will grow like mad cow and you'll get rich quick" type junk aimed at
the address I used for them.  I approached Fidelity about it just to be sure
they knew it was happening and to be sure it wasn't them.  I think I can say
I'm fairly confident they wouldn't give out email addresses and such, but
can they prevent someone from sniffing their outbound SMTP traffic?  What
makes it most difficult for me I think is that my email address dates back
to 1997, so it's been around a LONG time.

For spamassassin itself, I redirect spam messages to /dev/null if they rank
really high, and likely spams go into a spam folder.  I process the spam
folder with sa-learn as spam, and I process all my other email folders with
good messages with sa-learn as ham.  I have also blacklisted a few domains
which for some reason seemed impossible to get rid of through this other
method.  I haven't done any language based blocking, but am seriously
considering it.  I get a lot of ja, kr, ru, br and it which I simply don't
need to see.  I tend to get anywhere from 0-8 spams a day that make it to my
inbox, some with ***spam*** edited subjects, some undetected.

Hope that helps.  David


> I'm curious what novel approaches people are using to fight spam?  (beyond
> the
> traditional e-mail filtering)
>
> I run my own mail server. Every time I must provide an e-mail address (to a
> website,
> etc.), I create a unique entry in my "aliases" file and record who that
> alias
> was given to (and when).  When I receive spam on an address, I can then:
> - know EXACTLY who gave out my e-mail address
> - turn off that alias, so future e-mails to that address are rejected by
> the server
>  (as undeliverable)
>
> I've thought occasionally about a way to turn this into a useful (and
> usable) system
> for others, but have never pursued it.
>
> ------------------------------------------------------------------------ -
> Chris Merrill                           |  Web Performance, Inc.
>



More information about the TriLUG mailing list