[Techtalk] Spam solutions

Andrea Landaker qirien at icecavern.net
Sat Aug 21 09:15:09 EST 2004 

> Right now I'm ready to try the Bayesian filters, but I haven't had much
> experience with them and I've read several people say that spamassassin's
> Bayesian filtering isn't great.

I've had pretty good luck with spamassassin's Bayesian filtering, but I do 
still have to scan through my Spam folder and make sure there weren't any 
errors.  Before we implemented greylisting, this was a pretty big pain.  Most 
of the messages that it got wrong were from non-technical friends who tended 
to not use capitalization or send chain letters or things like that.  But 
it's gotten better with training (probably partly because of the 
auto-whitelisting feature, where it remembers the From on messages you mark 
as non-spam).

With greylisting, the amount of spam that gets through is so small that it's 
been trivial to check the spam folder for false positives.  We're using 
postfix with a daemon called GLD (http://www.gasmi.net/gld.html).  There are 
several other implementations, however, that you can see at 
http://greylisting.org/implementations/

I would definitely not recommend whitelisting -- it's a huge pain for anyone 
writing you e-mail (especially with mailing lists and things like that), and 
a huge pain for you as you have to manually add addresses you really want to 
get mail from (for example, when shopping online, you may not know what 
address they'll send your receipt from, and if it's automated, they might not 
reply to get on your whitelist).  The only time I could really see it being 
worth it is with a child or someone who just gets e-mail from a few people 
and doesn't do any online shopping or mailing lists.

Greylisting would work fine with whitelisting, as long as the 
challenge-response is sent via valid SMTP.  Basically all greylisting does is 
say "send that to me later".  Spammers give up because the programs they use 
to send spam don't follow valid SMTP protocol.  Legitimate mail servers do 
follow protocol, and when they retry the message, you let them through.  See 
http://www.greylisting.org for more information.

Hope this helps!

-- 
Andrea Landaker
http://www.icecavern.net/~qirien/

More information about the Techtalk mailing list