Category Archives: anti-SPAM

Posts dealing with anything concerning SPAM email.

Anti-SPAM SMTP Proxy (ASSP) One Month Later

Posted on by
Reply

I’ve been running ASSP at a client site for Just over a month and I’m really impressed. It was easy to configure and has been quite effective at blocking SPAM.

The nicest feature of ASSP is the way that the Bayes filter trains itself without requiring much in the way of human intervention. I have had to spend some time manually combing the logs for false positives (right at the beginning), but it really hasn’t been too bad.

Auto-Whitelisting
All recipients on outbound emails are automatically whitelisted (nice feature!) and a copy of every email is placed in the “HAM” folder for training the Bayes filter. It really hasn’t taken long for the filter to stockpile a large number of SPAM and HAM and this has really improved the situation for the users.

Conclusion
If you are evaluating anti-SPAM solutions for your network then I suggest you evaluate ASSP before dropping big bucks on a proprietary solution. There really isn’t much point in spending thousands of dollars on a commercial product when ASSP is free, easy to configure and effective.

I like it.

Using Postfix to Bounce Invalid Recipent Email Before it Reaches Microsoft Exchange

Posted on by
Reply

Postfix is great for filtering SPam

Many email administrators prefer to filter inbound email using Postfix running on Linux, FreeBSD, OpenBSD or some other UNIX platform before relaying it to an internal Microsoft Exchange server. This strategy allows administrators to take advantage of the flexibility of Postfix and a wide variety of open source SPAM filtering solutions like Spamassassin, Amavisd-new, ClamAV, and a host of other open source solutions.
Continue reading

Memo to ISPs: The SPAM Problem is Partly Your Fault

Posted on by
7

ISPs are one of the most vocal opponents of SPAM because it eats up their bandwidth. Yet, a lot of ISPs continue to allow their customers to send email out to the world on TCP port 25 with no restrictions. Huh?

I’m of the opinion that the ISPs need to take more responsibility for the email that is leaving their networks. If you are an ISP and you have SPAM zombie PCs on your network spewing thousands of outbound SPAM messages per day, then you need to shut them down. Continue reading

Navigate the Anti-SPAM Filter Maze With Common Sense!

Posted on by
Reply

Getting your legitimate email through the maze of SPAM filters is a tricky business. Many of the “gotchas” are the result of an improperly configured technical details on your end of things (eg. your server, your DNS, your mail client, etc.). The problem for 99% of email senders is they have very little control over these details but they can control the content of their emails. Here is where the common sense kicks in: If you email looks like SPAM then it is going to get treated like SPAM!

SPAM filtering 101

Most good SPAM filters use some form of Bayesian Analysis to do statistical analysis on the text content of your email. I’ll spare you the gory details, but essentially these filters learn common text patterns from SPAM email and then use that information to filter out SPAM.

If you send email that contains “spammy” content then there is a much better chance that your message will end up getting blocked. Continue reading

Navigate the anti-SPAM filter maze with SPF

Posted on by
3

Setting up your DNS with a Sender Policy Framework (SPF) record is a great way to help ensure that your email makes it through to your intended recipients.

In a nutshell, a SPF record in your DNS tells the receiving mail server whether your email server is allowed to send mail for your domain. It really helps the receiving server to trust that your message isn’t forged, unlike the vast majority of SPAM messages. There is quite a bit more to it, so if you’re interested then check out Wikipedia on SPF. Continue reading

Don’t want SPAM? Don’t post your email address on the web!

Posted on by
5

Here’s a tip for everybody who puts together web pages.

It may seem obvious, but one big way to avoid receiving SPAM is to keep your email address off of the web. Automated spambots scour the web 24 hours a day looking for email addresses to add to the SPAM distribution lists. If your email address is on your web site then you can bet that you’re going to be receiving a ton of SPAM in the near future.

Here’s a great article on several different ways to put email addresses on your website while keeping the spambots at bay.

Fighting Image SPAM: FuzzyOCR Resources

Posted on by
Reply

I posted recently regarding the battle against image SPAM. One of the comments pointed out that defeating image SPAM was actually fairly straightforward if OCR software was used to scanned image attachments. I agree, but the real problem is that very few people have access to an Optical Character Recognition (OCR) based scanning solution. Either you pay the BIG bucks for a commerical SPAM filtering solution, or you get an uber-geek to integrate FuzzyOCR into your existing Spamassassin based solution. I would guess that 95%+ of email inboxes are not currently protected by OCR so it appears the image spammers aren’t yet too concerned about fooling OCR-based anti-SPAM solutions. Continue reading

PTR DNS records and SPAM Filtering

Posted on by
4

Blocking spam is an arms race between spam detection and detection avoidance techniques. Lately spammers had the upper hand but the tide has turned with new PTR record blocking techniques. This is how implementing PTR record filtering has reduced our spam to nearly zero. Reducing Spam to Nearly Zero with PTR Record Filtering

Interesting article on how a big company, using a Barracuda SPAM filter, reduced their SPAM significantly by filtering out email originating from cable modem users on the Shaw Cable network in Canada.

There is really no good reason why legitimate email would be originating directly from home users on the Shaw network. It is pretty safe to assume that 99% of email being sent directly from a consumer broadband connection (and not relayed through Shaw’s SMTP server) is SPAM of some flavor.

If home users are geek savvy enough to be running their own home mail server on the Shaw network (like me!) then they should also be smart enough to know that they should be using Shaw’s SMTP server as a relay host for their outbound mail!

The only “problem” with this approach is the scalability and maintainability of the solution. Trying to compile and maintain a comprehensive collection of regular expressions to match all the potentially SPAMmy PTR records is daunting. Having said that, anything that can reduce the amount of SPAM reaching my inbox is probably worth pursuing.

Avoid SPAM filters by ensuring your DNS is setup correctly

Posted on by
2

This tip is for all the email server admins out there.

Many mail servers have SPAM filtering options enabled that subject the sending mail server to a battery of DNS tests before accepting any mail. This is an attempt to establish the validity of the claimed identity of the sending server before even beginning a conversation. It’s a bit like looking through the peep hole and sizing up the visitor before deciding if you are going to open the door. Continue reading

Sending legitimate email through the SPAM filter maze

Posted on by
4

Ever worry that your important outbound emails might not be reaching their intended recipients?

It seems like everyone has had at least one important email not get through to the intended party, only to find that it was caught in the recipient’s SPAM filter.

Successful delivery of legitimate email (ie non-SPAM) is a growing concern with so many companies and ISPs implementing increasingly aggressive anti-SPAM strategies. A slight problem or misconfiguration with your mail server, email software, or message content can be the difference between succesful delivery and your message wallowing forever in SPAM filter purgatory! Continue reading