Phil’s Diary - [Blog @ http://www.philsdiary.net/]
home
Thursday January 8, 2004
Anti-Spam

Over the Christmas break I started routing my parents email through my email server. The reason being is that they get about as much spam as I do, typically 30-40 spam emails per day, and 1-2 genuine emails per day. I’ve been using SpamAssassin for long enough now that I’m happy that it’ll radically reduce their spam count.

While I was looking at this I also found another way of reducing my own spam. This being RBL (Real Time Black List) (I’ve used the one provided by Spamhaus for no particular reason). If you’ve not come across these before, basically when the mail server receives an email it checks to see if the sender is a known spammer or not. It doesn’t look at the contents of the email or anything like that, it just looks at the source mail server, to see if it’s a relay or spammer. It then bounces those emails.

To add that sort of functionality to my own machine just took the addition of two lines to my sendmail.mc file:

FEATURE(`dnsbl’,`sbl.spamhaus.org’,`”Spam blocked see: http://spamhaus.org/”’) dnl

FEATURE(`dnsbl’,`xbl.spamhaus.org’,`”Spam blocked see: http://spamhaus.org/”’) dnl

And that’s it.

I found that it rather dramatically cut the spam count, with something like one spam email making it through every two days. This was then dealt with by SpamAssassin, lightening it’s workload considerably.

If you look at Spamassassin you’ll find it does use these RBLs anyway, but using them as part of sendmail means that the email doesn’t even get into the system.

This though is also a downside, as it’s mighty hard to tell what email has been bounced as spam, and there’s certainly no chance of recovering it it if it was incorrectly identified.

On balance for now I’ve decided not to use this feature. At the moment the spam situation is such that I’d prefer to be able to go through a spam folder and delete the emails rather than have them bounce automatically.

But it’s another tool I know a bit about and how to use, and it has uses above my personal email for company-wide systems or if my own spam gets even worse.

Anyway, enough about boring techno stuff… time for work.

Posted by Phil on January 08, 2004 07:14 AM | Categories: Linux

Why not just have spamassassin munge the subject, then filter those to a seperate folder. This lets you see whats being marked, adjust your settings as needed, and lets you check the spam far less often.

Posted by: Carlos Averett at February 1, 2004 5:42 PM