Vote 0

Tired of Email Spam & Fighting Back…

Angsuman Chakraborty

November 4th, 2007

I finally grew tired of email spams, having to delete several thousand spams a day while fishing out for valid emails is no fun. Occasionally I deleted valid emails too in the process. I realized I was wasting valuable productive hours dealing with junk from cretins and morons (aka spammers). I decided to fight back.

I implemented a series of anti-spam measures in postfix over the last couple of weeks and testing them to death.

Today is my first spam-free day in probably a decade or more.

My crusade is so far with various RBL's and email header & SMTP protocol compliance checks. I haven't added spamassassin to the mix yet nor have I added clamav. I seriously doubt if clamav is required on Linux.

BTW: I never realized how effective RBL's were till I tried them. Here is the stats from my latest mail log (from Oct 28 04:09:49):

Total mails rejected: 21141
Total mails blocked using RBL data: 16551

I am checking all my protection measures for effectiveness and more importantly false positives. I plan to publish them in details soon.

Filed under Headline News, Linux, Spam Watch, Web, Web Services | Tags: Postfix, SMTP | Comment on this Article 3 Comments | Email this Article

Linux News

Postfix News

How To Report Spam From GMail Account

June 23rd, 2008 Would you believe if I said that GMail does not provide an email address to report spam? After some investigation I found how you can report GMail spam to Google. You have received spam from GMail user in your GMail account This one is simple to address.

Spamming By "Email This Article" Feature

November 27th, 2006 In Simple Thoughts blog and many other blogs worldwide there is a feature to email an article you liked (or hated) to your friends. Recently I noticed that this feature is being abused to send SPAM.

Strong Anti-Email Spam Protection In Place...

November 3rd, 2007 We are tweaking our postfix servers to offer maximum spam protection upfront with helo checks, header checks, blacklist checks, RBL's and more. So far my daily spam count has dropped from about 3000-7000 spams / day to about 15-35 spams per day.

6 Simple & Safe Postfix Changes for Over 95% Spam Reduction

November 18th, 2007 I used to receive around 5,000-7,000 spams daily on angsuman [at] taragana [dot] com email which is publicly available on the internet. It was consuming too many productive hours daily to fight spam.

Recipe for a comment spam free site for WordPress Users

December 24th, 2004 My recipe for getting rid of comment spam once and for all: Install WordPress 1.2.1 or later. Install ImageAuth hack Go to Options Tab.

Solve Your Email Spam Problem With Fully Disposable Email Addresses

November 7th, 2005 On the internet almost everyone asks for your email address. I used to give in good faith and in return I received tons of spam.

Self declared spam king files for Chapter 11 (Bankruptcy protection)

April 1st, 2005 Scott Richter, the man behind OptInRealBig.com and billions of junk mail messages, said lawsuits had forced the company into Chapter 11. OptInRealBig was fighting several legal battles, most notably against Microsoft, which is pushing for millions of dollars in damages.

Abusing Comment Name field for SEO.. No Sir

September 9th, 2007 Sometimes I see comments where the name of the person is not really his name but a popular keyword which obviously links to his website. While I understand the need to have link-love for useful comments and even encourage it, the name field shouldn't be abused by using keywords like "Web Banner Design", for example.

Bye Bye Yahoo Messenger...No Thanks To Your Spam

November 12th, 2007 I am sick and tired of Yahoo Messenger Spam initiated primarily by Myfreecamhost and now joined by few new initiates too. Everyday, at the most inppropriate times I will get one or more messages from Yahoo Messenger asking me to watch some random female's webcam on myfreecamhost for free (obviously scam).

Comment Guard Pro (WordPress Comment Spam Protection Software) Released

March 3rd, 2008 I am very happy to announce the much-awaited release of Comment Guard Pro for WordPress blogs. Comment Guard Pro is designed to unobtrusively protect your blog against all types of comment spams - trackback spam, pingback spam, robotic spam using comment form, human submitted spam (where the spammers actually goes to your site to spam you; they are the hardest to detect), referrer spam etc.

RSS Push Model (ex. PubSub) is not viable in long run

March 23rd, 2005 PubSub is a tool to push feed items to your desktop. You register at PubSub, identify topics of interest and the news will start coming to your desktop automated and in near real-time.

How to: 2 Ways to Prevent Spam Mails from Orkut

January 20th, 2009 I am sure that you usually get at least one spam mail a day from Orkut. Even GMail which perhaps has the best filtering capability of spam mails, stands helplessly in front of such backdoor attacks.

Goodmail Systems: Who is it fooling?

February 10th, 2004 Goodmail - Index "Senders of volume email attach paid stamps to their outgoing messages. These encrypted stamps include verification of the sender's identity and require the sender to honor a "trusted unsubscribe" mechanism enforced by Goodmail Systems.

Spam + Donation = Spamation? Is it acceptable?

March 2nd, 2009 I got this interesting spam in my comments today: Please, do not delete the given message. Money obtained from spam will go to the help hungry to children ugandf What do I do? I figured someone who can stoop so low as to spam is not likely to donate his ill-gotten wealth.

Naive Bayesian is a failure against SPAM

March 14th, 2005 I receive daily several thousands of spam emails on debt consolidation, mortgage and on organ enhancement advice/pills for organs I do not possess. I have been offered millions by unknown Nigerians, offered services I do not care about, images which were bad enough to spoil my day! I manage to filter most of them daily using SpamBayes, a naive bayesian filter integrated closely with Outlook.

James Says:
November 4th, 2007 at 1:40 am

If you’re using RBLs for IP checks, are you checking the emails that are being blocked by RBL data? They sure are great for blocking spam, but they also blacklist quite a few dynamic IPs and shared servers. Here are a few scenarios to consider:

1. One evening, a spammer sends a million spam emails and logs off his ISP. An RBL takes note of the spam, and adds his IP to its blacklist. The next morning, John logs on to email a report to his boss, but his boss never receives it. Why? Because when John logged on, his ISP assigned him the very same IP that the spammer used the night before, and his boss uses an group of RBLs to block email from “known spammers”.

2. John’s small, niche-market online retail site is hosted on a shared server with 100 other domains. Domain #93 begins to send massive amounts of spam emails. An RBL takes note and adds the server’s IP to its blacklist. Suddenly, John’s invoice and shipping confirmation emails are not received by certain customers. It turns out that these customers are using RBLs to block emails from “known spammers”, and they are not receiving John’s critical emails because he (and 98 other domains) share a server (and therefore an IP) with the evil Domain #93.

It was for these specific reasons that Bad Behavior scaled back its usage of RBLs to only those with a way for users to remove their own IP and provided instructions for how to do so on its block page.

Angsuman Chakraborty Says:
November 4th, 2007 at 9:44 pm

I too am using RBL’s which provide an easy unpaid way of removal. I would never use APEWS, for example, which doesn’t provide any way of removal for normal users.

RBL’s have a definite issue with dynamic IP addresses and shared IP addresses in typical shared web hosting scenario as you well illustrated above.

I am spending hours trying to see if we hit any false positives. None so far. Still I am observing it closely, looking for errant patterns and such.

Thanks for the clarifications and a much needed reminder.

James Says:
November 5th, 2007 at 1:06 am

You’re very welcome! Thanks for clarifying your stance on RBLs, your careful attention to false positives, and for only supporting RBLs with easy removal systems.

Sunandar Says:
February 25th, 2008 at 7:24 pm

May I know which RBL(s) you’re using now?
Thanks.

Simple solutions for complex problems.

Tired of Email Spam & Fighting Back…

Linux News

Postfix News

Topics (map)

Taragana Network

Blog Stats

Translate

Poll

Latest Tweets

Web Services

Postfix

Latest Friend Feeds

Linux

SMTP