September 2003

Eudora 6 with SpamWatch

by Michael Alderete on 9/10/2003

Note: Although still terrific tools, and in the case of SpamWatch free and built-in, I no longer use either Spamnix or Eudora’s SpamWatch, having found more effective tools. See my Personal Survey of Anti-Spam Tools for more details and recommendations.

QUALCOMM’s Eudora has been my e-mail client of choice for nearly 10 years, and last week a major new version shipped, Eudora 6. I’m usually of the “fools rush in” school of thought with regards to software updates, so I waited to see what people were saying about the upgrade (MacInTouch is a great resource for these “reader reports”).

But it’s been a week, and nary a peep. And with the amount of spam I receive continuing to grow, I really wanted to try the new SpamWatch feature. So, after doing multiple backups, I upgraded myself over the weekend.

My primary concern was whether and how my other anti-spam tool, Spamnix, would work with the new version, especially with the new SpamWatch feature. Unlike a lot of other third-party anti-spam tools, Spamnix is a Eudora plug-in, and so runs “in-process” (i.e., inside) with Eudora. [Update: SpamSieve 2 just shipped, and now also includes a Eudora plug-in. Very cool!] This makes it more efficient, but also (in theory) more susceptible to compatibility issues.

I’m happy, nay, thrilled to report that Spamnix works fine with Eudora 6 (for Mac OS X), and that Spamnix + SpamWatch is more effective than either tool alone.

I love the way that SpamWatch and Spamnix tag-team to combat spam. SpamWatch gets first crack, before other filters or plug-ins look at the message, and if the message’s score is over the spam threshold, it will be filtered into the Junk mailbox, with no further processing. (Qualcomm designed SpamWatch to run first, and you can’t change that.)

If a message doesn’t get caught by SpamWatch, then Spamnix takes a look at it, and if Spamnix decides it’s spam, it’ll go into Spamnix’s own spam folder (on my system named “ Spamnix”; note the initial space to influence sort order). These messages, nicely separated and usually all spam, are prime candidates for further training for SpamWatch.

I receive hundreds of spam messages a day, but after two tiers of spam filtering very little spam gets to my Inbox — so far only a couple a day, with very little training of SpamWatch yet. The few that have made it through have gone straight back to SpamWatch for training. :-)

What is fascinating about this process is the progress that SpamWatch has made, in less than 4 days of processing my mail. The first time I downloaded a sizeable batch of e-mail (more than 50 messages), most of the spam got through SpamWatch, and caught by Spamnix. After training SpamWatch with those messages, and then downloading another big batch a few hours later, the ratio went the other way: SpamWatch was now catching most spam before Spamnix got a chance to look at it.

I’m still glad to have both layers. Spamnix was extremely effective at catching my spam, prior to SpamWatch being added to the mix, and it’s still catching spam that SpamWatch is missing. So overall, I am doing better in my personal war against spam (though it’s important to remember that this is defensive action only).

About the only downside of introducing SpamWatch as a new layer of anti-spam defense is that right now it’s relatively untrained, and generating a larger number of false positives (non-spams filed in the Junk folder) than I’m used to. SpamWatch ships “pre-trained”, meaning it already has a database of spam words to run against, but this list is generic, not customized to my own e-mail traffic. So it’s not that surprising that some of Rochelle’s e-mails are getting tagged as spam. My previous experience with Bayesian filtering is that it rapidly adjusts as you correct its mistakes, so I’m confident the false positives will go down in a week or so.

At any rate, I’m quite happy with the new version, especially since I was still in my 12 month support period from my last upgrade, so version 6 was free. Recommended, even if you have to pay for it.

{ Comments on this entry are closed }

Pete Wellborn for senator

by Michael Alderete on 9/10/2003

Pete Wellborn is the attorney representing the defendants in a recent nuisance lawsuit filed by a group of spammers against some of the better-known — and more effective — anti-spam resources and groups, such as Spamhaus and SPEWS.

His motion to dismiss the case was so effective that the plaintiffs are now trying to back out of the case, so they can avoid having to pay opponent’s legal fees, which they’re likely to have to do. Pete’s not going to let them do that.

Wellborn has been so effective at racking up successes against spammers, to the tune of multi-million dollar judgments, that he’s called the “Spammer Hammer.” And after defending on this lawsuit, he’s switching to offense, to run down the toads behind it for their spamming activities.

Go get ‘em, Hammer!

{ Comments on this entry are closed }

My life right now…

by Michael Alderete on 9/9/2003

…is pretty much like this article at The Morning News.

{ Comments on this entry are closed }

Security insights

by Michael Alderete on 9/6/2003

From a recent interview with Bruce Schneier, one of the U.S.‘s premiere security experts, comes one of the most understandable and insightful comments on recent security changes that I’ve read:

There’s a common myth that security and liberty are opposites, that increased surveillance is necessary for increased security. This is wrong. Of all the measures instituted to improve airline security, only two have had any positive effect: Reinforcing the cockpit door and teaching the passengers to fight back. Everything else is window dressing — “security theater,” as I call it in my book. Notice that neither of those two things have any effect on personal liberties.

I’m sure that so-called “homeland security” will continue to be a major political lever used to introduce more government control and oversight into our lives. Perhaps Bruce’s new book will at least inject some common sense into the discussion.

{ Comments on this entry are closed }