DHI #5: Razor and More Anti-Spam

DHI #5 consisted of poking a hole in the firewall for Razor to access its central servers, and disabling most of the RBL blocking in sendmail, while enabling RBL checking in SpamAssassin. I also kept Rochelle from blowing up the house.

DHI #5 consisted of poking a hole in the firewall for Razor to access its central servers, and disabling most of the RBL blocking in sendmail, while enabling RBL checking in SpamAssassin.

I also kept Rochelle from blowing up the house. But that’s a longer story, for tonight.

New Server Up and Running

Over the course of Saturday I finished installing and configuring the minimum required software to be able to switch over to the new server for running my sites. On Sunday I swapped the IP addresses of the new and old systems, and got to work fixing the things that broke when I took the new machine live.

If you’re reading this, it’s being served up by my new server.

Over the course of Saturday I finished installing and configuring the minimum required software to be able to switch over to the new server for running my sites. On Sunday I swapped the IP addresses of the new and old systems, and got to work fixing the things that broke when I took the new machine live. I finished up all the obvious stuff around 2am Monday morning, and while there have been some glitches with my DSL connection that I believe are coincidental, it has been mostly smooth sailing since then.

The one area where there seem to be problems is in e-mail. I have configured my mail server to be substantially more aggressive in rejecting spam e-mail, because I’m really tired of being bombarded by 100s of offers per day for medical, sexual, and financial “breakthroughs.”

The aggressiveness seems to be causing mail from legitimate senders to be bounced. So, if you’ve e-mailed me since Sunday and I haven’t replied, it’s probably because I haven’t received your message. Try contacting me at my work e-mail address, [alderete] at sign [persistence] period [com], and let me know you tried my home address first.

I’m working over the next couple of days to change the outright rejections into recommendations, so my usual correspondence should be preserved again, while still blocking the spam. Hopefully that will be in place by the end of this weekend.

More Anti-Spam Tools

At the recommendation of a new co-worker, I recently installed Cloudmark’s SpamNet add-in for Microsoft Outlook, the e-mail client I’m using at Persistence. If you’re using Microsoft Outlook on Windows (as I have to at work), this tool should be a no-brainer.

Note: I no longer recommend SpamNet, having found more effective tools. See my Personal Survey of Anti-Spam Tools for more details and recommendations.

At the recommendation of a new co-worker, I recently installed Cloudmark’s SpamNet add-in for Microsoft Outlook, the e-mail client I’m using at Persistence.

The plug-in adds new capabilities to Outlook, enabling it to scan each message as it’s downloaded, and determine if it’s spam or not. If it’s spam, it’s sent to your Spam mailbox, rather than your Inbox. This lets you review the caught spams at another time, to verify that only spam has been filed there.

The most interesting part of SpamNet is the way it detects spam. It plugs into a P2P (peer-to-peer) network of spam reporters. Everyone who’s part of the network reports spam when it gets through their filters. After a couple people have reported any given spam, the network “learns” what that spam looks like, and will filter it for everyone else. So SpamNet “learns” about spam from the collective experience of everyone using SpamNet (currently about 40,000 people). This makes SpamNet probably the most effective anti-spam tool out there. There’s more to it than that, but not much, and you can read all about it on the Cloudmark web site.

Oh, yeah, the price tag. SpamNet is free for individual use. If you’re using Microsoft Outlook on Windows (as I have to at work), this tool should be a no-brainer.

But, there’s the catch. Today SpamNet supports only Outlook on Windows. If you use Outlook Express, you’ll be supported soon. If you’re using Netscape, or Eudora, or a Macintosh, you’re SOL at the moment.

Better Spam Killer

A while back I wrote about a free utility called Mailfilter for getting rid of spam. I’ve since switched to something much better, an inexpensive commercial utility called Spamfire. No doubt about it, Spamfire is worth the money.

Update: I no longer recommend SpamFire, having found much better tools. See my Personal Survey of Anti-Spam Tools for more current recommendations.

I wrote about a utility called Mailfilter here a while back. While I liked it, after a while I found it to not be flexible enough, and there was no safety net. If it thought a message was spam, it would delete it, and the message was gone forever.

I’ve switched to something called Spamfire. Today it’s Mac OS only (both Classic and Mac OS X), but they are working on a Windows version as well. Except for a few stability issues, Spamfire is just about the perfect personal spam filter.

Spamfire is a commercial product, unlike Mailfilter, but at less than $20 for the “Lite” version it’s well worth it if you’re getting a fair amount of spam in your e-mail inboxes. The things you get with Spamfire, that are not in Mailfilter include:

  • A very well-designed graphical user interface, which makes installation and configuration a breeze
  • A pre-defined suite of effective filters, professionally created by the vendor (with Mailfilter you roll your own)
  • A flexible scoring system (each matching filter adds to a message’s cumulative score), and an adjustable threshold for triggering mail deletion
  • Recoverable mail deletion — just Rescue a message from the Spamfilter application, which holds all deleted messages until you permanently delete them yourself
  • With the Pro version ($29) you get automated (or manual, if you prefer) updates to the application and the spam filters for 12 months (renewable thereafter)

I’m extremely satisfied with Spamfire. Because I can recover from false positives, I can set the filtering to be much more aggressive, which leads to substantially less spam. With Mailfilter I had to be careful, and only delete things that were certainly spam, which meant Mailfilter only cut down the amount, instead of virtually eliminating it.

Highly recommended if you’re tired of spam in your inbox.

Go Mo Fo!

MoFo is suing a spammer for sending their employees lots of spam, and is likely to cost the spammer a lot of money. If nothing else, seeing one of their own get sued by a world-class law firm has got to put a little fear of god into those slimy spammers.

How often do you think kind thoughts about lawyers? Well, if you get as much spam as I do, you’ve got to think well of Morrison & Foerster, fondly known as “MoFo” by those in the know — or those who look at their URL.

The reason is simple: MoFo is suing a spammer, for UCE sent to MoFo itself, and is likely to cost them a lot of money. If nothing else, seeing one of their own get sued by a world-class law firm has got to put a little fear of god into those slimy spammers.

Go, go, go MoFo!

Purging Spam

If spam in your Inbox is a problem, Mailfilter is a pretty good solution, especially if you’re using Mac OS X.

Update: I no longer recommend Mailfilter under any circumstances. See my Personal Survey of Anti-Spam Tools for more current recommendations.

I get a lot of spam (unsolicited commercial e-mail), primarily because I have a lot of public web sites with my e-mail address on them. The spammers have robots that spider the web, scanning for e-mail addresses and adding them to their databases of victims to send offers for free porn, herbal viagra, multi-level marketing opportunities, transfers of money from Nigeria, and the like.

I get dozens of spam messages a day. For a long time I sent them to the Spam Recycling Center, but recently that started bouncing the messages back to me, so I had to find something else to do with them. And frankly, I’m tired to trying to fight spam. Now I just want to get less of it.

I recently found a utility called Mailfilter that is my new answer. Basically it pre-scans my incoming e-mail, and if anything matches a spam rule, it deletes it before I ever see it. I’ve been using it for less than a week, and it’s already deleted more than 200 spam messages. I am a very happy user.

The best thing, for me, is that it runs natively on Mac OS X, and integrates quite well with my e-mail client, Eudora, via AppleScript and cron.

It’s not for the faint-of-heart, technically. If you don’t know what a compiler is, or cron, or a shell script, then it’s probably not for you. But if any of those things sounds familiar then Mailfilter may be a pretty good solution for you, too.

Not Back, E-Mail Bouncing

My network is down, my e-mail is bouncing. It’s making me crazy!

Well, you won’t read this for a day or two at the earliest, but I’m gonna keep writing. My Internet connection is still down, and because I host my entire network myself, including web, mail, and DNS servers, it means everything is hosed.

Which might cause one to rethink the arrangement I have, except I do it this way so I get a lot more control, and I get to learn how it all works. I’ve become a decent Unix sysadmin, and had considerable fun.

One of the true benefits, though, is that I get to configure my mail server’s spam filtering. Because I control the server itself, I can add all the features and filters I want — or at least those I can figure out. My server is configured to bounce a lot of spam, in particular, any mail from any domain which does not actually resolve. Which right now is all of them.

My ISP says they’ll be back up tomorrow afternoon. That’ll be pretty much 72 hours, three full days, of being disconnected.

I better be getting this month free, or I’m gonna be pretty pissed…