Spamnix, My New Anti-Spam Tool

Yesterday a new anti-spam tool shipped, Spamnix, which functions as a plug-in to Eudora, on either Mac OS X or Windows. After installing it and using it to check e-mail a couple times, I’ve decided to abandon my old tool, Spamfire.

Update: Although it remains an excellent tool, I no longer recommend Spamnix, having found more effective tools while Spamnix 3 was in development, and Spamnix 1.2 was not enough. See my Personal Survey of Anti-Spam Tools for more details and recommendations.

Yesterday a new anti-spam tool shipped, Spamnix, which functions as a plug-in to Eudora, on either Mac OS X or Windows. After installing it and using it to check e-mail a couple times, I’ve decided to abandon my old tool, Spamfire.

The reason is pretty simple. Spamfire is fairly effective, but its design means my e-mail is processed twice. First Spamfire downloads and scans my messages, deleting those it considers spam. Then Eudora downloads whatever Spamfire lets through. Spamfire integrates with an e-mail client via the POP3 / SMTP mail server, with AppleScripts to trigger the client’s e-mail check. Overall this works fine, but because Spamfire is a separate application the whole process is slow and cumbersome. It would be better if Spamfire itself was not as slow as molasses, but, well, it is as slow as molasses.

While it’s true that Spamnix can only be used with Eudora, I’ve been using Eudora for so many years the possibility of switching to something else is near zero. So my only consideration is how well it integrates.

Spamnix does that beautifully. My e-mail downloads as normal, but messages are scanned during the download process. Messages which exceed the spam threshold are filtered to a separate mailbox, for later review. The rest go to my Inbox as normal. No two-stage mail downloading and processing, no switching to a separate application to review the caught spam for false positives, no hassle rescuing the few false positives that do turn up.

One of the other selling points for me (and here’s where you can tell I’m a nerd) is that Spamnix is based on SpamAssassin, the extremely well-regarded Open Source spam tagging tool written in Perl. While Spamnix appears to currently be using only the text scanning part of SpamAssassin right now, I am very hopeful and excited that Spamnix may soon support the Bayesian filtering and Vipul’s Razor collaborative spam tracking capabilities of the latest SpamAssassin.

At any rate, if you’re a Eudora user on either Mac OS X or Windows, and it’s worth $30 to you to block most of the spam you’re currently receiving, you should give Spamnix a try. The software is downloadable for free, and functions for 30 days before requiring a license key for further use.

But if you’re like me (I get well over 200 spams every day), it won’t take 30 days to convince you that $30 is a small price to pay. I decided in less than 24 hours!

Vendor-Specific E-Mails to Fight Spam

Managing your own e-mail server is a pain in the ass. There’s no two ways about it, when you want to take control of your own network infrastructure, you increase the complexity of the systems you manage, and you greatly increase the consequences of screw-ups. So if it’s hard work, and screw-ups mean you lose important messages, why would anyone want to run and manage their own e-mail server? For me it’s all about spam and viruses.

Managing your own e-mail server is a pain in the ass. There’s no two ways about it, when you want to take control of your own network infrastructure, you increase the complexity of the systems you manage, and you greatly increase the consequences of screw-ups.

For example, when I was using aggressive RBL blocking, it was bouncing e-mail I actually wanted to receive, in addition to some spam. A different anti-spam tool was causing occasional, apparently random errors, which resulted in some e-mail messages being dropped on the floor. And back in September, when Rochelle and I were in France and the e-mail server died, we lost about two weeks of e-mail.

So if it’s hard work, and screw-ups mean you lose important messages, why would anyone want to run their own e-mail server? For me, it’s all about spam and viruses. I have a great deal more options for strategies to deal with unsolicited commercial e-mail (spam) and for protecting us from e-mail borne viruses. Since I get about 200 spam messages every day, this matters a lot to me.

One of the tactics I use is to create vendor-specific e-mail addresses, and then expire them when they start generating spam. Here’s how it works. When I register at a new web site, say, www.bigcommerce.com, I give them the e-mail address email hidden; JavaScript is required, which will be an “alias” for my actual e-mail address. This lets me receive mail from the vendor, but tagged in a way that’s traceable to them. Any e-mail sent to that address, I know it’s www.bigcommerce.com that generated it — or sold my address to spammers.

And that happens surprisingly often, especially with dot.bombs that went out of business and sold all their assets, including their customer lists, to whomever wanted to buy them. The biggest offenders in my Inbox have been myspace.com and techies.com.

When the amount of spam going to a vendor-specific e-mail address gets to be too much, or if I know they’ve gone out of business, I will “expire” the address. This is done by setting the alias to bounce when someone tries to send messages to it. For folks who want the technical details, I add an entry like the following to sendmail’s virtusertable file:

email hidden; JavaScript is required    error:nouser 550 No such user here

This trick is only possible if you own your own Internet domain name, e.g., alderete.com, and have complete control over the e-mail aliases for your domain, usually by running your own e-mail server. (Some hosting services will let you do stuff like this, but most of them don’t give you full access to your aliases files.)

I’m still evolving my strategies to combat spam. With almost 1500 offensive messages being sent to me each week, I have to have pretty sophisticated filters. What I have today works fairly well, but could be even better. I’ll surely post when I add new techniques or tools. But no matter what I add, vendor-specific expiring addresses will continue to be a useful and important part of my anti-spam system.