[clue-tech] Re: [clue-talk] Triaging spam
Angelo Bertolli
angelo at freeshell.org
Wed Dec 15 22:49:48 MST 2004
From the discussions I've seen and participated in, probably the most
valuable thing I've taken with me about spam is that how you deal with
it is intimately tied to your specific system: number of users, what
the users expect, and what is acceptable to both you and them. Everyone
is going to give you different advice. (Which is a good thing--maybe
the best way to keep spammers from getting through is to not all do the
same thing.)
Personally I like things like SpamAssassin over rejecting email with
sendmail because I think there is some statistical value to the spammers
to know whether or not their attempt to deliver was successful. But
then again the server I manage has a specific demographic: seems to get
certain kinds of spam, has about 600 users on it, and the users are ok
with getting some spam. I personally am OK with just running Mozilla
and using the built in spam filter.
SpamAssassin does not have to be all or nothing. I don't know about
version 3, but in 2 the definitely/definitely not/ maybe is exactly what
SpamAssassin does:
#From procmailrc
#DEFINITELY SPAM
:0: /var/tmp/SPAMASSASSIN.lock
* ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*
/var/spool/mail/spam/$LOGNAME.spam
#MAYBE SPAM
:0: /var/tmp/SPAMASSASSIN.lock
* ^X-Spam-Status: Yes
/var/spool/mail/spam/$LOGNAME.spam
And anything else gets sent to the inbox.
Well since you will probably get different suggestions, and have to come
up with your own system for dealing with spam, I'll tell you what I do:
1) Filter through SpamAssassin with relaxed rules
2) Filter through procmail sanitizer
(http://www.impsec.org/email-tools/procmail-security.html)
The users will still get some spam, but a lot of it is filtered out, and
they don't get viruses. And if they don't get viruses, they don't
become a problem themselves. (Ounce of prevention--blocking spam is a
lot easier when you can rule out your own users.)
Angelo
More information about the clue-tech
mailing list