Discussion in 'Article Discussion' started by :: kna ::, 15 Mar 2004.
I don't know if its just me being lucky (touches wood!) but for the past few months I have received virtually zero spam in my Hotmail account (I still get plenty of spam but its all filtered into the bulk mail). I used to get loads of spam that got through the filters, but it seems to all be correctly filtered out now - I wonder if M$ have come up with an improved system. Very little proper mail goes into my junk folder, except for Bit-Tech messages where the thread has "!" in the title!
Only solution was to send everything for that alias to the black hole provided by my forwarder (Easily). Checked a month later and the flood of return to sender, address unknown stuff had stopped, so the spammer had moved on to some other poor sod and I could use my name again.
However, "normal" spam to that addy is well over 100/day, so maybe time to move on myself.
i don't get spam, but in my hotmail i get all the "undelivered message" things from viruses going around
plus i never use e-mail, i usually use MSN Messenger to contact people
reminds me of that episode of chappelles show
where he is on the internet
I've learned the hard way, my old email was getting 100+ a day and now noone gets my email except stores and forums.
Anyone else wants to contact me they can use messenger...
I have 3 addresses that I use for different things. The main one is just for work related stuff and the other two have a selection of things going to them. Hotmail handles all forum and other related things where as something important like a invoice from a site goes to my main address which is picked up by POP3
SP2 beta took a chunk out of my machine too, only i had to reformat my harddrive after because it kept freezing my computer up whenever i loaded windows (immediately after uninstallation)
what a crock.
I would also like to take this opprotunity to blame someone else, the idiots that reply and purchase as a result of receiving spam about a product.
Microsoft proposes that "email stamps" that would cost as little as a cent or two would render the technique of spamming no longer financially viable. I say, why punish the innocent, legitimate user? If companies hiring spammers got zero responses and revenue from sales then it would have the same effect. If these idiots that thought the answer to their refinancing future or the size of their genitals in an unsolicited scurge would not send people their money, it would have the same effect.
pr0n on the other hand, well, you can't stop pr0n
Simple solution to that - add firstname.lastname@example.org to your friends / safe list and hotmail won't block any more important thread updates!
If you suffer from spam, use Spambayes. It's free, opensource, and in my experience, 100% effective. It even has an outlook plugin! Uses some very cunning techniques.
Uhm, I'm a bit curious why you aren't running your own email server - and possibly a system-wide "spamassassin" install to handle filtering. It's what I do on all of my production and personal email servers, and I routinely get 2000-3000 spam emails a day, but only 5-10 slip through. I could filter more stringently, but I might miss out on some legit emails coming from ebay and so forth. I just have my email client set to empty out the spam catch folder every day if I don't do it myself manually, and there is no trouble. Seeing as you don't seem to get much spam (but enough to be annoying) you should consider also having all the spam forwarded into a spam folder, that way if you lose an email to the filtering, it's still there, just not right in your inbox.
Here's a simple example procmailrc file for procmail IMAP delivery that utilizes spamassassin and dumps things into a Spam folder.
| /usr/local/bin/spamassassin -P
* ^X-Spam-Status: Yes
PS - I've used this email address since May of 2000, and have no intention of using any other in the future. Spammers are smart, the only way to win is be smarter. Can't outwit all of them, but you can beat 99% and the 1% that gets through is just life.
Here's an example spam caught by spamassassin and dumped in the Spam folder.
Spam detection software, running on the system "quark.orblivion.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or block
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: </style> </head> Our NaturalGain+ Penis Enlargement
Pills Will Expand, Lengthen And Enlarge Your Penis 3+ Inches. 100%
Satisfaction Guaranteed! Or Your Money Back! [...]
Content analysis details: (39.6 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
4.4 DATE_SPAMWARE_Y2K Date header uses unusual Y2K formatting
4.2 IMPOTENCE BODY: Impotence cure
1.1 BANG_GUARANTEE BODY: Something is emphatically guaranteed
1.1 PENIS_ENLARGE BODY: Information on getting larger penis/breasts
1.0 NO_COST BODY: No such thing as a free lunch (3)
0.6 PENIS_ENLARGE2 BODY: Information on getting larger penis/breasts
1.2 GUARANTEED_STUFF BODY: Guaranteed Stuff
4.3 MONEY_BACK BODY: Money back guarantee
0.6 CLICK_BELOW_CAPS BODY: Asks you to click below (in capital letters)
1.2 BANG_EXERCISE BODY: Talks about exercise with an exclamation!
0.4 HTML_TAG_BALANCE_HTML BODY: HTML has unbalanced "html" tags
0.1 HTML_FONTCOLOR_RED BODY: HTML font color is red
0.1 HTML_60_70 BODY: Message is 60% to 70% HTML
0.1 HTML_FONTCOLOR_BLUE BODY: HTML font color is blue
1.6 RAZOR2_CF_RANGE_51_100 BODY: Razor2 gives confidence between 51 and 100
0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 HTML_MESSAGE BODY: HTML included in message
0.5 HTML_LINK_CLICK_CAPS BODY: HTML link text says "CLICK"
0.1 HTML_FONT_BIG BODY: HTML has a big font
0.1 HTML_LINK_CLICK_HERE BODY: HTML link text says "click here"
0.8 HTML_IMAGE_ONLY_08 BODY: HTML: images with 600-800 bytes of words
0.7 MIME_HTML_NO_CHARSET RAW: Message text in HTML without charset
0.9 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
3.0 FORGED_RCVD_NET_HELO Host HELO'd using the wrong IP network
2.8 DATE_IN_FUTURE_03_06 Date: is 3 to 6 hours after Received: date
1.1 RCVD_IN_DSBL RBL: Received via a relay in list.dsbl.org
2.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <http://www.spamcop.net/bl.shtml?18.104.22.168>]
1.1 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format
1.2 MISSING_MIMEOLE Message has X-MSMail-Priority, but no X-MimeOLE
0.3 UPPERCASE_25_50 message body is 25-50% uppercase
1.1 MIME_HTML_ONLY_MULTI Multipart message only has text/html MIME parts
1.6 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.
We run Spamassassin and I then suck all my mail through Spamcop, they still get through... It also doesn't alleviate the problem of people hijacking my Email address.
The problem with most anti-spam software is, you've still got to download the damn stuff before the filtering can operate. MailWasher will delete on the server but it's very slow and bouncing is a waste of time, the bounce will either not get delivered or be delivered to somebody like :: kna :: who's had his addy hijacked.
A long string of OE Message Rules kill about 25% of mine on the server, but as fast as I add a new spelling variation on "Viagra" a fresh one comes out...
If they are still getting through, something isn't right. Have you been "teaching" spam assassin? I don't know anybody who receives as much spam as I do, and SA has been excellent at filtering mine out. Also, SA works with SpamCop already, you shouldn't need to be paying them another subscription fee on top of that. When you say email hijacking, I'm a bit confused what you meant (didn't understand it in the article) - did you mean people are sending out emails with your address as the From: in the header?
I wish people would learn to configure their mailservers correctly. If everybody did/would then these spam issues wouldn't be nearly as bad. Not allowing mail to be sent from a non-local domain, using SASL for authentication, etc would save the net/email.
That's what happened to me. If you receive spam, your address is on a spammer's list. A test will show if it bounces mail or not. If it doesn't, it gets used as the "From:" so any filter that checks for a valid return address is fooled.
Separate names with a comma.