Past EED rants

Labels

Live leaderboard

Poker leaderboard

Voice of EED

Thursday 20 November 2003

Time for anti-spam [lurks]

I get a lot of spam. My spam folder in The Bat has 990 spam for the last 7 days. That's 140 a day. Nearly 6 every hour. My mail is virtually useless without some kind of anti-spam measures, which unfortunately renders my squirrelmail access from work as being virtually useless. Well, my in-box anyway - the mailing list folders are OK.
At home I've used SA Proxy like many other EEDers. Don't bother trying to find it, it's gone commercial and they've nuked the free version. Nice guys. At any rate, SA Proxy just wasn't picking up enough spam. Virtually no false positives but enough was sneaking through that it was annoying.
I realised that basically I have absolutely no qualms with buying a decent industrial anti-spam solution that works. So I began to look around. There's two types, checkers and proxies. Checkers kind of sit on your pop box and run as an application, deleting spam from the pop box and then launching your mail client to read the rest. This is pretty arse, no one wants to faff around like that. Proxies generally run in your system tray and allow you to connect through them to a POP3 mail server, they pull down the mail and do stuff to it depending.
SA Proxy just inserted a spam subject for you to filter on. I found this program called SpamWeed by some chinese developers. It's a little app that sits in your system tray. It doesn't actually send your mail client spam at all. It displays legit mail and spam mail in the application. If it false positives or false negatives (and it does, out of the box) then you just correct it and it learns from this.
In just a single day and maybe ten or so corrections (all at once from this morning's mail), so far it seems pretty much perfect. Very impressed so far, it's also pretty darn cheap. Going to let it run for another day or so and if there's no showstoppers, it'll become my anti-spam app of choice.
Anyone else got any anti-spam software success stories?

11 comments:

  1. I've been using an open source solution called POPFile for almost a year now, and it does a near-perfect job for me. It runs as a mail proxy service under Windows and works purely on the basis of keyword and pattern recognition - similar system to SpamWeed.
    It took a few weeks of classifying mails for it to achieve full accuracy, but now it's close to 100% accurate and hasn't had a false positive in months. There's a really nice web interface for setting up all your categories or reclassifying mails - one of the cute things about it is that you're not restricted to categories for spam and non-spam, you can also categorise into different 'buckets' as well, so for example I have an 'urgent' classification which intelligently selects mails that appear to be about important stuff and forwards them to my mobile phone. You can also set up 'magnets' so mails from mailing lists or certain email addresses (work colleagues or whatever) never get dumped into the spam folder. Rather than editing the subject line, I've got it set up to add an 'X-Classification: Spam' (or whatever) line to the headers, which the Bat filters on perfectly well and looks neater, IMO.
    I far prefer this kind of content-based filtering to the sort of scoring systems that lots of spam filters seem to use, which can end up blocking based on the SMTP server you used and such nonsense. Those leave you rather too open to the mercy of some RFC-toting bearded loser who decides your SMTP server has offended his Internet sensibilities, IMO...

    ReplyDelete
  2. I agree that blacklists aren't a good defence by themselves but actually, my mail server does such a lookup and it catches a fair bit of spam which SA Proxy missed. POPFile sounds nice but I've kind of decided I like the way SpamWeed keeps the spam in the app and doesn't dirty my mail client with it.

    ReplyDelete
  3. I use Mailwasher, nice little app. Logs into your pop account, downloads headers, marks mails for deletion according to blacklists and keywords, with decent filtering options. Simple but effective. Nice thing is you mark friendly email addresses as such, just sort by friendlies and scan briefly through all the rest before hitting 'delete'. It even kindly pops your email client to front after processing the pop box.

    ReplyDelete
  4. Mailwasher was something we universally didn't like because it basically is a stand alone app that deletes mail from your pop box and requires attention to do so. It's also easy to get your mail client to fetch the mail with spam, before mailwasher has done it's job. In my view, proxy spam killers are superior in pretty much every way.
    Now after a couple of dayus of SpamWeed, I've had to do some teaching but this morning it pulled in 80 e-mails and filtered with 100% success. It's a big thumbs up from be for SpamWeed so far. I might just have a look at POPFile before forking out, so I feel I've covered the bases somewhat.

    ReplyDelete
  5. Maybe I just don't trust automated filtering enough, but I'm going to end up doing a quick scan through filtered mail anyway, so there's attention required either way. That being the case, deleting it from the pop box seems to make more sense to me than using a proxy to sort spam from non-spam, if only to cut out 80% of my mail bandwidth. Possibly I'm being over-finicky - a few hundred extra mails a day shouldn't really stretch my connection, but hey it's the principle of the thing! ;-)

    ReplyDelete
  6. The free proxy stuff just marks the mail with a special header you filter on. SpamWeed has a little app where it shows you the spam and legitimate mail and you can go in there to check things.
    Now I can't see Mailwasher being able to do a good job of anti-spam processing if it doesn't pull down the content of the mail. So I can't see where your bandy savings come from there.

    ReplyDelete
  7. Going on headers alone it doesn't catch everything but catches the vast majority of it, assuming you have a few sensible filters set up. Going through the tiny list of mails neither whitelisted or flagged as spam takes next to no time. Less time than I'm saving in downloading 300 spams day? Perhaps not, I've got a reasonably fast line, but it was a fucking lifesaver when I was stuck using 56k for a while recently. Still, I find the notion of killing this crap before I get it more elegant than downloading it all into a spam folder. I suppose a nicer solution would be to run mailwasher without oversight and popfile or similar as a proxy to catch anything that leaves.

    ReplyDelete
  8. Or just run one of the many proxy ones that doesn't shove it in a spam folder, and leaves it spam in the app for you to look at at your leisure. Which is what I've been going on about all along... I get the impression you don't quite get how they work? Probably worth taking a quick peek at SpamWeed to see what they're about (this has a free trial).

    ReplyDelete
  9. '..leaves its spam in the app' kind of implies it downloads it rather than deleting it from the server, which is what I was going on about. I don't see it makes much difference which app it downloads it to. I'll admit this may be an irrelevant nicety though.
    Gotta admit I'm tempted to explore Lineone's £5 a year server side filtering, though I've only heard anecdotal evidence that it does the job well.

    ReplyDelete
  10. Is there an app which will classify spam and then bounce it back to the sender with the standard 'address does not exist' email?

    ReplyDelete
  11. The reply-to field is very rarely valid. They try to get you to visit a web site or phone a number. It's possible to get a mail server to say 'no such user' but it has to do that before it receives an e-mail. The only information available to it at that point is the IP address and whatever the spammer specifies as a FROM: address.

    ReplyDelete