Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: phranque
silverbytes said: ...servers still get some 650 junk monthly.
I usually have between one and two hundred spam e-mails waiting for me each and every morning. And that doesn't count the tens of thousands of messages that get blackholed at the server.
You might want to look into using MailWasher Pro. It can save a lot of time in the review process, and enables you to delete spam directly from the server (rather than having to download it first, thus exposing your computer to potential problems).
A couple of years ago, I started getting totally overwhelmed and was about to get rid of all my email accounts and start over, but dreaded tracking down who was supposed to have me new email.
I switched to spamcop, and it works well for me. I can eyeball the spam very quickly and see the false negatives (very few) very easily
The 300-500 spam I was receiving everyday is now no longer a problem, false positives are down to a handful every week.
Not a problem for me anymore. Postini is great! :)
P.S. I've had the same email address since 1996, hence the amount of spam.
You first create a whole bunch of fake email addresses that no human is ever allowed to see, spanning many different domains and IP addresses. You then give these addresses to spammers (e.g., via hidden text on illegal web pages that spambots happily will harvest). Google for "CBL" for an example of such a "honeypot" database that mail servers can be configured to take advantage of.
Next, when the spammers do a run, it's highly likely they will send a copy of their spam to one of "honeypot" addresses in your database. You absolutely know that is spam, because that address has been given out only to spammers, no humans. So, your mail server can then temporarily block any receipt of mail from that IP address, since it is known to currently be sending spam.
What if the spamming run sends a message to a real user before one of the honeypot addresses? That's the second part of the solution: greylisting. When you get an email from an address you don't know, your mail server is configured to note that fact in a database and tell the sender "Umm, I'm busy right now -- could you try sending that message to me a bit later?". The spammer either just gives up right then or there, or else keeps trying to resend.
The mail server will keep denying the attempt to send that message for whatever length of time you set your greylist window to. That leaves plenty of time for the spammer to eventually transmit to a honeypot address and then your mail server will simply reject (or silently accept and drop in the bit bucket) the next attempt to send that spam message. If it's not a spammer, then eventually the greylist window (e.g., 2 hours) will expire, and the mail server will say "Huh, I guess that's a real person sending that, so I'll let that person send us mail in the future without greylisting them." and sends the message on to you.
Greylisting combined with a honeypot database is just about the perfect fix for spam, IMO. I have an address that's been public on the web for years. I get about 0-2 spam messages per day. The ones that slip through are invariably from random PCs throughout the world that have been turned into spam zombies.