Welcome to WebmasterWorld Guest from

Forum Moderators: phranque

Message Too Old, No Replies

Filtering Spam Battle

What works for you?

4:08 pm on May 11, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

Using Ihatespam on email client, and filters on servers still get some 650 junk monthly.
Reporting spam is time consuming thougt I do, you never know if that works at all.

What works for you?
I can't drop every spammed email since sooner or later they start to receive spam...

6:48 pm on May 11, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

silverbytes said: ...servers still get some 650 junk monthly.

Monthly. That's about twenty-two spam e-mails a day.

I usually have between one and two hundred spam e-mails waiting for me each and every morning. And that doesn't count the tens of thousands of messages that get blackholed at the server.

You might want to look into using MailWasher Pro. It can save a lot of time in the review process, and enables you to delete spam directly from the server (rather than having to download it first, thus exposing your computer to potential problems).


8:35 pm on May 11, 2006 (gmt 0)

10+ Year Member

I remember getting upset and getting more than 10 in a month. Now it's 200-400 a day. Lastweek I got about 1600 in one day.

A couple of years ago, I started getting totally overwhelmed and was about to get rid of all my email accounts and start over, but dreaded tracking down who was supposed to have me new email.

I switched to spamcop, and it works well for me. I can eyeball the spam very quickly and see the false negatives (very few) very easily

12:43 am on May 12, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

I'm using Ihate spam, they don't upgrade the version 1 year ago at least. But can't imagine what may be different using other software.
Mail washer pro: it's very tedious to launch other software before launching email client.
2:00 am on May 12, 2006 (gmt 0)

10+ Year Member

It can be simple if you are using email for a small online business. Just set your email/order forms to a subject line
eg Re: blue widgets and your filters to "if the subject doesn't contain blue widgets send to trash. Then set up a white list for your regular affiliates/customers etc.
I did this three weeks ago eliminating about fifty filters and a black list half a mile long and growing.

The 300-500 spam I was receiving everyday is now no longer a problem, false positives are down to a handful every week.

2:39 am on May 12, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

It's not my case belive me. That's a solution that can't think for myself. I got specially annoying viagra cialis spam and others that comes with different senders, and subject with an img that is the text (they seem to be writting the spam text in a gif file to avoid filters)
2:40 am on May 12, 2006 (gmt 0)

10+ Year Member

That does not work if you are getting legitimate mail all the time from new customers who are not on the white list.

I used to use filters with Eudora, but once you have several hundred filters it gets out of control.

3:08 am on May 12, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

I subscribe to Postini through my ISP and rarely get any spam anymore. I look at the junk file once a day and usually have about 300 to 400 junk e:mails in there. Takes about 3 minutes to scan the subject lines and I rarely if ever find a "real" message in amongst the trash. I select "all", hit delete and that's that!

Not a problem for me anymore. Postini is great! :)

3:17 am on May 12, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

I've got SpamAssassin running on the server and Thunderbird as my email client with the adaptive filter being studiously fed. Still, about 20% of them make it through (starting from a total spam count of about 50-80 a day). I have to do a quick scan of the delete folder before I empty it anyway, because sometimes legitimate emails get flagged (one every day or two). I hate spammers with every cell in my body. They waste so much of my time, and it's always the same nonsense - drugs, mortgages, and virus attempts (I love the ones that have "Proof of Concept" as the subject, with an attachment). It's very frustrating - if it were just a Porcupine eating my jeep, fine, I stalk it with a baseball bat, but with spammers, you can't find them to do anything about it. I'm running a cgi honeypot on a few main pages, as part of a project some of you are probably aware of, but I doubt if it will accomplish much in the end.
3:02 pm on May 12, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

Spamcop net has a page to report spam, maybe with enough reports you may stop at least those you personally receive if they take them down.
4:49 pm on May 12, 2006 (gmt 0)

10+ Year Member


It works great, no matter how many new customers you get.Just use a contact form with a subject line eg."About Your Widgets" and filter for that subject line, dead simple. Use the white list for your main contacts only. I now have NO SPAM., not even GIF spam.

5:27 pm on May 12, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

As said before can't do it. I receive new costumers emails daily (and lot of spam too!) and they often comes thru mailto links and change the subjects. Can't loose them just to avoid viagra promotion...
9:15 pm on May 12, 2006 (gmt 0)

10+ Year Member

If you use a contact form and get rid of the spam fodder mailto: links they can't change the subject line ;~).
All I know is I now have an extra hour that was formerly spent
weeding spam from business mail.
4:17 pm on May 13, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

Is there other reasons to not move towards forms instead mailto: people don't like filling forms. I prefer get real emails and some spam than loose real emails. The question is about how to filter spam...
9:03 pm on May 15, 2006 (gmt 0)

10+ Year Member

Hi all, just an update as promised. Week four, I've received 14,588 spam, all hit the trash and only three false positives.
I tweaked the filter for the three emails (they were from old pages with mailto links I hadn't changed). Man I love this, no spam!

P.S. I've had the same email address since 1996, hence the amount of spam.

10:05 pm on May 16, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

Sometimes I scratch my head that people are still dealing with spam; there's been a solution around for a while that requires no "training", and has about as close to 0 false positive rate as you can get.

You first create a whole bunch of fake email addresses that no human is ever allowed to see, spanning many different domains and IP addresses. You then give these addresses to spammers (e.g., via hidden text on illegal web pages that spambots happily will harvest). Google for "CBL" for an example of such a "honeypot" database that mail servers can be configured to take advantage of.

Next, when the spammers do a run, it's highly likely they will send a copy of their spam to one of "honeypot" addresses in your database. You absolutely know that is spam, because that address has been given out only to spammers, no humans. So, your mail server can then temporarily block any receipt of mail from that IP address, since it is known to currently be sending spam.

What if the spamming run sends a message to a real user before one of the honeypot addresses? That's the second part of the solution: greylisting. When you get an email from an address you don't know, your mail server is configured to note that fact in a database and tell the sender "Umm, I'm busy right now -- could you try sending that message to me a bit later?". The spammer either just gives up right then or there, or else keeps trying to resend.

The mail server will keep denying the attempt to send that message for whatever length of time you set your greylist window to. That leaves plenty of time for the spammer to eventually transmit to a honeypot address and then your mail server will simply reject (or silently accept and drop in the bit bucket) the next attempt to send that spam message. If it's not a spammer, then eventually the greylist window (e.g., 2 hours) will expire, and the mail server will say "Huh, I guess that's a real person sending that, so I'll let that person send us mail in the future without greylisting them." and sends the message on to you.

Greylisting combined with a honeypot database is just about the perfect fix for spam, IMO. I have an address that's been public on the web for years. I get about 0-2 spam messages per day. The ones that slip through are invariably from random PCs throughout the world that have been turned into spam zombies.

3:56 am on May 17, 2006 (gmt 0)

10+ Year Member

My isp doesn't allow me to have my own mail server, and I'm sure many people are in that boat. I used to have brightmail, over 50 of my own filters, plus thunderbirds own antispam system and I still got spam. Your system sounds as much work as my old one ;~) Eliminating mailto: links, using contact forms and whitelisting my friends and associates is the best system I've tried so far.
12:59 pm on May 17, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

I have no doubt that works for you, but think this in my case: I can't whitelist future costumers I don't really have. So removing mailto just to avoid spam or removing from server thru rules is not a suitable option to me.
I got false positives often too. Reporting to spamcop or similar services produced no sensitive results in my case I still get some 50-100 spam daily.

Featured Threads

Hot Threads This Week

Hot Threads This Month