Welcome to WebmasterWorld Guest from 126.96.36.199
Instead I've decided to sleep on this - any suggestions?
"remove" "subscribe" "unsubscribe" "nude" "porn"
Most SPAM has one of these words in the message. However, do look through them before you delete them. Might be something important in there, but most of the time NOT.
(edited by: MarkHutch at 12:59 am (utc) on April 11, 2002)
following someone elses suggestion in WmW, i've started phoning the spammers to ask about their wonderful products. they don't appreciate phone calls at 2am.
About a month ago I wrote a really stiff email to the editor of PC Magazine, after my efforts to get off one of their lists actually resulted in more email. Haven't received any email from them since.
With most spam, though, particularly with porn, I hesitate to use the "remove" option, figuring this would only confirm my existence.
There are utilities that will let you view POP3 email headers on the server, before downloading, so you can save time with some of the bigger attachments if you can guess they're spam.
Besides being a nuisance, that's the real problem for those on dial-up since a large attachment can criple their mail for minutes at a time.
My offices are now aggressively double-filtering, once at the server using a program available for a free trial run at spameater.net. At that level, we're programmatically scanning for the very obvious spam and auto-delete it there without ever having to download it. (I have no affiliation whatsoever with spameater)
Then it is filtered again at the desktop where it is sorted into Trash and Junk -the difference being that while anything in Junk is highly suspect, it isn't auto-deleted upon closing the email program (eudora 3.0.6).
Since the negative filtering rules are aggressive, I spent a good deal of time working on the rules for emails that should pass automatically to the inbox -even if they happen to use a "certain death" word. Of course, these positive rules need to be first in the sequence.
We're living much easier, FreeBee.
Because you are bouncing unwanted emails this sends the message to the spammer that your address doesn't exist and so the theory is they will take you off their list.
Mailwasher does all sorts of other usefull things as well, and comes FREE! I've only been using it for a week but I have already seen a reduction in spam numbers.
Obligatory Disclaimer: no affiliation.
One of the most effective filtering techniques has been to scan the From address for country codes -here is a list of all of them I could find. Season to taste:
.ac - .ad - .ae - .af - .ag - .ai - .al - .am - .an - .ao - .aq - .ar - .as - .at - .au - .aw - .az - .ba - .bb - .bd - .be - .bf - .bg - .bh - .bi - .bj - .bm - .bn - .bo - .br - .bs - .bt - .bv - .bw - .by - .bz - .ca - .cc - .cf - .cg - .ch - .ci - .ck - .cl - .cm - .cn - .co - .cr - .cu - .cv - .cx - .cy - .cz - .de - .dj - .dk - .dm - .do - .dz - .ec - .ee - .eg - .eh - .er - .es - .et - .fi - .fj - .fk - .fm - .fo - .fr - .fx - .ga - .gd - .ge - .gf - .gg - .gh - .gi - .gl - .gm - .gn - .gp - .gq - .gr - .gs - .gt - .gu - .gw - .gy - .hk - .hm - .hn - .hr - .ht - .hu - .id - .ie - .il - .im - .in - .io - .iq - .ir - .is - .it - .je - .jm - .jo - .jp - .ke - .kg - .kh - .ki - .km - .kn - .kp - .kr - .kw - .ky - .kz - .la - .lb - .lc - .li - .lk - .lr - .ls - .lt - .lu - .lv - .ly - .ma - .mc - .md - .mg - .mh - .mk - .ml - .mm - .mn - .mo - .mp - .mq - .mr - .ms - .mt - .mu - .mv - .mw - .mx - .my - .mz - .na - .nc - .ne - .nf - .ng - .ni - .nl - .no - .np - .nr - .nu - .nz - .om - .pa - .pe - .pf - .pg - .ph - .pk - .pl - .pm - .pn - .pr - .pt - .pw - .py - .qa - .re - .ro - .ru - .rw - .sa - .sb - .sc - .sd - .se - .sg - .sh - .si - .sj - .sk - .sl - .sm - .sn - .so - .sr - .st - .sv - .sy - .sz - .tc - .td - .tf - .tg - .th - .tj - .tk - .tm - .tn - .to - .tp - .tr - .tt - .tv - .tw - .tz - .ua - .ug - .uk - .um - .us - .uy - .uz - .va - .vc - .ve - .vg - .vi - .vn - .vu - .wf - .ws - .ye - .yt - .yu - .za - .zm - .zr - .zw
I'm looking forward to this washer thing. Email is a chore - particularly since we've had some email address the same since 1996.
Oh well, some work, some don't. Better than none. And the delete off server is great regardless, expecially for those 5mB attatchments.
Gets my thumbs up.
Thanks all. We had a general spam problem last year [webmasterworld.com] which was mostly solved by blocking all yahoo.com senders unless they arrived through a form. Most definitely the single most valuable step which now trashes around 200 incoming mails a day as they hit the server. Each event sends out a customised 551 error message so that any real prospects caught by the filter are provided with an alternative means of contact. In addition we've added some of the earlier suggestions to our war on spam - looks like Mailwasher needs a check out.
As for my immediate problem I'm giving the editor the benefit of the doubt assuming that one of his minions (read morons!) did the mailing without permission - he'll receive a short reply and note that they've been blocked for good.
we can't afford it to become standard business practise
A quick way to bring a legitimate business to its senses would be to report their errant/ignorant spam to a blacklist. After they spent a few man-days trying to get themselves off the lists they'd at least pause before launching another email marketing campaign.
I've been fine-tuning mailwasher for a few hours now. One of the big advantages I've seen is the ability to set up filters using regular expressions, which should reduce the processing time while increasing effectivesness -particularly when filtering the email body. Instead of writing 4 separate filters - you can pack them into one line:
The Body > contains reg expr > casino¦gamble¦gambling¦Vegas¦
Also, you can customize the message and font color of the filter status, this lets you know which filter kicked it... not knowing which filter is a problem while you're customizing.
As postmaster for my colleagues, I've always got the problem and I try not to pass it on down the line.
A key component is making sure that the the program reads the headers before even downloading the message - that system helps beat the virus' too.
BTW - Mailwasher - cool tool! (I have no affiliation with them)
I stayed up half the night waiting for the 3am onslaught of spam - talk about cheap thrills. :) Even though the hard-core spammers won't get the bouncebacks, it is just somehow wildly entertaining to blacklist them.
My email in-box hasn't been so clean in years.
Ditto. I'm finding that I'm reading quite a few valid emails on the server and then deleting them rather than pulling them down to the desktop. Very handy, saves a lot of nuisance handling.
Not, I don't think so. You can auto-delete, but that's only available for addresses that you've blacklisted.
I've sent feedback already. Wishlist/questions:
I'm running 1.32.9 beta
Is there an "if rule match, then go to next email" routine at the end of the user rule set-up? If not, that would save some processing time.
Is there a limit on the variables if setting up a filter using regular expressions? For example, in the following rule, how many country codes could be set up in a single line?
[enabled],Country,"SPAM: Country Code",255,AND,Delete,Subject,containsRE,.ac¦.ad¦.ae¦.af¦.ag¦.ai¦.....
In the above rule, what does the "255" signify?
It would be nice to be able to set up "Auto-Process" once I'm satisfied that I have the filters tuned just right.
A "null" action is needed when setting up filter rules. I'd like to be able to flag an attachment in status, but take no real action.
Back in the olden days I tried this program called Spam Hater that would 'determine' who had spammed you from the e-mail header info and then prepare a nasty reply e-mail that would supposedly reach the original sender...although it probably never worked, it got me hooked on spam soft.
I gave up on the software for a while and worked on writing my own filters and rules...that worked for quite a while, but this year the spammers just found too may ways into my inbox. I had lots of fun with SpamCop for a while, but it was just too time consuming.
SpamWeasel was the next software I tried. It is a great program and works quite well 'out of the box'. It is very customizable in the rule department as well...but once I tried this MailWasher I was hooked. It's just so easy to use...and even though I know that the bounced mail will probably end up in never-never land, it just feels good...I find myself looking forward to processing my spam now.
hey rc if you filter out .jp you won't get any of those free sushi offers I've been sending you ;)
I'd like to be able to write some simple if/then routines in order to develop more complex rules and minimize "rule bloat" but even without that, this is one mighty fine piece of code.
>hey rc if you filter out .jp you won't get any of those free sushi offers I've been sending you
Hey, just save all the coupons. When you get a big stack, I'll drop by and we'll burn through them in a night or two. Speaking of free sushi, one of the local restaurants has started putting out some of those rice/seaweed rolls on the seafood buffet on the weekends. This being a small Southern town, I pretty much have it to myself. I could stand some squid and salmon, but I'm not complaining -at least it gives me a temporary "sushi fix" and stops the shakes.
<lest we sidetrack this thread>
Anyone wishing to say "YUCCCHH! Squid." or "MMMMmmm! Sushi" -We'll meet down in FOO.
Easiest way to get out of the message is to tell your boss your alergic to spam and go down the pub instead of opening the emails ;).
2. I block all the spy bots/nosey bots/copy right bots and email spiders I can find. Where possible, these are blocked at the firewall, not in Apache Some surprising bots are out there -- InfoUSA (associated with DoubleClick) tries to spider my sites within days of domain registration.
3. My RFC addresses, except for "postmaster" are in the form RFCaddress.email@example.com. It's funny to see the spammer "demunge" these to RFCaddress@mydomain.com, which just triggers a no-user error bounce, with a message including the correct address.
4. I use, and have taught my customers with personal domains to use, per-company email addresses. For example, Amazon thinks my email address is firstname.lastname@example.org. I actually look forward to the spam I get on these email addresses. There's nothing like getting a staunch denial that they sell email address, and being able to say, "Let me forward you the email headers". In most cases, my impression has been that the customer service supervisors actually believe the lies their marketing departments have told them. Either way, the amount of groveling and butt-kissing that goes on, once you've proved that they sold your address is rather entertaining. If you do this, and want to make them REALLY grovel, just mention the name of some prominent computer columnist, and suggest that you're thinking about send them a copy of the headers!
5. At the firewall level, I block most of China, Korea, Japan, Argentina, Columbia and Costa Rica, plus most of Deutsche Telekom, Chello, and Wanadoo, plus some of Russia, Poland, and Israel. This one step alone reduces my spam by 80% and my hacker scans by 70%. Obviously, not everyone can do this, but almost all servers can block some problem areas without losing valuable traffic.
6. In Sendmail, I use the SpamCop DNSbl, which seems to catch about 80% of the remaining spam that makes it as far as talking to Sendmail. Those of you who faithfully send SpamCop all your spam are doing all the work; I'm reaping the benefits. (Thanks!)
Here's a couple of different opinions on the issue, written from the point of view of businesses with legitimate opt-in newsletters.
Bottom line: It's one thing if we set up our own filters, quite another if our mail provider does it "for" us.