Spaminating the Countryside
Last night, inspired by the recently unrelenting onslaught of spam, peaking with an ad for a penis enlargement something-or-other accompanied by the picture of a teddy bear becoming intimate with a vacuum cleaner (with a snarling face painted on it, no less) and then flashing the observer in all his enlarged anatomical correctness (the picture is so wrong I refuse to even link to it — funny, but wrong, nonetheless), I installed a new spam filter.
Having first tried messing with my server's access and spammer files to no avail (everything seems to work right, including building the .db hashes, and doublechecking the references in sendmail.cf, but they just get ignored), I finally tried a spam package called SpamAssassin.
Still not knowing which is better, the software itself or the band of angry cartoon anti-spam ninjas on the site logo (what better adversary for a tumescent flashing teddy bear than angry cartoon spam ninjas, though, right?), I found that this software, instead of filtering based on domain and address lists and things, actually sort of profiles the message itself, and assesses the results with a point system. If the message's spamaciousness exceeds the spameriffic threshold you set, then the message is out. so far he results are good:
13 legitimate emails let through
12 spams blocked
4 spams accidentally let through
0 legitimate emails blocked
That's the way I like it — I don't mind an occasional sneaky spam here or there, but I don't want to lose anything important — just so long as it gets most of it. Because when my mailbox has more junk mail than legitimate mail, that's just depressing. Anyway, for the enjoyment of all, here was the first victim:
I love it. All nuts and bolts so to speak, except for that one "Information on getting a larger penis or breasts" line. Capital letters, clickable links, tons of HTML markup, and so forth are relatively spammy, but if all else fails, when they start trying to sell you a new dick, they're probably not your friends. Sounds logical to me.
I'm still trying to figure out where the config files are, though, because there are several rules that deserve a higher weight. For example, any email about Viagra is worth more than 0 points. Even if it were someone I know telling me about Viagra, I can probably do just fine not hearing what they had to say. . . .
Having first tried messing with my server's access and spammer files to no avail (everything seems to work right, including building the .db hashes, and doublechecking the references in sendmail.cf, but they just get ignored), I finally tried a spam package called SpamAssassin.
Still not knowing which is better, the software itself or the band of angry cartoon anti-spam ninjas on the site logo (what better adversary for a tumescent flashing teddy bear than angry cartoon spam ninjas, though, right?), I found that this software, instead of filtering based on domain and address lists and things, actually sort of profiles the message itself, and assesses the results with a point system. If the message's spamaciousness exceeds the spameriffic threshold you set, then the message is out. so far he results are good:
13 legitimate emails let through
12 spams blocked
4 spams accidentally let through
0 legitimate emails blocked
That's the way I like it — I don't mind an occasional sneaky spam here or there, but I don't want to lose anything important — just so long as it gets most of it. Because when my mailbox has more junk mail than legitimate mail, that's just depressing. Anyway, for the enjoyment of all, here was the first victim:
X-Spam-Report: —— Start SpamAssassin results
11.10 points, 5 required;
* 0.5 — BODY: Asks you to click below (in capital letters)
* 0.1 — BODY: Message is 60% to 70% HTML
* 0.1 — BODY: HTML included in message
* 1.1 — BODY: HTML link text says "CLICK"
* 0.1 — BODY: HTML link text says "click here"
* 2.0 — BODY: HTML has images with 200-400 bytes of words
* 0.8 — RAW: Message text in HTML without specified charset
* 1.6 — RAW: Message text disguised using base-64 encoding
* 0.6 — URI: Completely unnecessary %-escapes inside a URL
* 1.6 — Date: is 96 hours or more before Received: date
* 1.2 — message body is 25-50% uppercase
* 1.4 — BODY: Information on getting a larger penis or breasts
—— End of SpamAssassin resultsI love it. All nuts and bolts so to speak, except for that one "Information on getting a larger penis or breasts" line. Capital letters, clickable links, tons of HTML markup, and so forth are relatively spammy, but if all else fails, when they start trying to sell you a new dick, they're probably not your friends. Sounds logical to me.
I'm still trying to figure out where the config files are, though, because there are several rules that deserve a higher weight. For example, any email about Viagra is worth more than 0 points. Even if it were someone I know telling me about Viagra, I can probably do just fine not hearing what they had to say. . . .