Re: Spam Hater

From: Kevin Martin (cannon@nic.com)
Date: Wed, 29 Jan 1997 21:22:02 -0500 (EST)

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: Dennis McClain-Furmanski: "Re: Spam Hater (fwd)"
Previous message: Mikus Grinbergs: "Score File Targeting"
In reply to: Debra Walker: "Re: Spam Hater"
Next in thread: Debra Walker: "Re: Spam Hater"

What Debra said. :-) Spam Hater is for people who use POP mail
or a commerical provider such as AOL or CompuServe. It has hooks
(drivers, actually) for Eudora, Pegasus, the proprietary mailers
for the online services, and a few others I don't recall.

But to get back on topic... I still don't use Souper, so this is
from the uqwk/yarn point of view. I've got a couple of different
Perl filters that do for mail what trnkill does for news. If your
provider lets you set up a ".forward" file and run Perl scripts,
the junk can be kicked out of your mailbox as fast as it arrives.

One of the scripts is called "mailfilter" and it's pretty
straightforward. The catch is, of course, that you have to update
it regularly. It has the advantage that the junkmail is not delivered;
the spammer gets a message "junk mail not accepted here" and an
error code that makes a junkmailbot think your address is not valid.

The other is a good bit more promising; it's called "jmfilter" and it uses
keyword matching as well as a list of known mailspammers, and it actually
catches new spams from people who are NOT ON THE LIST YET! Adds them to
the blacklist automatically, and allows you to remove them if they were
added in error. The spam itself goes to an "evidence" file so you can
recover it later or discard it without having it ever go through your
mailbox. (And if you're confident that you're not getting false hits, you
can make that file = /dev/null.)

If someone needs to talk to you about a subject that would trigger
the filter, you can give them a keyword to bypass it. You can also
have a list of trusted people (including mailing lists) who will
never be junked. (I had to put in a tweak in order to protect listproc
lists; but I forwarded it to the author and it should be in the current
version.)

It can automatically reply to the spammer (I turned that feature off,
though; one false positive can undo a lot of hard work winning over
postmasters to the anti-spam side). It's over 80% effective in catching
the junk on its way in; I could tighten it up further but I don't want
any "false positives".

All of this is happening on your provider's machine, remember, as soon
as the spam arrives.

I'd love to see a version of jmfilter that disposes of the spam with
the mailfilter failure message -- best of both worlds.

There's an excellent antispam page at www.vex.net that is in a lot
of people's taglines over on the news.admin.net-abuse.* groups.
For jmfilter, take a look at http://www.io.com/~johnbob -- it's not
well documented, but even though my Perl skills still require me to have
a book open in one hand while I type with the other, I was able to figure
it out and even put in some small tweaks.

Oh, yeah -- btw, I'm back!

-- 
Kevin <cannon@nic.com>  http://www.nic.com/~cannon/handson.html
       The Usenet Offline page features YARN and uqwk.

Next message: Dennis McClain-Furmanski: "Re: Spam Hater (fwd)"
Previous message: Mikus Grinbergs: "Score File Targeting"
In reply to: Debra Walker: "Re: Spam Hater"
Next in thread: Debra Walker: "Re: Spam Hater"