Next  |  Prev  |  Top  |  JOS Index  |  JOS Pubs  |  JOS Home  |  Search

Fighting SPAM

For fighting email SPAM, I use

My email first passes through procmail filters which are set up in the file ~/.procmailrc. First, email from known mailing lists is routed to evolution email folders for later search and perusal. Then, remaining email is filtered through spamassassin, which is configured rather conservatively to avoid false classification as spam. Anything declared as spam is simply deleted because I found it completely impractical to check my spam folder for misclassifications (too much spam). Finally, email that survives spamassassin is piped through Active Spam Killer (ASK) for final delivery.

ASK is a set of light-weight python scripts providing a simple challenge-response barrier for first-time email senders. After responding once, senders are automatically whitelisted by ASK. (They are then easily moved to an ignorelist or blacklist if needed.) The default ``challenge'' is simply to simply reply to the challenge-email. It would be easy to add a question or two if that ever becomes necessary. In my experience so far, spammers do not provide a working return email path, so they have no opportunity to enable their email for delivery. Their undelivered email eventually expires in the ASK queue and is quietly deleted.

Many vendor websites require email addresses. I give them an email address of the form companyname@mydomain so that I can create an automatic filter-folder for them in .procmailrc (when their email might be important), or I can more easily ignore it when it's just self-promoting advertisement (which is the norm). It is also interesting to see which companies evidently sold my email address to spammers. My ISP automatically forwards all unrecognized email to my domain to a ``catch-all'' email account. In principle, this same ``tagging'' approach can be used at gmail by using addresses of the form you+companyName@gmail.com. However, in practice, most company websites do not accept `+' in an email address, in my experience. I retrieve this ``tagged email'' from my catch-all email account on a particular home machine, sorting directly to evolution folders via procmail filters. This keeps it separate from my work email and minimizes the time spent looking at it. Once in a while I might search the folder for a particular company to see if there are any upgrade notices, etc.


Next  |  Prev  |  Top  |  JOS Index  |  JOS Pubs  |  JOS Home  |  Search

Download mycomputers.pdf
[Comment on this page via email]

``My Computers'', by Julius O. Smith III, Web document.
Copyright © 2014-03-25 by Julius O. Smith III
Center for Computer Research in Music and Acoustics (CCRMA),   Stanford University
CCRMA