At 19:30 03-11-98 +0200, Jari Aalto+list.procmail spoke:
|Tue 1998-11-03 Mark Shaw <mshaw(_at_)asic(_dot_)sc(_dot_)ti(_dot_)com>
list.procmail
| worded no-spam message went out to *everyone* who sent me email for
| several hours..... *** shudder ***
I make it a policy these days to NOT auto-respond to spam messages (most
are forged anyway) - though when I did (I still have dormant rules), I did
so by using a mail alias that was specifically for the purpose (i.e. -
messages sent to is WERE trashed, no questions asked). When the occasional
spam gets through my defences, I check it for what characteristics would
best eliminate it and similar ones in the future, add to the rules (usually
a domain addition, or subject key phrases - both external data files to the
filters themselves).
When I do respond to spam, it is direct to the ISPs involved (via manual
diagnosys of the headers), as well as to the butthead, if possible. I
usually enjoy dropping a derrogative or two about the customer when
requesting that the ISP take swift action to terminate the account and bar
them from signing up again.
"trap it, move it to folder, look into folder later". My UBE gets dumped
to
~/Mail/spool/junk.ube.spool
I flag spam with extra blurbs to the logfile, then run a simple grep report
via a crontab:
grep -A 4 ^SPAM: ~/Mail/log | grep -v ^--
(this is in a scriptfile called spamrep, so I can run it manually when I
want to - it isn't coded direct intothe crontab). Dumps the important bits
of headers, like so:
SPAM: Match against spam domain list.
INFO: TwitFilter v01.03.13 SBS 1998.10.14 08:52:20
From freljoe(_at_)usa(_dot_)net Mon Nov 2 08:28:41 1998
Subject: Do you need website traffic?
Folder: gzip -9fc>>$MAILDIR/twits.gz
And the message itself is filtered, so if I don't want to check the log, I
don't have to read it - but it is there for me on a daily basis if I want
to pour through it.
By logging the REASON why a message was flagged as spam (though it could be
more detailed), gives me the opportunity to go in and tweak my filters to
avoid it (or in some cases, I add the address to my whitelist which
bypasses spam filtering altogether). I've also got spam advisories -
things that don't look right about a message, but aren't themselves
indicative of spam - I run those for a while at the TOP of the spam filter
file and check to see if valid messages are being flagged or not -
advisories just emit the log entry, but don't perform any filtering, so the
message gets handled normally.
What I need to do is create an automated "fetch this from the twit folder
and deliver it to me as an original message, bypassing the spam filters."
Haven't gotten around to doing that.
I wrote Additional module for Emacs Gnus mail/newsreader (TinyGnus.el),
Nifty. Sadly, I'm not using Gnus, so I can't make use of it. There were
some anti-spam products for Windows users that worked along similar lines,
but the few I saw (quite some time ago) generally sucked.
---
Please DO NOT carbon me on list replies. I'll get my copy from the list.
Sean B. Straw / Professional Software Engineering
Post Box 2395 / San Rafael, CA 94912-2395