On Fri, 22 May 1998 13:29:36 -0700 (PDT), George Bonser wrote:
>I also never use a forged address but I have Exim with a rather impressive
>list of sites, domain names, networks, and individuals that may not send
>me email that I have built up over time. I get maybe a half-dozen spams
>a week.
Lemme give you one more in pseudocode, place it at the end of all your
other filters and make sure they stop filtering before getting to this one.
if (header.to == "[EMAIL PROTECTED]" | header.cc == "[EMAIL PROTECTED]")
action(stop_filtering)
else
move_to(spamtrap)
Here is the underlying concepts which make this so effective:
1: The one thing *ALL* spam except for the most amateur have in common is
that they do not ever send directly to you or cc to you. They employ large
BCC lists. This is because they paid for said list (in most cases) and don't
want to hand out the address list and, more importantly, if you're faced wth
scrolling through 30k of headers, you know it is spam, you delete it. By
using the BCC list the headers are small and your eyes get to see the top of
the spam and maybe, just maybe, you'll read more.
2: Most legitimate email is sent either directly to you or cc'd to you. The
above filter will not move those mail, only BCC'd mail.
3: The number of addresses and domains that can spam you is infinite. They
rarely keep the same address for more than one or two rungs.
4: It is much simpler to add to a list of people (loved ones, mailing lists)
who will BCC you. It is finite as opposed to the above list. When you join
a new mailing list, add it to a filter that stops the filtering process
before the final "spamtrap" filter. Takes all of 30 seconds that way.
While I do not use Unix based tools for my email, that is the filtering
system I have had in place since early November of last year. In that time I
get maybe 1 spam per month in my inbox. It was not forged, was sent directly
to me and in each case was trivial to get the account removed. The rest of
the spam went into a folder where, instead of checking for spam, I check for
legitimate mail once every so often. I spend maybe 2-3 minutes each month
keeping up with my filters, if that, to prevent mailing lists and people I
want to hear from from getting caught in my spam trap. So far, every false
hit has been due to my laziness (damned KDE lists with 30 different addresses
for each list!).
--
Steve C. Lamb | Opinions expressed by me are not my
http://www.calweb.com/~morpheus | employer's. They hired me for my
ICQ: 5107343 | skills and labor, not my opinions!
---------------------------------------+-------------------------------------
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
