Better Living Through Thinking
Thu, 20 Jan 2005
Regarding the "Having Fun With Spammers" entry below:
Yes, the spammers eat my bandwidth, but it's not that much lately
(there seem to be fewer spam trollers willing to get stuck in my
Mon, 17 Jan 2005
I get a lot of people linking to this page, mostly because of the "Having Fun With Spammers" entry (2 down). Welcome!
For the rest of you looking for ways to stop spam, I offer my own techniques here, which have worked extremely well for me and everyone else on my server. I don't think that what I've done here would work for all people, but anyone running their own Sendmail can do quite a bit to cut out all the trash. ...
Wed, 11 Aug 2004
A histospam update:
20040719 => * (9) 20040720 => (3) 20040721 => * (5) 20040722 => (4) 20040723 => * (7) 20040724 => * (9) 20040725 => * (6) ...
Mon, 19 Jul 2004
Fun Ways to Aggravate Spammers: This entry falls under the "useless but fun to do" category of spam thwarting techniques.
Several months ago, I was scanning my Apache web logs for anything funny. I found entries like this:
xx.xx.xx.xx - - [27/Jan/2004:06:44:05 -0600] "POST /cgi-bin/formmail.pl HTTP/1.0" 403 307
Mon, 19 Jul 2004
Here's an updated (19 July 2004) histospam:
20040620 => ** (13) 20040621 => ** (14) 20040622 => ** (13) 20040623 => ** (13) 20040624 => ** (12) 20040625 => ** (11) <=== sendmail milter-regex feature enabled on 25 June 2004 20040626 => * (7) ...
Fri, 25 Jun 2004
"There's some good in this world, and it's worth fightin' for!"
I want to point out that I'm also now using milter-regex with good success. The order of my spam utilities is:
Tue, 15 Jun 2004
I've updated to the latest milter-greylist from FreeBSD ports (1.3.8). It has a new 'domain' whitelist option, which allows you to whitelist incoming connections from a particular domain (via double reverse DNS lookup). It also has a 'lazylaw' option which whitelists an IP instead of a sender/IP/recipient tuple. Also new is the 'dumpfreq' options which specifies how often to dump to the greylist database (i.e., if you're on a busy server, dumping for each transaction can become expensive). One final nice option is the 'timeout' option, which removes greylisted addresses after a certain period. ...
Wed, 09 Jun 2004
It is worth noting that the greylisting might not be suitable for all applications. For example, the other day, someone complained that people who were trying to email him were getting bounces (the 4xx temporary errors). This means that if the sender is sending directly to the MTA from their MUA (where would this occur? If users are on the same server, for example), they (the person) will get the temporary failure message. They may not retry (humans are not RFC compliant and almost never read the error messages they receive).
The trick, I suppose, would be to make sure all your own clients are whitelisted. That would be hard on a large system with possibly roving people. I hear the new version (currently in development) has more ways to whitelist, etc. I'll review that when it goes stable.
Mon, 07 Jun 2004
I turned on milter-greylist today for my server and have noticed a remarkable decrease in spam. In fact, so far today I haven't receive any since it was turned on (I'm sure there will be some that will get through) but so far, so good.
Greylisting was something I invented, of course. I was sitting there thinking about the characteristics of SMTP conversations. There are really only three unique things for an SMTP conversation: the connecting IP address, the envelope sender (MAIL FROM) and the ...
Moon StatusPhase: 37.23%
Age (days): 10.99
Tue May 21 13:35:57 MDT 2013