Spam/viruses...40-50 per day!


#1

In the last couple of weeks I started receiving 40-50 spams/viruses per day. It’s the same ones over and over and over (like the ones the claim to be a microsoft patch). What can be done? I can’t stop using this email address…it’s my main one. As it is, most of them go straight into my ‘deleted’ folder when they come in, but regardless, I’m sick of this plague on my email. I forward most of them to Dreamhost at the address they set up to report spam, but it hasn’t seemed to help.


#2

If you’re looking for a server-side solution, then Dreamhost do offer you the chance to switch on Razor for all your mail accounts.

Try this URL. You may need to login first:

https://panel.dreamhost.com/index.cgi?tree=mail.filters

If you’re looking for a client side solution; what’s your operating system and mail client there? Also, you prepared to fork out for a solution or are you looking for a free alternative?

Cheers

  • wil

#3

Thanks. I forgot about Razor. The mail account that’s problematic is a POP account. I think I need to swtich to IMAP to utilize RAZOR, right? That might be the incentive to switch. Is it very effective?

I’m on a mac (OS X)…using Entourage. Yeah, I’m trying to keep things on the free side for now…

Jamie


#4

You can use POP3 as well, but the messages will just be tagged with [spam] in the subject or something. Personally, I’m not a huge fan of Razor, although the new versions do have some improvements.

You may want to consider a server-side or client side filter that uses adaptive (Bayesian or pseudo-Bayesian) technology; bogofilter is such a system to run on the server-side, although there are some unfortunate file locking problems that cause problems on our system. The Mozilla mail client and Mail.app both have decent built in adaptive filters.

SpamAssassin is another program that’s been mentioned. The version installed on our mail machines is old, so I’d suggest installing your own version. This does require a certain amount of tech-savvy though, and (mostly due to its resource consumption) we don’t plan on implementing it server-wide at this time.

Note that spam filters will not always catch viruses; the message you’re talking about is a virus, not spam (btw, the spam reporting address is just for spam, not for viruses).

With stuff like this, you may be able to define a simple filter in the mail filters panel (or using procmail recipes if you’re inclined to “diy”), as the messages will usually contain one of a fairly small subset of strings.

We don’t do a lot of blocking of viruses except in certain extreme cases (in retrospect, the virus you’re speaking of probably was such a case). I don’t like silently discarding messages, and blocking them at the border with a 5xx error tends to cause weird problems with Yahoo groups when viruses get sent through the list. Occasionally, the patterns we use to block a virus ends up existing in a regular email.

I know that a lot of spam and viruses still get through, but believe me - we reject a lot of incoming spam. One recent informal check I did showed us rejecting about 40% of incoming mail due to UBE restrictions. Implementing better spam and virus filtering is something we’re working on.

I’m hopefully going to get up a kbase article explaining some of these restrictions in more detail.


#5

If you’re on a Mac OS X, I’ve had great success switching from Entourage to Mail.app (the Apple Mail app). It’s got it’s own built-in mail filter that is trained over time to ‘learn’ spam and then once you’re satsified that it’s clever enough you can switch it to automatic that moves all your spam to a ‘Junk’ folder for optional review.

The Panther version of Mail.app comes with built-in SpamAssasin support (not sure how exactly how yet) and it will have the option not to download images from HTML spam emails (nice!). Anway, enoguh dreaming about Panther, we’ll see it at the end of this month!

  • wil

#6

[quote]I’ve had great success switching from Entourage to Mail.app

[/quote]

Right - this is the filter I mentioned in my post. I haven’t used Mail.app much myself, but if it suits your needs, it’s a good program to check out.

[quote]it will have the option not to download images from HTML spam emails

[/quote]

Mozilla (available for OS 9, OS X, as well as most other platforms) also has an adaptive filter, and already has the option (in version 1.4 and later) to not display offsite links in HTML mail, and you can also disable plugins, javascript, etc. for mail and news. There are some things I don’t like about it (and I greatly prefer console based mailers anyway), but as these things go, it’s not too bad.

Most of us around the office use Bogofilter and / or SpamAssassin (server-side).


#7

Yeah, sorry, I didn’t specify but you’re right, that’s the same technique that Mail app uses. I’ve never got into console based mail apps myself, except when I’ve only got terminal access, but I am a fan of switching off any html-based emails and just option to view the text portions.

Haven’t tried the Mozilla mail app yet, I thought the Firebird mail app (completly forgot it’s name) was still very much in beta and a little too unstable? I’m thinking of the standalone mozilla mail app here.

  • wil