How To Fight Spam Using Your Postfix Configuration (HowtoForge) [LWN.net]

How To Fight Spam Using Your Postfix Configuration (HowtoForge)

Posted Sep 8, 2006 6:30 UTC (Fri) by hildeb (subscriber, #6532) [Link]

Oh my, this "tutorial" will make you an open relay.
They're using "check_sender_access" before "reject_unauth_destination",
which makes you an open relay for any sender listed with a right hand
side of "OK"...

How To Fight Spam Using Your Postfix Configuration (HowtoForge)

Posted Sep 8, 2006 10:16 UTC (Fri) by etienne_lorrain@yahoo.fr (subscriber, #38022) [Link]

Speaking about spam...
The target is to reduce the spam that is presented to me on my mail reader.
The problem is that my E-mail is available on HTTP pages around the WEB for years, and I do not like to change it.
I have E-mail addresses which cannot be found on the WEB and so have (nearly) no SPAM on them.
I can change most of the content of the WEB which contains my E-mail address.
I still want to accept any messages sent by a human around the world.
I can accept some extra incomming bandwidth of E-mail that I will not read if that helps filtering.
I understand some people having a business of selling E-mail address to other people - and their costumer are not even smart enought to check that the recipient of the address they buy can read the alphabet they are using.

What do you thing of that solution:
I modify the WEB pages I can control to contains two E-mail addresses, for instance displaying:
- to contact me, write to: me@mailserver.com
- do not use that address: notme@mailserver.com
People selling E-mail addresses will be more than happy - selling twice the same number of address for just a small increase of price.
Their costumer will be more than happy having a 40% reduction in price.
I just need a mail reader (or maybe some MTA configuration) which presents me all mail sent to "me@mailserver.com" and _not_ sent to "notme@mailserver.com".

OK, it increases E-mail traffic - but spammer are only limited by their available bandwidth anyway.
Is there already such a tool available?

How To Fight Spam Using Your Postfix Configuration (HowtoForge)

Posted Sep 8, 2006 10:46 UTC (Fri) by eru (subscriber, #2753) [Link]

I just need a mail reader (or maybe some MTA configuration) which presents me all mail sent to "me@mailserver.com" and _not_ sent to "notme@mailserver.com".

Nice idea, but this is complicated by the fact that nowadays spammers customize their messages more than they used to. In the past they did not even bother to individualize the to-fields for a batch of spam, but to make filtering more difficult, they now insert a proper to: and often also put the username into the address, and make some random modifications in the text content part as well. So you would have to do some fuzzy matching between the messages, which also might not arrive closely spaced in time, requiring you to buffer incoming mail before making the decision.

Given these problems, I suspect you technique would not be a significant improvement over current state-of-the-art spam filters. For example, my ISP runs SpamAssasin as an optional service to which I subscribe, and it seems to make very few mistakes, considering the huge spam volume.

How To Fight Spam Using Your Postfix Configuration (HowtoForge)

Posted Sep 11, 2006 4:52 UTC (Mon) by jhs (subscriber, #12429) [Link]

Messages are customized, but IMO this is a good idea to help get spam to train with. Using the relative complement (messages to your address but not the bogus one) may not work in all cases; however, it doesn't hurt to pipe the bogus address directly into a bayesean filter, which will be reflected in your real inbox.