I just switched my online calendaring from the old MobileMe system to the new iCloud system. To make this work I had to export and import my MobileMe calendars into iCloud. Unfortunately this seems to have resent hundreds or thousands of calendar invites […]
I got contacted today with a non-form e-mail from a person offering a partnership which would “highly increase your context advertisement block (adsense) earnings” on 10MinuteMail. Essentially saying that they could increase my ad revenue, and would do that for a share of the increased revenue.
Which sounds good as I was wondering if there […]
My wife received an interesting spam comment on her blog. At first glance it looked like it was just written by someone with an awful grasp of the English language, but then I realized that some of the words were just synonyms that didn’t actually work in context.
Take a look at the comment:
Hi. Very […]
If you are using the SpamCop realtime block list as part of your anti-spam measures, be warned that they appear to be blocking several legitimate Facebook mail servers.
I’ve seen them blocking the following Facebook mail server IPs:
Presumably there’s a whole block of IPs that SpamCop is blocking. Since I like to get e-mail from […]
If you run a mail server, and if you hate spam, you should setup your mail server to make use of all the best anti-spam tools available. There are two sides to spam, sending and receiving.
On the receiving side, you have things like blacklists, spamassassin, bayesian filtering, and lots more. I’ll probably cover this side of things in greater depth in another post.
On the sending side, first and foremost, you have to ensure your server is not acting as an open relay, and allowing spam to be sent through it. After that’s done, you want to be sure that e-mail you send isn’t flagged as spam by people receiving it. And, being a good e-mail citizen, you you want to support the anti-spam standards that are out there.
There are four primary standards for verifying senders and servers.
Sender Policy Framework (SPF) – from their FAQ:
Sender Policy Framework (SPF) is an attempt to control forged e-mail. SPF is not directly about stopping spam – junk email. It is about giving domain owners a way to say which mail sources are legitimate for their domain and which ones aren’t. While not all spam is forged, virtually all forgeries are spam. SPF is not anti-spam in the same way that flour is not food: it is part of the solution.
SenderId – a Microsoft technology which is very similar to SPF:
The Sender ID framework, developed jointly by Microsoft and industry partners, addresses a key part of the spam problem: the difficulty of verifying a sender’s identity.
DomainKeys – from Wikipedia:
DomainKeys is an e-mail authentication system designed to verify the DNS domain of an e-mail sender and the message integrity.
DKIM – an evolved form of DomainKeys, from Wikipedia:
DKIM uses public-key cryptography to allow the sender to electronically sign legitimate emails in a way that can be verified by recipients. Prominent email service providers implementing DKIM (or its slightly different predecessor, DomainKeys) include Yahoo and Gmail. Any mail from these domains should carry a DKIM signature, and if the recipient knows this, they can discard mail that hasn’t been signed, or that has an invalid signature.
SenderId is primarily used by Microsoft mail services like Hotmail/MSN, while DomainKeys and DKIM are primarily used by Yahoo. SPF is used by many mail services.
I’m going to walk you through setting up these anti-spam technologies. I will be setting them up for my domain, digitalsanctuary.com, and using my mail server, which is postfix running on Debian. Your setup and requirements may vary.