Tag Archives: Spam

Why I Won’t Deal With TransAmerican

Posted on by
10

Generally I’d never post about a negative business interaction. We’ve all worked with bad recruiters, bad employers, bad contractors, and so on. I like to give people the benefit of the doubt, and I don’t want to bad-mouth anyone.

That said, TransAmerican has pushed my limits too far. These guys are some sort of ATG recruiting firm or something, I really don’t know. They started calling me perhaps 6 weeks ago, asking if I was interested in a position. I told them very clearly, that I was on a contract which I was very happy with. That I would be at least through the end of the year. And they could call again in January. The same guy called again the next week. And twice every week since. I could not have been more clear, every single time. I was polite, but clear that I was not interested. And it was the same guy calling every time. I don’t know how many ATG architects named Devon at my phone number he’s dealing with, but the complete inability to respect my clear wishes, is amazing.

I will never do business with TransAmerican, and I would recommend that everyone else avoid them as well.

SPAM Filtering

Posted on by
Reply

I get a lot of SPAM. I’ve had the same e-mail address for 10 years, and I don’t hide it.

In general, I’m very happy with a combination of spamassassin running on the server, and OS X Mail.app’s SPAM filtering on the client. In order to avoid losing false positives I have a Junk folder (I use IMAP). Spamassassin re-writes the subject lines of the e-mails to be prefixed with “[SPAM]“. Mail.app sorts those messages into the Junk folder and marks them as read. Just like it does with the messages it determines are SPAM.

The problem with this, is that until Mail.app checks my inbox, all that SPAM is sitting there, in my inbox. This shows up on my iPhone, and webmail. Lately, I’ve been working from coffeeshops, outside, the kitchen, etc… with the net result being that my laptop is spending more and more time sleeping (hence: not running Mail.app). So my iPhone alerts me that I have 20 new e-mail, but they’re all SPAM.

So I decided to see if I could get spamassassin to not just mark SPAM, but also file it away in the Junk folder. While spamassassin can’t do this, procmail can.

I added this to my user’s .~/procmailrc file:

# Mark spam as read
:0
* ^X-Spam-Status: Yes
{
	:0 fhw
	| formail -I"Status: RO"

	:0:
	mail/Junk
}

after my existing spamassassin invocation:

# Run everything through spamassassin
:0fw
| /usr/bin/spamassassin

What that is, is a conditional rule, based on the Spam-Status header being set to Yes (which is set by spamassassin). It then executes two actions. The first uses formail to mark the e-mail as read. The second moves the mail into the Junk folder (I use mbox – if you use maildir you need to change this action to a slightly more complex one which you can Google for).

This works nicely. Now the SPAM found by spamassassin is marked as read, and moved into my Junk folder on the server, instead of waiting for Mail.app to do that.

However, once I got this working, the number of e-mails which slip by spamassassin to be caught by Mail.app, began to bother me. With the old system, it really didn’t matter who caught the SPAM, as long as it was caught. With the new system, any SPAM not caught by spamassassin, ended up polluting my inbox.

I discovered a couple of things. First, I installed razor and pyzor to help with scoring. I also increased the spamassassin scores of some ED drug rules in my spamassassin user_prefs:

score DRUG_ED_CAPS 15.00
score DRUGS_ERECTILE 10.00
score DRUG_ED_COMBO 10.00
score VIA_GAP_GRA 10.00
score NO_PRESCRIPTION 10.00

This helped, but by testing on individual items of spam which were being missed by spamassassin (culled from my Junk box, without the [SPAM} subject addition i.e. those caught by Mail.app), using the following test command:

spamassassin -t -D < /tmp/spam

Where /tmp/spam is a file containing the raw message text from a single spam e-mail.

I discovered that the auto-whitelist (a misnomer, it's actually an automatic scoring system designed to allow past history to average out any score spikes from the same sender), was pushing the SPAM score DOWN on many of these e-mails. Often past the spamassassin threshold, so they were mistakenly considered HAM instead of SPAM.

While the AWL can do some odd things, at least on my box it's clearly broken. Testing with a new SPAM mail, where the first run had zero input from the AWL rules, and the SPAM ended up with a SPAM score of 20 (which is definitely SPAM), I found that immediate subsequent runs against the SAME mail, had the AWL contributing a -6.9 score, against the positive 20 SPAM score. Clearly, that's wrong. Why it was doing that, I dont''know, so I just turned it off.

Again, in my spamassassin, user_prefs:

use_auto_whitelist 0

All is well. So far 100% of SPAM has been caught by spamassassin, on the server, tagged, marked as read, and moved into the Junk folder. With no false positives or false negatives.

So I'm happy.

10MinuteMail Updates

Posted on by
16

I just pushed a new version of 10MinuteMail. Here are the notable updates:

  1. Removed the Ad-Aware links and text. No one was clicking on them anyhow.
  2. Added some translation fixes.
  3. Implemented AJAX based (RichFaces) refreshing of the list of e-mails in your inbox.
  4. Added smtp client throttling (in Postfix) to limit the number of messages accepted from a single source within 60 seconds. This seems to have already fixed the negative impact of high volume spammers on the function of the site.
  5. Removed the “Get Another E-Mail” feature. While this was a user request, I discovered that it was being abused by spammers.
  6. Added a Forward feature to allow you to forward a received e-mail to your home account for storage.

Enjoy! If you have any issues with the AJAX refreshes, let me know, but I think it should work better now.

Spam

Posted on by
6

When I launched 10minutemail.com, tons of forum admins decried the idea. They screamed that it would let spammers on to their forums, and that they wouldn’t sell e-mail lists to spammers, etc…

A month goes by, and let’s see what we have. My server used to get around 200-300 e-mail a day. In the past week it averaged 20,000-30,000 e-mail a day. Virtually all of those were to old (expired) 10minutemail.com accounts. Presumably virtually all spam. 30,000 a day!?

This proves that the average person simply CAN’T trust a random site or forum with their real e-mail address. Are there some forums/sites that are trustworthy? Sure! Does the average net user have any ability to tell with certainty if a given site or forum will sell their e-mail address or spam them direction? Unfortunately not.

For me at least, this reiterates the usefulness of the service.

In order to save my server from the crushing spam, I’ve swapped out the e-mail domain to fificorp.com, and will continue to swap out the e-mail domain on a regular basis. This will serve two purposes. One, it will save my server from dying under the spam. Two, it will keep admins who block registrations by domain on their toes at least once a month.

Note: Fifi is my pet iguana.

My first Seam Application – 10MinuteMail

Posted on by
17

My first web application built using Seam is now live. It is called 10MinuteMail and you can see it at www.10MinuteMail.com.

It gives you a temporary e-mail address, and lets you receive and reply to e-mail sent to that address. The e-mail address expires in 10 minutes (or more, you can extend it as you need more time). Basically I created to learn Seam, and to provide an easy way to avoid giving your real e-mail address to websites which require an e-mail from you to sign-up. Think of it as spam avoidance.