APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Spam Filtering

There's been a thread on some Linux newsgroups lately where a person named Alan Connor has been vehemently attacking SpamAssassin and slashing out viciously at anyone who points out the errors in his posts.

Mr. Connor has a "whitelist" script which he thinks is superior to SpamAssassin. Whitelisting means that you maintain a list of people you will allow to send you mail. You seed that list from your address book originally, and people who aren't on that list get challenged and need to prove they are a real human being before their email will be let through.

For individual home users such a scheme can make sense. It doesn't work so well for businesses though: I don't want to annoy potential clients with this sort of extra work. But what's really amazing is that Mr. Connor totally misses a very important point: a lot of the most annoying email we get nowadays has forged addresses, and is often from people who have already sent us legitimate mail. While the whitelist would let these go through, Spamassassin can be helpful in eliminating them, and there's no reason at all that you can't run BOTH SA and a whitelist.

In fact, that's true for many spam solutions: very few of them conflict, and in fact their additive effect can be useful. I reject mail from certain domains right at my server, do some subject filtering in my pop script (yes, that means if you send me email about a "wicked screensaver" I may not get it), run it through SpamAssassin after that, and then let Apple's Mail.app Bayesian filters have a crack at it. The final check is Mail.app's own filters, so by the time your email reaches me it has gone through five filter steps, and I'll be adding a sixth at the server soon.

It's sad that we need to go to all this trouble to make email usable, but otherwise I'd get 2,000 or more junk emails every day. Some folks have ideas to improve that such as suggesting that authenticated SMTP use digital certificates to verify the source. One problem is that digital certificates cost money, though it might be that if a lot of us started buying them, prices would come down. The biggest flaw there is making a switch-over: I can't cut off people NOT using an authenticated mail scheme until everyone is doing it.

Kerio Connect Mail server implements a multi-level approach to spam filtering.



Got something to add? Send me email.





Increase ad revenue 50-250% with Ezoic


More Articles by

Find me on Google+

© Tony Lawrence



Kerio Samepage


Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us





Don't blame me for the fact that competent programming, as I view it as an intellectual possibility, will be too difficult for "the average programmer" — you must not fall into the trap of rejecting a surgical technique because it is beyond the capabilities of the barber in his shop around the corner. (Edsger W. Dijkstra)

UNIX is simple. It just takes a genius to understand its simplicity. (Dennis Ritchie)







This post tagged: