APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Spam Filtering

There's been a thread on some Linux newsgroups lately where a person named Alan Connor has been vehemently attacking SpamAssassin and slashing out viciously at anyone who points out the errors in his posts.

Mr. Connor has a "whitelist" script which he thinks is superior to SpamAssassin. Whitelisting means that you maintain a list of people you will allow to send you mail. You seed that list from your address book originally, and people who aren't on that list get challenged and need to prove they are a real human being before their email will be let through.

For individual home users such a scheme can make sense. It doesn't work so well for businesses though: I don't want to annoy potential clients with this sort of extra work. But what's really amazing is that Mr. Connor totally misses a very important point: a lot of the most annoying email we get nowadays has forged addresses, and is often from people who have already sent us legitimate mail. While the whitelist would let these go through, Spamassassin can be helpful in eliminating them, and there's no reason at all that you can't run BOTH SA and a whitelist.

In fact, that's true for many spam solutions: very few of them conflict, and in fact their additive effect can be useful. I reject mail from certain domains right at my server, do some subject filtering in my pop script (yes, that means if you send me email about a "wicked screensaver" I may not get it), run it through SpamAssassin after that, and then let Apple's Mail.app Bayesian filters have a crack at it. The final check is Mail.app's own filters, so by the time your email reaches me it has gone through five filter steps, and I'll be adding a sixth at the server soon.

It's sad that we need to go to all this trouble to make email usable, but otherwise I'd get 2,000 or more junk emails every day. Some folks have ideas to improve that such as suggesting that authenticated SMTP use digital certificates to verify the source. One problem is that digital certificates cost money, though it might be that if a lot of us started buying them, prices would come down. The biggest flaw there is making a switch-over: I can't cut off people NOT using an authenticated mail scheme until everyone is doing it.

Kerio Connect Mail server implements a multi-level approach to spam filtering.

Got something to add? Send me email.

Increase ad revenue 50-250% with Ezoic

More Articles by

Find me on Google+

© Tony Lawrence

Kerio Samepage

Have you tried Searching this site?

Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

The history of the world teaches us that succession is dangerous and that the strong take what they want. It's not likely to be any different with Linux. (Tony Lawrence)

This post tagged: