Email & Spam

• My Viewpoint and Overview
• Software
• Spam Software
• Mail Transport
• MUA and MSA/MSP
• Add-Ons
• Sendmail Specific Things
• Notes
• Milters and Mail Filters
• Tools to help sort out valid emails and user agents
• Sites and Techniques
• Dead

My Viewpoint and Overview

This page should really be all about email processing. These days, however, spam processing is what email is all about. On my machines, I see about 90-95% spam.

This page isn't sorted out yet, it was a big enough section from New Items, and a hot enough topic to make notes about. There are also a good selection of email-oriented items in the Email and News section of my software page.

Instant summary ... you really want a combination of tools and strategies working for you to cut down the spam.

1. You need to keep your email addresses from ever getting onto spam lists ... so they never spam you.
2. Must reduce volume of incomming spam and connections to your mail servers so they and your bandwidth can survive the load.
3. Try to sort out valid email transmitters from invalid ones.
4. -- All the above is really important, because it is relatively cheap and reserves your bandwidth. The steps below cost you bandwidth, memory, storage, CPU time, etc -- Relatively Cheap -- the spam load is so high that even the cheap part can bring systems down.
5. Look at the content (body) of emails which get through the above layer, classify them as spam or not.
6. Safe valid emails and spam.
7. Verify spam/ham to train trainable things.
8. Provide access to spam emails so users can verify they are spam, and pull out the (it always happens) ham message from spam.

Software

• AMaViS: A Mail Virus Scanner
• Amavisd-new
• Anomy Sanitizer
• B4UAsk-Sendmail
• Clam AV Anti-Virus
• List of Anti-SPam software at linuxlinks
• MIME Defang
• MIME Defang (OLD)

Spam Software

• Spam Assassin
• Improve SA Accuracy
• Khopesh SA Guidelines & Rules
• Spamassassin Tips

Mail Transport

• Courier

MUA and MSA/MSP

• Courier -- Maildrop
• Procmail

Add-Ons

• DNS-based Spam Databases
• No spam!
• Procmail Sanitizer (anti-virus)
• Qmail-Scanner
• Spamware vendor list
• Stopping Spam and Malware with Open Source
• WPoison Spam Harvester Abominator
• JavaCA tool
• Configuring a local CA

Sendmail Specific Things

• Check Rules 810
• Check Rules 89 Options
• Claus Ausmann's Sendmail related info and hacks
• Digital Answers anti-spam macros for sendmail
• Extended Spam filter: check_local for sendmail 8.11
• MegaCity sendmail spam preventors
• Neil Rickert's Sendmail Hacks
• Authentication with Sendmail
• Sendmail SMTP AUTH Quick Start
• Relaying with TLS in Sendmail
• Cyrus Sysadmin Issues for Sendmail
• Check Local rules
• Hack to Reject Bad From: Headers
• AUTH
• STARTTLS
• Configuring STARTTLS for Sendmail
• Configuring Sendmail's STARTTLS (SSL) and Relaying
• NetBSD: Setting up a secure SMTP server with AUTH and TLS enabled in Sendmail
• Help, my sendmail is being DOSsed
• Sendmail config notes and settings
• Sendmail.mc with notes on new features
• Maimon sendmail rules and hacks
• Sendmail owner- addresses, once applied, continued to be used for any further expansions. So say you break an alias into a master alias, and several different parts. You only need to create an owner- for the top level alias, that changes the owner for all subsequent expansions, unless of course it is changed again via another owner-. That makes sense, it was just an behavior I needed to verify!
• Sendmail bug or config issue -- when an sendmail alias is expanded and ANY addresses on the list have a .forward using procmail (or presumably any other executable), sendmail seems to forget to do normal mail delivery, and generates an error context with whatever random mailer it picked up from the .forward.

Notes

• You can use contrib/cidrexpand to allow netblocks in /etc/mail/access. This performs an expansion in the access file, not a compact runtime based check. Watch your diskspace on the /etc/mail/access partition.

Milters and Mail Filters

• Milter -- Mangling your Mail at Will
• Grey Listing
• Greylisting -- Evan Harris
• Experiences with Greylisting
• milter-greylist
• Postfix -- Greylisting policy server
• mailfromd
• SpamAssassin Milter Plugin

Tools to help sort out valid emails and user agents

• DRAC -- Dynamic Relay Access Control
• Vipul's Razor
• DCC -- Distributed Checksum Clearinghouse

Sites and Techniques

• CRM114 -- Bayesian email filter
• Junk Busters
• Whew: Learn how to can spam
• Server Based Spam Filtering (Links List, good)
• SpamProbe -- Bayes Filter
• SPEWS: Spam Prevention Early Warning System
• SpamFree.ORG
• SpamHaus .. Who's behind your spam?
• SecurityFocus
• Fairly Secure Anti-Spam Wiki -- good briefing
• DNS Based Black/Block Lists

Dead

If you want to know why these are dead, good places to check are DNS Based Black/Block Lists and SlashDot.

• DSBL Distributed Sender Boycott List
• MAPS: Mail Abuse Prevention System
• ORBZ: Open Relay Database
• ORDB: Open Relay Database
• Osirus Software Open Relay List