A small victory over Spam

Anthony Holmes  7 August 2008 03:57:59 PM

I've been struggling a to use non-commericial anti-spam techniques to eliminate spam. Today I think I've nailed it.

I've got a Domain Name that I've been using for many years.

I run a Domino server which acts as an SMTP server.

I applied the recommendations given by Chris Linfoot to lock down a Domino server against spam. I'm indebted to his guidelines: without them I doubt I would ever have made as much headway. However: I applied all his recommendations and although I stopped a large percentage of spam messages (maybe 90%?) there were still a huge bunch getting through.

These were messages coming from hosts that hadn't been blacklisted by sbl-xbl.spamhaus.org yet. They didn't match other criteria for being blocked either. Over a hundred spam messages a day were getting through, which overwhelmed the legitimate mail.

Initially, I set up a rule in my mail file to 'not accept' messages with obvious spam content. I figured nobody is ever going to send me a legitimate message with the phrase "replica watches". But as spam continued to arrive, my list of bad content grew. And grew. And grew. There was no way I was going to catch every variation. I was feeling depressed.

This was the moment when I did something I ought to have done sooner: thought more methodically about what was common about the messages getting through the net. If I had properly considered Chris Linfoot's recommendations, I may have come up with this sooner, but there is a lot of information to digest.

For years I've given out specialised email addresses to particular companies. Things like:

• apple@domainname.com
• belkin@domainname.com
• corel@domainname.com
• etc.

There are probably more than a hundred of these variations that I've used over the years. Only three of these addresses have ever fallen into the hands of spammers: one used by SearchDomino and one used by a Bicycle advocacy groups. And my 'generic' address, the one that most of my friends use. Let's call that one me@domainname.com

Practically every spam message that got through was addressed to me@domainname.com. But I couldn't block that address because lots of my friends use it, and I didn't want to tell them to change the address. That would have been a concession of defeat.

I've now created a honey pot.

All properly addressed mail (apple@domainname.com, belkin@domainname.com, etc.) is matched in the mail directory and goes straight to my mail file. Anything addressed to me@domainname.com is directed (through a person document) to a mail file called Junk. The Junk mail file will receive as many as 49 spam messages for every single legitimate message from a friend. On the Junk mail file, I have a mail rule. Any mail that it receives that has a friend's name in the Sender field is automatically sent to my legitimate mail file.

Now my proper mail file only gets legitimate mail. From time to time I will have to check the contents of the Junk mail file just to make sure that no friend that I've forgotten about has sent me a message that hasn't been forwarded to my proper mail file.

If any of my specialised addresses (apple@domainname.com) ever ends up in the hands of spammers, I'll be able to direct those messages to Junk and filter them in the same way.

And the exciting thing is: It all seems to be working! I can start using my personal email again.

• Comments [1]