Archive for the ‘Spam’ Category.

Stupid spam

I’m still getting tons of spam sent to my address(es) at GimpsterDotCom, but none of it gets through thanks to the extremely accurate POPFile filter that I use.

POPFile is using good oldfashioned statistics to sort my mail into different buckets — you’re not limited to a simple spam/non-spam classification, POPFile can sort mail into any number of buckets.

I’ve now had 19,275 mails sent through POPFile, and I’ve had to correct it 16 times. This gives an accuracy of 99.92%(!). And what is more extreme, is that it tells me that I’ve received an average of 292 mails each day in the last two months…

Now for the stupid spam that just caught my eye, here’s the headers:

Return-Path: <$STRIPPEDUSERfT@MSN.COM>
Delivered-To: phpweather-subscribe@gimpster.com
Received: (qmail 20512 invoked by uid 506); 4 Nov 2003 05:42:30 -0000
Received: from $STRIPPEDUSERfT@MSN.COM
by sky.netsite.dk by uid 503 with qmail-scanner-1.20rc1
(clamuko: 0.60. Clear:RC:0:.
Processed in 0.06725 secs); 04 Nov 2003 05:42:30 -0000
X-Qmail-Scanner-Mail-From: $STRIPPEDUSERfT@MSN.COM via sky.netsite.dk
X-Qmail-Scanner: 1.20rc1 (Clear:RC:0:. Processed in 0.06725 secs)
Received: from 216-187-212-197.ded.btitelecom.net (HELO exchange.jano.net) (216.187.212.197)
by mail.netsite.dk with SMTP; 4 Nov 2003 05:42:30 -0000
Received: from smtp0281.mail.yahoo.com ([211.158.48.239])
by exchange.jano.net with Microsoft SMTPSVC(5.0.2195.6713);
Mon, 3 Nov 2003 15:59:29 -0500
Date: Mon, 3 Nov 2003 20:56:38 GMT
From: “wilda “<$STRIPPEDUSERfT@MSN.COM>
X-Priority: 3
To: phpweather-subscribe@gimpster.com
Subject: $RANDOMIZE

Apparently they spammers cannot even get their filthy software to work correctly… That’s all for now, see ya!

Finally, Summer Holidays!

I had my last exam today — I got the grade 11 again. The exam was in DAIMI:dDistSik and I had to talk about “LAN systems and LAN technology”. I liked the question for I’ve been playing a lot with LANs in the last five years. I talked about the topologies of LANs (buslans, starshaped, ringshaped LANs) about the media used and about the MAC protocols used, that is the media access control protocols that determine how the media is shared between the hosts connected to it. It all went rather well.

When I had talked for about 15 minutes they started to ask me questions, they wanted to talk about an entirely different thing (it’s almost always a good sign when they want to change the subject radically) namely transactions. My lecturer asked me if normal two-phase locking (as opposed to strict two-phase locking) would be enough if we were given the guarantee that all transactions would be commited by the clients, that is that there could be no aborts. It was a rather specific and tricky question in my opinion — I knew about transactions, locking and was able to talk about that, but I couldn’t come up with a rigoursly argument for or against the use of two-phase locking… I guess that’s why they gave me 11 and not 13.

Anyway… this was my last exam, so I’ll be relaxing for a couple of months now. I’m really looking forward to it :-) I’ll buy a new computer sometime soon now and I also have to play with [PHP Shell][] (I’ve figured out how to implement a commandline history using JavaScript) and my new SPAM filter POPFile which is a learning filter instead of my old filter TMDA. I’ve been using POPFile for a couple of days now and it works very well, it learns incredibly fast.

Happy holidays to everybody (my apologies to those who still have a couple of weeks left… :-)

A Year with TMDA

I’ve now been using the Tagged Message Delivery Agent for a year and the result has been fantastic — no more SPAM! During the last year, TMDA has stopped 4039 mails, that’s 11 mails each day on average. I’ve periodically released normal mails from the list, so the 4000+ remaining mails are all SPAM.

My whitelist now contain 223 addresses that go right through to my mailbox. An address is added automatically to the list when the sender replies to the challenge send out by TMDA. I’ve yet to put someone on my blacklist….

So, if you’re also troubled by SPAM, you should try TMDA. Now I only see SPAM once a month or so.

TMDA is great!

I’ve been using TMDA the last two weeks and I’m very fond of if. I’ve received about 1000 mails in those two weeks, 50 of those mails are currently held back by TMDA. They are all spam except for two mails which does look legitimate. I’ve only received a single spam message — it tricked TMDA by using an empty sender address. Empty sender addresses are used by mailservers when they bounce messages that were undeliverable, so it’s a little dangerous to block those mails. But if I receive more spam using this trick, then I’ll probably change the filters so that mail from &lt;Mailer-Daemon@*&gt; are let through, while other mails with an empty sender address are dropped. (I cannot send out confirmation requests for those mails, because of the empty sender address.)

It seams that the confirmation request that TMDA sends to people works well — 7 people have added themselves to my whitelist.

I also think that I’ve found the problem that caused those strange uncaught Python exceptions. It turned out that I had a .procmailrc file lying around in my homedirectory. I thought that I had cleaned up after my first attempts with TMDA and procmail but I must have forgot that file. Since I removed it, I haven’t seen any errors from TMDA.