Skip to content

Archives

(Untitled)

Collatoral Spammage 2002, a “How much spam do you get?” survey, results here. (found via aaronsw’s blog).

Currently there’s a neat curve around 21-50 per week, and then a big jump at the 201-400 range, where I find myself (spamtraps not included — they get more like 30k spams a week ;)

I reckon this jump in the graph is a result of the poll URL being passed around people who are interested in the subject — who, if my experience is anything to go by, generally find themselves interested because they’re snowed under by the stuff.

Anyway, some further reading brings me to two TidBITS articles on the subject: Content
Filtering Exposed
and Email Filtering: Killing the Killer App.

For what it’s worth, I agree to an extent with Adam and Geoff on the subject: the mail delivery infrastructure should not be clogged up with content filtering, with two caveats. (read on for more)

… Some further reading brings me to two TidBITS articles on the subject: Content Filtering Exposed and Email Filtering: Killing the Killer App.

For what it’s worth, I agree to an extent with Adam and Geoff on the subject: the mail delivery infrastructure should not be clogged up with
content filtering — but with two caveats.

  • Unless the user wants filtering to take place: content filtering should be left to the user’s discretion. It makes me uncomfortable when I receive mails from some guy I’ve never corresponded with, asking “who the hell is SpamAssassin and what has he done to my mail?”. It’s clear in every case that what’s happened is that an ISP has installed SpamAssassin with the default configuration, which is oriented towards an end-user on a UNIX desktop, not some poor bought-a-windows-box-a-month-ago newbie.

    There’s a bucketload of documentation telling ISPs how to install for their situation, but clearly someone’s not reading it, and SpamAssassin gets a bad reputation as a result.

  • Unless the filters do something other than bounce or bit-bucket: False positives will always happen, so there has to be some way for the mail to be received correctly if it’s an FP. In SpamAssassin, we simply tag the mail, so the user can filter to a separate mailbox and scan those for FPs occasionally, and we document that FP’s do happen, and happen regularly.

    Bit-bucketing or bouncing the mail will either (a) mildly irritate some senders (“what do you mean my mail is porn?”), (b) greatly inconvenience other senders (the large-scale TidBITS case), or (c) result in an important mail going AWOL (the worst-case scenario). Not recommended.

With both (not either ;) of those caveats noted, it’s a vastly improved situation.

It’s worth noting as well that SpamAssassin also takes a “straw that broke the camel’s back” approach to avoid the “if mail contains ‘Viagra’, then bounce it” stupidity. Unless multiple problems are found in the message, it’s not filtered. That, along with the automatic whitelist, makes a big difference.

Comments closed