Even more anti-spam techniques

grahams - January 2, 2003 - 2 mins read

I have SpamAssassin set up processing all of my incoming mail… I have had it mis-diagnose a message or five in the months I have been using it, but the occasional one of those is worth the thousands of messages a month it keeps me from having to read… But since those mis-flags are usually somewhat important, I currently have a “quarantined” mailbox where all spam that SA flags is shoved… I then quickly scan the senders and subjects looking for important stuff and blow it all away…

After awhile someone at CSH set up Vipul’s Razor which works in concert with SA to detect even more spam.. It is a collaborative database which tracks signatures of messages reported as spam by users…

I eventually reached the decision that once something has been flagged by Razor that it is definately spam and not something intended for me, yet I still had to manually delete messages flagged by Razor… So I created a few new rules in my .procmailrc to handle these messages and send them to /dev/null:

#-=-=-=-=-=-=-=-=-=-=-=-=-=-#
# SpamAssassin Rules #
#-=-=-=-=-=-=-=-=-=-=-=-=-=-#
:0fw
| spamc

:0:
* ^.*RAZOR_CHECK
/dev/null

:0:
* ^.*RAZOR2_CHECK
/dev/null

:0:
* ^X-Spam-Status: Yes
\\$MAILDIR/caughtspam

So that will eliminate some of the work I have to do dealing with this spam… I still wish that SA had two “thresholds”… See, right now you can set up SA so it will flag a message as spam above a certain threshold… I wish that you could set a threshold for messages that are “probably spam” and “definately spam”, so you can just delete a message that scores beyond a certain point…