Even more anti-spam techniques

I have SpamAssassin set up processing all of my incoming mail… I have had it mis-diagnose a message or five in the months I have been using it, but the occasional one of those is worth the thousands of messages a month it keeps me from having to read… But since those mis-flags are usually somewhat important, I currently have a “quarantined” mailbox where all spam that SA flags is shoved… I then quickly scan the senders and subjects looking for important stuff and blow it all away…

After awhile someone at CSH set up Vipul’s Razor which works in concert with SA to detect even more spam.. It is a collaborative database which tracks signatures of messages reported as spam by users…

I eventually reached the decision that once something has been flagged by Razor that it is definately spam and not something intended for me, yet I still had to manually delete messages flagged by Razor… So I created a few new rules in my .procmailrc to handle these messages and send them to /dev/null:

#-=-=-=-=-=-=-=-=-=-=-=-=-=-#
# SpamAssassin Rules        #
#-=-=-=-=-=-=-=-=-=-=-=-=-=-#
:0fw
| spamc

:0:
* ^.*RAZOR_CHECK
/dev/null

:0:
* ^.*RAZOR2_CHECK
/dev/null

:0:
* ^X-Spam-Status: Yes
$MAILDIR/caughtspam

So that will eliminate some of the work I have to do dealing with this spam… I still wish that SA had two “thresholds”… See, right now you can set up SA so it will flag a message as spam above a certain threshold… I wish that you could set a threshold for messages that are “probably spam” and “definately spam”, so you can just delete a message that scores beyond a certain point…

6 thoughts on “Even more anti-spam techniques

  1. i just said screw it, and sent everything marked as spam to my trash.. i scan that every once in a while, but its like < 1% viable mail so..

  2. I just emptied my spam box a few minutes ago, so I don’t have any to look at right now.. But..

    The actual score SA gets is available in the message headers.. It shouldn’t be terribly difficult to have procmail + sed + expr evaluate it against a higher threshold and throw those messages away. I’ll look once I’ve got a message to play with.

  3. I’d be careful of dumping messages marked by razor. I’ve seen several ‘good’ messages flagged as spam in the past few weeks. It appears some people are sending unwanted mailing list messages to razor instead of unsubscribing from the list.

    1. Thanks for the warning, but to be honest I could give a crap about the lists i’m subscribed to… I read them on occasion but most of the time I just scan the subjects.. :)

Leave a Reply to mattwCancel reply