[Air-l] screening out spam

Frank Schaap architext at fragment.nl
Tue Aug 17 05:03:15 PDT 2004


Gary Thompson wrote:
> The recent spate of messages from those trying to unsubscribe reminds me 
> that about 2/3 of everything I get via e-mail—even with an academic 
> address—is spam. I’ve got my “rules” set up so as to try to catch some 
> of this:

Since you talk about "rules" I suppose you're using Microsoft Outlook (Express).

> --if the subject line contains certain keywords, e.g., “market,” 
> “drugs,” “investment,” “penis,” “casino,” then it goes into my trash box.
> --if the from line contains “admin,” then it goes in the trash box
> --if the “to” says “undisclosed recipients,” etc.
> 
> I’m wondering whether others have had success with similar rules, as 
> opposed to installing spam-killing software (and as for that, how well 
> does it work, when spammers garble key words so as to avoid screening, 
> e.g., Vi*ag*kra or other combinations).

It helps a little... but unless your e-mail client lets you write 
sophisticated regular expressions into the rules (which Outlook doesn't 
afaik), you quickly end up with countless not terribly effective rules. I 
tried this too before our department admins installed server side spam 
filtering on the Exchange server.

One of the reasons that 'professional' spam fighters have moved beyond 
'mere' rule based filtering is that because spamfilters have to be made 
available to the public, dedicated spammers will quickly find ways around 
static rules for filtering spam.

A Bayesian spamfilter is a more dynamic type of filter that goes through a 
learning period in which you tell it which messages are spam and which 
messages are ham. It classifies a number of characteristics of these 
messages and depending on their statistical occurrence in either category 
incoming messages are sorted into either the spam or the ham category.

Mozilla based e-mail clients such as the Mozilla Suite and Thunderbird 
<http://mozilla.org> contain bayesian filters. Personally I'm very pleased 
with the end result. I haven't seen a spam message up close for a long while 
and I haven't had any false positives after a rather short training period. 
The Mozilla based clients support both POP and IMAP.

But, if you just have to use Outlook to access your department's Exchange 
server and your department admins refuse to install spamfiltering on the 
server, you can run a bayesian filter in your own Outlook install (if 
they've given you enough permissions to install it). Have a look at 
Spambayes <http://spambayes.sourceforge.net/>

Eventually I guess we'll see some sort of authentication system that makes 
e-mail traceable. For the moment I just try to keep my personal, non-list 
related e-mail addresses off the web and out of newsgroups. For that kind of 
use I set up free throw-away accounts that I use for a couple of months 
untill they become useless.

HTH

Frank.

-- 
My Personal Portal (TM)
http://fragment.nl/




More information about the Air-L mailing list