meltin.net

Martin - SPAM filtering

Like many other people I get a lot of SPAM, so I filter my email heavily. If you've sent me email before then I probably have you “whitelisted” and your email will get through my filtering without problems. If you haven't sent me email before or you're just getting no reply from me and you want to bypass some of the filtering then put the word “penguin” in the subject of your email - I stole this idea from Max Barry.

For the technically minded, I filter using:

• Greylisting
• SpamAssassin; and
• Dovecot's Sieve implementation.

Here are the steps involved:

1. Greylisting in my mail server causes the sender of all messages with a new combination of source-IP, sender address and recipient address to be told to “try again”. Many spammers won't try again, because they're not running standards-compliant mail servers. Some genuine mail servers are broken or are badly configured, so they don't try again. 🙁
2. My mail server rejects mail from certain domains and IP addresses, as well as mail to certain recipients.
3. I pass nearly all messages through SpamAssassin. I make extensive use of SpamAssassin's whitelisting and I also do some blacklisting. This allows me to use a very low threshold to decide which messages are SPAM.
4. I use Sieve rules to determine which messages From me and certain other senders are fakes. This is largely based on Message-Id headers but I could make it more robust if SPAM starts slipping through.
5. I use some custom scripts to process a Sent folder to automatically whitelist recipients who I send email to and who are not already whitelisted.

As a result of this I see very little SPAM in my Inbox. 🙂