[Hidden-tech] Anti-spam help SUMMARY of suggestions and preliminary results

[Chris Hoogendyk]

andrew bellak wrote:
>
> Thanks everyone for your help and suggestions. Let me summarize the 
> feedback I received below.
>
> Switch to Mac, it may get less spam
>

I've been variously a Mac user, supporter, enthusiast, business owner 
and programmer since 1985. But I cringed at that naive suggestion. 
Whether or not you get spam has little to do with your platform and much 
more to do with your online exposure and use of your email address.

I will say that there is a huge difference in susceptibility to viruses 
and trojans and so on depending on your platform. I would further point 
out that the huge quantities of spam on the internet are a consequence 
of the huge numbers of compromised Windows PCs that comprise the botnets 
that are used to distribute spam, and that make it difficult to block 
(because it is coming from everywhere). So, if we *all* switched 
platforms, . . . well, but that opens the hypothetical question of 
whether the dominance of Macs would lead hackers to focus on them more 
and end up developing ways of accomplishing the same thing with Macs. I 
don't think so, but, then, it's hypothetical. From an ecological and 
evolutionary point of view, perhaps a more diverse stew of operating 
systems with no one dominating would be better. However, I don't think 
we could be much worse off than with Microsoft being dominant. Some 
people say that 80% or more of the traffic on the internet is spam. I've 
even heard some claims of 90+%. There are also indications that there 
are several botnets that are on the order of millions of compromised 
PCs. If one of them wants to shut down a major site with a denial of 
service attack, they can. And they have.

Just as a small example, two of the mail servers I run, which are on 
separate domains and subnets, were each being hammered about 3am this 
morning from a site that was continuously changing it's server's names 
in the smtp envelope. At first both our servers were rejecting the 
connections because the server names looked to be forged. Then both our 
servers began rejecting the connections because our allowed connection 
rate from a single site had been exceeded. However, even while rejecting 
connections, this still takes processing time. Both of our servers were 
showing high peak loads that would have made them slow to respond if 
there had been users trying to do things on them (but it was 3am). Were 
it not for viruses, trojans and botnets, being a sysadmin would be a lot 
simpler, and we would all be more productive.

I should note that, overall, the suggestions you got seemed informed and 
helpful.


> Switch e-mail client interface to Mozilla mail (Thunderbird), it 
> probably will reduce spam. I’ve considered this in the past but 
> thought the hassle of importing Outlook into Thunderbird was greater 
> than what I chose to try first.
>
> Switch domain hosts or urge current host to really use the mail server 
> tools like Spam Assassin, etc better.
>
> Switch e-mail addresses, that is, ditch the current and get new; or 
> similarly, use ‘throw away’ addresses AND be very careful with where 
> one uses addresses. i.e. – use personal/business addresses for friends 
> & colleagues, and use web mail addresses for listservs/web sites, etc.
>
> Use anti-spam software – 2 people liked Cloudmark and 1 liked open 
> source Spam Bayes
>
> And the one I decided to try first is ‘scrub’ mail through a web mail 
> account like Yahoo, Hotmail, or Gmail. I have a Yahoo account but it’s 
> not premium and so doesn’t allow forwarding.
>
> Therefore, I opened a gmail account and now forward mail to gmail and 
> then get this mail via Outlook. In essence, I send directly from my 
> addresses but I receive mail through the gmail scrubber. Preliminary 
> results are that I received 6 spam this morning versus 150-200 yesterday.
>
> This has not been totally seamless as I am still prompted by Outlook 
> for a password for 1 account which I’m still wrestling with.
>

-- 
---------------

Chris Hoogendyk

-
   O__  ---- Systems Administrator
  c/ /'_ --- Biology & Geology Departments
 (*) \(*) -- 140 Morrill Science Center
~~~~~~~~~~ - University of Massachusetts, Amherst 

<hoogendyk at bio.umass.edu>

--------------- 

Erdös 4