[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Spam in the lists out of control

On Tue, May 11, 2004 at 10:49:47AM +0200, Bartosz Fenski aka fEnIo scribbled:
> > > Well I was asking generaly. What if almost every future spam would
> > > consist of some image and GPG signature?
> > Each of those elements have some constant characteristic. In fact, having
> > spam signed with GPG would make it easier to filter out - you could have
> > your LDA check the signature, verify it and cast away should it fail
> > verification. 
> It's not so easy. In fact checking GPG signatures when fetchmail
> downloads mails will kill my machine. 
You don't have to do it when fetchmail is fetching them, I suppose. It could
as well be done in your MUA, I think.

> Right now after night I have to download about 200 mails. Bayesian
> filtering + procmail takes my machine about 10-15 minutes to sort out
> this. With GPG signatures I will have to get up one hour earlier ;)
May I ask why aren't you filtering on your server?

> > > Filtering every such mail isn't a solution for me. 
> > How come? You have to filter every mail in order to see whether it's spam or
> > not anyway... 
> Yes but there are less or more complicated filtering solutions. 
> Sure I can write very complicated rules for procmail + bogofilter
> + spamassasin + gnupg checks + <put whatever you want>, but hey... every
> check needs CPU power and harddrive access.
You got that right, the programs you listed above can take all of your CPU,
indeed :) But how about integrating PGP/GPG checking (not necessarily with
gnupg) inside the spam filter? And rather not one written in Perl?

> > There is a tool that does a very good job for keeping spam
> > away from your box if you're willing to put some effort in configuring it
> > (I'm not using it personally, but my boss is - with a great success) -
> > http://www.tmda.net/
> That looks interesting. Thanks for pointing it out to me.
I can certify it works well - my boss is subscribed to as many mailing lists
as I am, and yet he receives 1 (_one_) spam/week on average.

> > > In fact mails with GPG signatures had some possitive score in my
> > > procmail. Now I have to remove it :/
> > I don't think it is a good idea anyway, it's like leaving a passage for
> > possible spam.
> Yes... but this worked perfectly so far... Mail mentioned by me was the
> *first* GPG signed spam I ever seen ;)
Do you have a pristine copy of the message perhaps?



Attachment: signature.asc
Description: Digital signature

Reply to: