Spam — the curse of Internet! As soon as we block one inbound method, another comes to take its place. We have published details on our FAQ page, but let me highlight some recent happenings, and reiterate parts of those FAQs.

SpamAssassin

We implemented the SpamAssassin tool two years ago — and it uses both content and known bad sources to score every inbound e-mail. As users, we then set our own levels where we want SpamAssassin to "mark" an item (that is, prefixing the subject with ??SPAM??), and where we want it to automatically "delete" an item. For me, marking at 3 and deleting at 12 seems appropriate at present. We can also add "regular baddies" to our own black list, and known "goodies" to our own white list. An example of the latter might be a stockbrokers newsletter which because of its broadcast nature, is scored higher than our delete setting.

The default delete setting is "Do Not Delete" — and I have found quite a few members complaining of spam when they had not even invoked this extra function. Further details are in the FAQ at http:// www.melbpc.org.au/faq/spamass.htm. Having e-mail marked by this method and then filtered within our e-mail clients (as detailed at http://www.melbpc.org.au/faq/filtering.htm) seemed a good defence — for about 18 months. By then, spammers had found that a combination of disguising their content and not using known "bad servers", enabled their messages to get through. How do they achieve that? By using Trojan programs to hijack innocent PCs or servers that were not known as baddies. Clearly an extra defence was needed.

Grey Listing

Most hijacked PCs are only partial e-mail servers, they do not provide full e-mail functionality. Thus a new defence was introduced; a defence that involves testing the server of each new e-mail source to see if it is truly "Internet Compliant". This concept known as Grey Listing is described by Roger Brown and at http://www.melbpc.org.au/faq/spam/greylisting.htm.

Within hours of implementing this process on a pilot basis in April, we had many compliments from members happy with their immediate spam reduction. A few others waiting for e-mail at that time wondered whether Grey Listing was blocking genuine mail. However, there are no known examples of genuine mail servers being blocked. Instead, in one particular case the nondelivery of mail to a concerned recipient was found to be caused by his own mail box being full.

Bounce Messages

Now that we've killed most of the spam using SpamAssassin and Grey Listing, the old problem of bounce messages has resurfaced — and many of us are getting rejection messages pertaining to e-mail we didn't even send. In order to improve the apparent validity of their messages the spammers spoof the return e-mail address by using a valid address that belongs to someone else, such as you or me. When their message bounces, the error comes back to us, instead of the spammer — and we are inundated. In my case it's about 100 a day but you can minimise the impact by making a filter that traps all messages from Mailer-Daemon and Postmaster.

Further details at http://www.melbpc.org.au/faq/spam/bounces.htm.

In the past, this was cyclic and would disappear after a few days. But at the time of writing (16 May), it has been going on for nearly three weeks. Currently we are investigating a way to discard these messages at the Melb PC servers — but it would be at the risk of blocking the occasional valid bounce message from e-mail that we did send. Discussion at a recent Rippers Hardware meeting showed overwhelming support for the approach "block 'em all".

So, it's clear that combating Spam is a "Cat & Mouse" game, keeping our Internet and i-Help teams very busy and we users needing to be constantly vigilant.

Delivery Guarantee?

Delivery of e-mail is never guaranteed: even Australia Post is not guaranteed. Many factors beyond tools such as SpamAssassin and Grey Listing can be the cause, and for this reason, newer e-mail systems offer "automated Delivery" and/or "Read Receipts" back to the sender. Some commercial senders even ask their recipients to manually confirm receipt of vital messages. Maybe we need to do likewise with important personal e-mail.

June Monthly Meeting

Video cameras are becoming more prevalent. The trick though, is editing the raw footage and what software can I use. For the June Meeting, Sony will be showing its latest Vegas product for video editing, while Adobe will be showing us what can be done with the new Acrobat v7.0. (See p63 for further details).

Also we have the usual Q&A session, Door Prizes and the WAFFLE get together afterwards.

So join us at 7.00 pm on Wednesday 7 June at Deakin University, Burwood.

Reprinted from the June 2006 issue of PC Update, the magazine of Melbourne PC User Group, Australia

[ About Melbourne PC User Group ]