John Colby
jwcolby at ColbyConsulting.com
Thu Mar 16 18:16:36 CST 2006
I use a Bayesian filter - SpamBayes. However I also report my spam to Blue Security. http://www.bluesecurity.com . Blue Security is a company dedicated to analyzing spam coming in from over 100,000 people now (me included) and reporting the spammers to a variety of agencies. http://www.bluesecurity.com/technology/overview.asp It reports sites which sell pirated software to the FBI and other government agencies, as well as to the companies being pirated. It currently reports spammers to dozens of agencies including Interpol, the FBI, the FCC, the FDA and others with authority to take action should they choose to do so. Blue Security also analyzes how to email the offending spammers and "each person who receives spam from that spammer sends a message requesting to be removed from their list". I quoted that because it isn't quite that simple. There is an application that each person who uses Blue Security loads on their machine. Every machine that receives spam from a given spammer then loads a list of email addresses to send to and sends an email FROM BLUE SECURITY asking that the spammers use a blue security database to clean their address list. Essentially it turns the tables on the spammers, many of whom illegally hijack (or rent illegally hijacked) computers to send their spam. They now get "clean up your email lists" messages from potentially tens of thousands of computers. I heartily recommend Blue Frog (the application). http://en.wikipedia.org/wiki/Blue_Frog http://bluefrog.mozdev.org/ http://www.webattack.com/freeware/comm/fwspam.html http://www.freedownloadscenter.com/Email_Tools/Anti-SPAM_Tools/Blue_Frog_Ant i_Spam.html https://addons.mozilla.org/extensions/moreinfo.php?application=firefox&categ ory=Web%20Annoyances&numpg=10&id=1863 There is no single tool that will eliminate spam, but using a good filter and then reporting the spam you do receive to someone who will at least TRY to do something about it works for me! John W. Colby www.ColbyConsulting.com -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Stuart McLachlan Sent: Thursday, March 16, 2006 5:21 PM To: Discussion of Hardware and Software issues Subject: Re: [dba-Tech] Spam, spam, spam, spam ....revisited On 16 Mar 2006 at 19:51, Andy Lacey wrote: > Anyone know anything about either 0Spam (that's ZeroSpam) or > Cloudmark? Both came out high in a recent survey in 'Which?' magazine. )Spam appears to be a > service, which I personally would be wary of for security reasons, but > my friend who's looking seems coola bout. 1. It is primarily a challenge/response system - a *bad* idea for any number of reasons. See http://kmself.home.netcom.com/Rants/challenge-response.html http://www.freedom-to-tinker.com/?p=389 2. It uses it's own "multi-dimensional DNS Blocklist" Do you really trust a third party to decide what domains your legitimate correspondents come from? You don't know what their criteria are for adding IP addresses to their blocklist or how to get addresses removed from it. What if they us some of the more aggressive block lists out to to populate their own list? 0Spam WILL cause you to lose good messages. >Cloudmark I don't know but looks like > a major product. Anyone any first-hand experience of either? It just uses other peoples definition of spam to determine whether what you have is spam. It doesn't actually block anything, it just tags it as spam/not spam. If that is the case, you are better off using a bayesian filter like K9 or POPFile and training them without needing to go off to a third party site for every email you receive. I bet that either K9 or POPFile will give a far higher accuracy after a few weeks training on your own mail than Cloudmark can. Cloudmark wastes bandwidth, relies on other peoples perception of spam and doesn't offer anything that you can't achieve on your own PC. -- Stuart