Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'An AppleScript rule to check Mail against blackhole lists' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
An AppleScript rule to check Mail against blackhole lists
Authored by: DaveCC on May 27, '03 09:42:08PM

(Long Post/Rant)
I am the author of the script and I figured at some point there would be some criticism of RBL's. I feel that spam has gotten to be such a problem that a single individual cannot hope to manage a large influx of spam into his/her e-mailbox without some outside help. Using a RBL just gives you the knowledge base of what might be spam that is the aggregation of thousands of other individual's spam screening efforts.

The RBL's are just another tool in your arsenel against the big time suck that dealing with spam has become, it is however an imperfect answer/tool. It is true that some RBL's are a bit overzealous and list some IP's as spammer IP's that don't deserve such a label. However I feel given the neverending assault of spam against my humble e-mail address (which I've had for 6 years and I'm rather attached to it), I am willing to run the risk of missing a few e-mails from strangers to be able to access my e-mail box the way I want to. Those who really need to contact me (ie. those who I want to contact me) will always be able to do so e-mail or not. For the rest, they just better not look like spammers.

If you are concerned about the accuracy or aggressiveness of a particular RBL, you can just elect not to use them and use a less comprehensive RBL. There are lots of them out there.

I structure a multi-tiered solution to screen spam with filter rules like this, in this filter order:

1) If the sender is in my address book, I stop processing all filter rules. Apple's mail application makes it really easy to add senders to your address book and makes this filter very responsive/flexible and easy to keep up to date.
2) If the sender is one of various organizations I want e-mail to get through from (ie. my work/company, @apple.com, etc), I stop processing all rules and/or route e-mails to the appropriate sub folder.

These two are effectively a whitelist that leaves known prior e-mail contacts and trusted sender domains in my In box.

3) The defuault Junk filter catches about 80% of my spam. It uses some sort of adaptive pattern recognition, but sometimes can't respond well to new/novel forms of spam (and those crafty spammers are always tweaking how they do things to get through filters. Hmmmm....if I really opted in then why do you always have to try to engineer your stuff to get past filters? Wouldn't I have placed your domain into rule 2? Dammed Spammers : )
4) I place SpamHolio here after the default Junk filter. This keeps the RBL checks limited to those that might have snuck in under the Junk filter's radar thus saving time and the RBL server's resources. I think by rough estimate, SpamHolio is catching 50-57% of spams missed by the Junk filter for me.
5) Any additional anti-spam filtering rules. (ie. I also look for all variations of subscribe/unsubscribe/opt in/opt out in the message body and junk it if it matches).

This seems to work well for me. The RBL isn't my only spam solution, just another tool in the chain. Looking at my mail traffic in the past 3 months, I have had recieved approximately 150 legitimate e-mail items, my Spam Filters (SpamEaterPro running on a old PC checking my POP account every 5 minutes against rules and RBL's and block lists, then Apple's Mail app's Junk filter) have blocked over 7,700 pieces of spam with about 300 pieces getting through. Out of these blocked spams, the RBL's blocked these numbers of spam items for me:
SpamCop: 3,100, SPEWS: 579, list.dsbl.org: 35, multihop.dsbl.org: 92, ipwhois.rfc-ignorant.org: 27.

Now that I can get some RBL lookup capability in Mail, I can perhaps think of not being dependent on my old PC to help continually clean out my POP account. I could set up SpamAssasin to do this, but it is a rather involved process and my Mac is a laptop and not always on, so I'll keep SpamEaterPro up and running for now.

Given those numbers, am I so off base using a RBL? Or do you think I have the time to sort through over 3,600 pieces of spam that might have gotten through the filters in the last 3 months?

Dave Chen

---
I'm much calmer now that I don't use WinBlow$ anymore.



[ Reply to This | # ]