Well, it’s hit that point. With the astronomical increase in spam lately, it’s getting quite obvious the problem will not abate on it’s own. The open-ended ‘we trust each other’ process of mail delivery is now in it’s death throes, it’s time to look at other solutions.
According to my spam report, my personal inbox is getting 450-650 caught spams a day. Unfortunately, that is only my Stage One filter. I also use Thunderbird as my email client, which has excellent spam filters of it’s own, and that catches another 100-150 messages there. I have monitors showing me the total mail I receive daily, and it’s in the 1500 messages range, of which 500 or so are mailing list messages. That means one out of every 100 messages I receive is legit. And lately, the filters have occasionally gotten things wrong. Mail intended for me is marked as spam, and I never hear about it.
In 12 hours of operation on our only mail server, here is an account of the volume we move:
Grand Totals ------------ messages 4801 received 5413 delivered 173 forwarded 79 deferred (434 deferrals) 230 bounced 484 rejected (8%) 0 reject warnings 0 held 0 discarded (0%) 45428k bytes received 49843k bytes delivered 1416 senders 1092 sending hosts/domains 334 recipients 148 recipient hosts/domains
In the past, it was okay to occasionally go through your spam box and see if there’s anything legitimate in there. That is simply not possible in todays climate. It may take an hour to go through a days worth of spam, and is mind numbingly tedious. There’s a good chance you’ll miss something just because it -looks- like spam.
So what are the options? This is where I’m asking for help. I’m speaking not only for myself, but also for the greater Homeport community. I maintain user accounts for 20-30 people, and they’re all under the same attack as I am, maybe to somewhat of a lesser degree, but it’s still hurting.
I’ll note for the record that we are currently running Amavisd, with Spamassassin, all through Postfix. Amavis is happily removing -all- virii from our mail, so that is not an issue. SA with some filter tweaking is doing an admirable job considering the masssive load it is contending with.
- Option A – A commercial filtering service
There are several vendors that offer commercial filtering. Many of them are simple ‘mail accounts’ that you can POP your mail off of, letting them handle the filtering. Others will forward a specific mail address in and out of their system. Are there services that will filter an entire domain? I’d be willing to pay for a service that maintains its filters, rulesets and RBLs in a respectable fashion.
- Option B – Fiddling my own configuration
I’ve been doing this for quite a while. It’s tedious, it’s time consuming, and it’s never ‘quite right’. It’ll work perhaps for a few, but how do you really know if it’s working correctly? I’m probably going to do one major wash-through to enable the various Postfix standard rules, but in reality, unless someone wants to take over being Spam Master for Homeport’s servers, this is not a task I’m keen on doing much longer.
- Option C – Massively restrict received email
I like the idea of using some form of sender authentication. I’d be willing to say “If you PGP sign your message, I will accept it”. This is something that’s available to most mail users, and is easy to enable. It makes tracking easier, and I can rank accepted mail by if I’ve accepted their PGP key onto my keyring. The drawback to this is that not everyone I communicate with will have PGP set up, and while it will help with authenticating known users (everyone I bludgeon into using PGP), I still run the risk of missing important mail from people I have not corresponded with.
- Option D – Whitelisting
This is probably the easiest to implement, but gets the most grief as a poor solution. I know the list of people who I correspond with regularly, I know they are not spammers. There is a slight risk a spammer may forge their email address in a From line, and therefore get through my filters, but in reality, I have seen NO spam of this type ever in my mailbox. Ever.
- Option E – Give up on email altogether
No, not give up in this whole concept. But give up trying to run my own server. Gmail and Yahoo both have excellent mail clients, and they are available to remote clients. Why fight this anymore? Everyone should just get their own accounts on gmail, and be done with it.
So that’s where I am. I invite folks to chime in with ideas or suggestions on where to go from here. I know this discussion is happening all over the net right now, but wading through that is tedious and rarely productive. I also invite the members of the Homeport community to chime in with their suggestions, observations, or thoughts on how the systems are running now, and where things should go.