Setting User-Level Controls

Previous page
Table of content
Next page

  < Free Open Study > 


User-level spam controls can be mandatory or advisory, and reactive, but because they're usually invoked when messages are being delivered to the user, they're generally not proactive. In other words, users can identify junk mail and either throw it away unread or identify it as probable junk mail, but they can't prevent their system from accepting SMTP connections from known spammers or high-probability-of-spam IP pools.

Filtering

Using Procmail or maildrop, as described in Chapter 4, "Using qmail," users can implement a wide range of junk mail filtering techniques of varying levels of efficacy. These techniques include:

  • Blacklisting—Messages from known junk mailers are identified and rejected, delivered to special junk mail mailbox, or discarded.

  • Whitelisting—Messages from known "good guys" are identified and delivered; all other messages are rejected, delivered to a junk mailbox, or discarded.

  • Flagging—Messages identified as potential junk, for example, from black-holed senders, are marked with user-defined header field such as X-Spam: blackholed or X-Junk: blind copy.

  • Keyword searching—Messages are scanned for certain keywords, usually in the Subject field or body, which typically identify junk mail.

Blacklisting is unlikely to falsely block valid mail, but it is not very effective and requires constant updating of filters to accommodate new spammers and new spamming techniques.

Whitelisting is effective but requires updating the filters for each new valid sender.

Flagging ensures that no valid messages will be blocked but doesn't stop spam from being delivered—it just makes it easier to identify.

Keyword searching is easily foiled by using different wording or alternative spelling (Make M-O-N-E-Y Fast instead of Make Money Fast) and is likely to falsely identify valid mail as junk (sex might match Essex or a non-prurient usage of sex).

Catherine A. Hampton has written a comprehensive junk mail filtering system for Procmail called the SpamBouncer. See http://www.spambouncer.org/ for more information.

In general, filtering is a method of last resort. It requires careful implementation and frequent maintenance.

Using TMDA

Jason Mastaler has created a utility called Tagged Message Delivery Agent (TMDA) based on an earlier utility from Thomas Erskine called Tagged Message Sender (TMS). TMDA uses a combination of whitelisting and confirmation to effectively block junk mail without blocking unknown senders.

Mail from whitelisted users and domains is delivered normally, but mail from unknown senders is returned with a message explaining that the sender is unknown and that the message will not be delivered to the recipient until the sender sends a confirmation message. Because most junk mail uses invalid return addresses, the confirmation requests are undeliverable and the spammer has no opportunity to confirm their message. TMDA is comprehensively documented at, and available from, http://tmda.sourceforge.net/. Installation is straightforward, but because it's written in the Python language, it requires version 1.5.2 or later of the Python interpreter.

One caveat regarding TMDA is that the default automatic responses from it, although they're clear, are wordy and contain some jargon, so they confuse some recipients. Luckily, they're easily customized.

TMDA is highly effective at blocking unwanted mail, and the confirmation mechanism ensures that senders can reach recipients who haven't added them to their whitelists.

Address Revocation and Auditing

Chapter 4, "Using qmail," describes how users can use extension addresses to uniquely identify each usage of their address. The Delivered-To header field added by qmail-local allows recipients to determine the envelope recipient address used to deliver each message—even in the case of so-called blind carbon copies (BCcs), where the junk mailer leaves the recipient address out of the message header.

If a tagged extension address falls into the hands of a junk mailer, the user can easily "revoke" that address by creating a dot-qmail file for it that bounces messages, using bouncesaying, or discards them, using a non-empty, non-delivering file (see the "An Ounce of Prevention. . ." section).

By tagging addresses in this manner, it should be possible to determine how they ended up in a junk mailer's database. For example, if you only gave out the address tagged -web-example.com when you registered at www.example.com, and you later receive junk mail from some other site than example.com using that address, you know that example.com was responsible. Without such a tag, you'd have no idea which party was responsible for giving your address to a spammer.


  < Free Open Study > 


Previous page
Table of content
Next page
The Qmail Handbook
The qmail Handbook
ISBN: 1893115402
EAN: 2147483647
Year: 2001
Pages: 186
Authors: Dave Sill
BUY ON AMAZON
Java I/O
Introducing Microsoft Office InfoPath 2003 (Bpg-Other)
Persuasive Technology: Using Computers to Change What We Think and Do (Interactive Technologies)
Microsoft WSH and VBScript Programming for the Absolute Beginner
.NET-A Complete Development Cycle
Programming .Net Windows Applications
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy