This is more of a ‘for future reference’ post than anything else.
Recently my mailing lists have been getting hit with stupid spam (what spam isn’t) that invokes bible related conspiracy spam. The messages reference bible verses multiple times.
To catch the spam, I put in a rule that matches bible references.
It’s a pretty simple rule … it looks for specific bible chapters followed by a number colon number.
body LM_BIBLE_MULTI /\s(matthew|revelation|john|corinthians|thessalonians|luke|romans|ezekiel|mark)\s+\d+:\d+/i
describe LM_BIBLE_MULTI Contains bible verses
score LM_BIBLE_MULTI 0.5
The thing about the spam I’m trying to catch is that it references the bible verses multiple times. The above rule only catches a single bible verse reference and adds the score.
To increase the score for each individual hit of the rule, you need to add the following to the rule:
tflags LM_BIBLE_MULTI multiple
This way, every time the LM_BIBLE_MULTI rule is hit, the score increases by 0.5. The more bible references in the email, the higher the spam score.
The multiple modifier for tflags is available in SpamAssassin 3.2 & higher.
We all agree that email is crucial to modern life.
But what email should you use?
Everyone gets email when they sign up for high speed internet service … the problem is that you’re tied to that internet service for that email address. If you switch service providers, you could lose the address. Even worse, if your provider goes out of business, you could loose access entirely. Sometimes the email provider charges a fee for better service and/or removing advertising.
Yes, you could use Gmail, Hotmail, Yahoo, or AOL, but you’re still tired to the provider. Plus, you don’t often get to choose the best address (firstname.lastname@example.org just isn’t that sexy).
Wouldn’t it be nice if you could get an email address that belongs to you forever?
This post is as much to help me remember as it is to help other people.
Below is a list (not comprehensive) of the postmaster resource pages for some of the major email providers.
On these sites you can get information about how the provider handles spam, feedback loops, blacklists, whitelists, etc.
Very useful for those managing mailing list servers.
Spammers quite often ‘spoof’, or fake, the from address of an email.
As a result of this, many unsuspecting domain owners are being ‘blamed’ for spam that appears to come from their domain.
Fortunately, there is a relatively easy way to protect your domain from this: Publish DMARC policies.
If you are publishing SPF records and signing your email with DKIM, you can publish DMARC policies that tell receiving mail servers what do with emails that don’t align with the SPF and DKIM information.
SPF policies are DNS records that indicate what mail servers your mail is sent from.
DKIM is a way to add digital signatures to your email so that receiving mail servers can verify it was sent from an authorized source and that it wasn’t modified in transit.
Now what if you have a domain that you NEVER send email from?
Protecting those domains from being used in spam is even easier.
Well, our good friends at Yahoo are at it again.
Once again they are deferring mail for no apparent reason.
Nothing has changed on my system and yet they haven’t accepted a message to deliver to one of their users in 3 days (maybe more). And, of course, there’s no way to actually contact a human to find out what is going wrong.
I’m on Yahoo’s email feedback loop … so I’m notified when someone complains about a message. Nothing has come in recently from the feedback loop.
I used to be on their bulk sender white-list. There was never a mention of having to renew the white-list approval.
A note to all my friends … DO NOT USE YAHOO FOR EMAIL! Especially for business email. The folks at Yahoo do NOT know how to provide service.
Gmail doesn’t have this problem … nor does Hotmail (much as I love to hate Microsoft).
Oh, and FWIW, yahoo customer service tends to ignore questions that are too complex for their script reading drones to answer.
Most ISP’s and network providers have specific email addresses that you can report abuse to.
These addresses can be looked up using a whois tool.
Recently, I’ve noticed a number of those addresses that just don’t work the way they are supposed to.
I’ve always suspected this about the legal disclaimers that are becoming ubiquitous at the bottom (and sometimes top) of email messages from companies that employ attorneys …
… they are mostly, legally speaking, pointless. Lawyers and experts on internet policy say no court case has ever turned on the presence or absence of such an automatic e-mail footer in America, the most litigious of rich countries.
I kind of find it amusing when there is a disclaimer that reads …
This message contains confidential information and is intended only for the individual named.
… and it’s sent to a public mailing list.
By now everyone’s probably heard about the data breach at Epsilon … which resulted in a lot of major eCommerce vendors customers mailing list getting stolen.
Personally, I’ve gotten notifications from Chase, Walgreen, Tivo, Best Buy, 1-800-Flowers, and a few others … informing me of the breach and assuring me that no critical information was stolen … just my email address.
What do you do now?
I’ve noticed an interesting trend in the comment spam I’ve been getting (luckily few of it gets through).
There seems to be three basic categories …