Does anyone have an opinion on the spews.org anti-spam system? They appear to have started using it at my mum's office but it would seem that it catches a lot of false positives. They also seem to be rather pretentious, not really willing to provide ways for one to get out of their listing even though it's clear that there do make mistakes.
If anyone has a good set of arguments to convince the admins there to drop that apparently stupid thing and move to SpamAssassin (apart from the fact that SA rocks), I'd love to hear it.
Jason
Re:SPEWS
darobin on 2002-08-27T01:38:52
Thanks for the pointer Jason, that thread explains a lot and confirms a number of my fears...
Re:Too restrictive.
darobin on 2002-08-27T01:38:13
I have been a mail admin as well (though probably not a really good one because I hate that job) but I would never use an over-blocking system. I very much dislike spam, but I could only ever use a system that has no or at least very close to none false positives. We all get to filter noise in our lives, be it in conversation or in normal mail, and I'd rather have a little spam (with large obvious chunks fitlered) and all my legitimate mail than no spam but lose some legit stuff.
That's why I think spews.org sucks, from what I've seen thus far. My server isn't a spam host, and it's not an open relay, but our entire block is filtered out. I'd change ISPs but right now we're a bit stuck for money and even more so very much stuck for time so it's not an option until next month. That's what I dislike most about that kind of people, the total lack of nuance.
Anyway, I can still send mail to my mother from my work account, and it looks as if pretty much no one is using spews anyway. I will however write to them to explain the situation when I get a little time as I don't think they're being responsible net citizens, however patronizing they may act.
Re:Too restrictive.
godoy on 2002-08-27T02:44:51
I don't use spews for the same reasons, as I said before.
And, with regards to writing them, I think you'll waste your time. I've been reading NANAE for a long time, and many people there like SPEWS. Many other don't. Most people don't use it for the same reasons we do: too many false positives.
But, as I also said, I agree that sometimes only a full denying to an ISP is the way to make them fight in-house generated SPAM.
Funny you should mention that.
As darobin, at least, knows, I admin the Paris Perl Monger mailing list. I had a run-in with SPEWS today, and was about to write up my adventures in my journal and perchance happened to check what other friends had added new entries, and so came here.
What has happened with pm.org is that its address [64.49.222.22] belongs to the same C class as bulkbarn.com, apparently a known spammer, and SPEWS had the entire class marked down as belonging to bulkbarn.com. I suspect this is merely because both (apparently) bulkbarn.com and (certainly) pm.org are hosted by rackspace.com.
I started receiving piles of bounce messages from MTAs that decided to start refusing pm.org's traffic. I extracted all the destinees (if that's the word) and Bcc'ed them a message saying that their MTA was refusing traffic from pm.org and that until they rectified their anti-spam rules or the SPEWS situation is cleared up they will not be receiving anything from the list.
One person was already familiar with the problem and whitelisted pm.org to let it go through. The other person was a lowly grunt in a university who pointed out that the chance he had of influencing e-mail policy was close to zero, and I haven't heard back from anybody else.
What with all the recent fuss over Bayesian approaches to Dealing With Spam (c.f. Perl Monks, Need To Know, Paul Graham) it underlined for me once again that the idea of trusting your spam management to an outside/disinterested party is a dangerous thing to do.
I can understand the rationale: "I hate spam, and I don't want to burn a single cycle on or transmit a single byte of the stuff", but I think that's just wishful thinking.
Whilst spam arriving at my corporate MTA is still a blip on the radar in relative terms of bandwidth, in absolute terms it is becoming a major problem. At the moment we don't have antispam filters in place, because Domino on Win32 doesn't really lend itself to the process. But this year we are planning on migrating to Linux, so there's a good chance I'll wind up implementing something.
And what I'm toying with is something a little more radical. Sure I'll probably sign up with an RBL or two, but what I'm going to do is I'm still going to accept everything. But. When I come acrosss mail that comes from a suspected spammer, I'm going to put sleep(120) or so between each step in the transfer dialog.
If enough people start doing this (and maybe people do; I haven't looked into the matter) then spammers are going to be hit where it hurts: raw throughput. Instead of pumping out 100 000 messages per hour, they're gonna start choking on sites which take minutes to complete.
If you are an innocent site, well, tough, from time to time you'll have a socket tied up on your mailer to a remote site, but as sending email isn't the be-all and end-all of your business, that's not going to be a big problem. But if you're a spammer, you're going to find that you can't bomb as many people in the same time frame as you used to. Spamming therefore becomes more uneconomical.
And that, in my books, is a Good Thing.
