Fortunately there is a tool for that. The tool? Spamassassin. Spamassassin is a very versatile SPAM tool that is part of the Apache Foundation. Spamassassin uses numerous means to detect SPAM including: DNS and Checksum based SPAM detection as well as Bayesian filtering, external programs, black lists, and online databases. These tools together make for a fairly powerful detection system.

In this article you are going to see how to install and configure Spamassassin to work in conjunction with Postfix to further enhance your email server.

Installing Spamassassin

Obviously the first thing you need to do is install Spamassassin. You will find Spamassassin in the Ubuntu repositories. And since this entire series has been laid on top of a Ubuntu Server installation, that is quite convenient. So, to install Spamassassin, open up your terminal window and issue the following command:

sudo apt-get install spamassassin

There may or may not be some dependencies to install in order for the Spamassassin  installation to complete. Go ahead and OK those. Once this installation is complete you are ready to start configuring.

Configuration

Before we actually get to the configuration it is important to understand the SPAM scoring system. With Spamassassin, messages are tagged as SPAM only when they have enough SPAM-matching characteristics (according to a scoring level). The scoring level is 0-5, however it’s not as simple as saying a 0 means it is 0% SPAM. The system is set up so that every characteristic can add to the overall score. For example a message tested to find a base64 attachment does not have a file name filtered with both bayes+net will add 0.224 to the over all score of the message. When all of the characteristic scores are added up, if they exceed the default score you have set in the configuration file, that message is considered SPAM.

Now that you have a basic understand of how the scoring system works. Let’s start configuring Spamassassin.

The main configuration file is /etc/spamassassin/local.cf. The first option you want to configure is the default score. Look for the line:

# required_score 5.0

The first thing you want to do is uncomment that line (by removing the “#” character) and then changing the score. A score of 5 is pretty high and sure to be SPAM. Understand the more you lower that score the likely you are of missing message messages that are tagged false-positives. A score of 3.5 is a fairly reliable score that will catch a lot of SPAM but not a lot of false positives.

Above this line are a couple of other options that are important. The first is the option to set the option:

report_safe

To 0. This option can be set to either 0 or 1. A zero means that if a message is found to be SPAM the message will not be deleted, but instead the subject line will be rewritten to include a message marking it as SPAM.  This is handy to prevent users from losing important messages to false positives. This also allows you to set a lower score threshold.

To do this first look for the line:

# report_safe 1

Uncomment this line by removing the “#” character and then change the “1″ to “0″ (no quotes).

The next step is to uncomment the line:

# rewrite_header Subject *****SPAM*****

Now you can alter the “*****SPAM*****” section of this line to reflect what you’d prefer it to say. Just make sure it is clear to your users that a message with this rewritten subject line is most likely SPAM.

Now restart the Spamassassin daemon with the command:

sudo /etc/init.d/spamassassin restart

Configure Postfix

The last step is to set up Postfix to use Spamassassin. To do this open up the file /etc/postfix/master.cf and look for the line:

smtp     inet    n   –   –   –   –   smtpd

You need to alter this line to look like:

smtp      inet   n   -   -   -   -   smtpd -o content_filter=spamassassin

Finally, at the end of this file add the following:

spamassassin
unix - n n - - pipe
flags=R
user=spamd
argv=/usr/bin/spamc
-e /usr/sbin/sendmail
-oi -f ${sender} ${recipient}

Now all you need to do is restart Postfix with the command:

sudo /etc/init.d/postfix restart

Your mail server should now be scoring incoming message as SPAM or HAM.

Final thoughts

The mail server is a tricky beast. You have to ensure that users are getting their mail, but you have to make sure they aren’t receive SPAM or viruses. After completing this series of articles, you should have a pretty solid server running that will send out mail that is safe for users eyes.

Related posts

• Trap Spammers with Project Honey Pot (4)
• Tinymail Email Protection (18)
• Reduce Spam by using alternative Google Mail Address ? (8)
• Phishing Explained (4)
• Introduction Series Part 1: Spam (0)

Most email clients contain some sort of SPAM prevention. On the Linux operating system you can employ such tools as Bogofilter or Spamassassin. Either of these tools are great for stopping SPAM – but what about using them with your favorite email client? With some Linux email clients you have to add extra applications in order to have one of these SPAM filters doing their job with your client. Some clients, however, have built-in tools to save you a little work. KMail belongs to the latter category. So long as you have either/or Bogofilter or Spamassassin installed, you are one step closer to having solid SPAM filtering.

In this article you will learn how to set up reliable SPAM filtering in the KMail mail client.

Bogofilter and Spamassassin

KMail can use either Bogofilter or Spammassassin easily. Read up on either tool and decide which application you want to use. I have had good luck with both, but I do believe Bogofilter is easier to set up. And since KMail will automatically detect either, the choice is yours.

You can install either tool from within the Add/Remove Software utility by following these steps:

1. Open Add/Remove Software utility.
2. Search for either “bogofilter” or “spamassassin” (No quotes).
3. Select either (or both) tools for installation.
4. Click Apply to install.

That’s it. Now you are ready to move on to KMail.

Kmail SPAM Wizard

Figure 1

When you have KMail set up and running click on the Tools menu and select the “Anti-SPAM Wizard” entry. When the Wizard opens the first thing it will do is detect which SPAM tools you have installed (see Figure 1).

Once the wizard has detected your SPAM tools, select the tool you want to use and click Next. For the purpose of this article I will select Bogofilter.

The next step in the wizard will ask you for two configurations:

• Mark detected SPAM as read: I prefer to unset this, because of the next configuration option.
• Which folder to relocate SPAM: By default KMail will move SPAM to the trash folder. I prefer to create a new SPAM folder in order to catch any false-positives.

By moving SPAM to a specific SPAM folder (and not the trash folder) and keeping SPAM unread, you are less likely to miss any email mistakenly marked as SPAM (false-positive).

The final window of the wizard gives you a report on what you have set up. In my case the wizard creates the following filters:

• Bogofilter Check
• Spam handling
• Classify as Spam
• Classify as NOT Spam

Click the Finish button and your KMail client is ready to learn. And learning is the key.

Help Bogofilter learn

Figure 2

Before Bogofilter can become a reliable SPAM filter, it has to learn what should be classified as SPAM and what should be classified as HAM. Here’s how I like to do it. Allow plenty of email to collect in your inbox. As the mail comes in take all SPAM (that is not already marked and moved) and move it to the SPAM folder. Once you have cleared your Inbox of all SPAM, select all mail in that folder and then click the Ham button (see Figure 2).

Now, once you have collect a good amount of SPAM in your SPAM folder open that folder up, select all the SPAM, and click the SPAM button.

You may have to do this trick a few times before Bogofilter has been properly trained. You will know when Bogofilter has become accurate with your SPAM/HAM.

Final thoughts

It couldn’t be much easier to catch and mark SPAM with KMail and Bogofilter. But if you find Bogofilter not as reliable as you would like, run the Wizard and try Spamassassin instead.

Related posts

• Use Bogofilter for better junk detection in Evolution (3)
• Use Spamassassin for better SPAM detection (1)
• What’s wrong with those Rapidshare Captchas ? (44)
• Understanding Email Headers (0)
• Trap Spammers with Project Honey Pot (4)

One of the aspects of Claws Mail that I like more than that of either Thunderbird or Evolution, is the filter tool. I am sure you know that email filters are one of the best means to manage the enormous amount of email coming down the pipe. You can keep SPAM in the trash, filter specific email to specific folders, and take just about any kind of action you need/want.

For many, the Claws Mail filters might not be as simple to use as the standard fare. But that doesn’t mean they shouldn’t be used.  With this tool, it is just a matter of getting used to a different interface. And that is what this article will help you with.

The tools

There are two ways to create a filter with Claws mail: The easy, less configurable method, or the harder, more configurable method. I will only briefly mention the easy method as that is, well, easy. The second, harder, method is what we will primarily focus on.

The easy method

If you have an email selected, click on the Tools menu and then select “Create Filter Rule”. When this new sub-menu pops up you will see four entries:

• Automatically
• By From
• By To
• By Subject

That will define the condition of the filter automatically for you. You will still have to configure the rest of the filter, but this step automates a portion of the creation.

Now let’s take a look at the full creation of a filter by doing things the hard way. I shouldn’t scare you off by saying “hard way”…it’s not really that difficult.

Filter from scratch

Figure 1

When you go to the Configuration menu you will see the Filtering entry. Click that to open up the Filters window (see Figure 1).

As you can see, for the most part, creating a filter is simple. The only aspect that might not be as user-friendly as you are used to is the Conditions and Actions. For these what you have to do is is click the associated Define buttons.  When you do this you will configure the specifics of either the conditions or the action of the filter. Let’s take a look at configuring the conditions of a filter. Click the Define button associated with the Conditions. When you do this a new window will open up.

Figure 2

Figure 2 shows a condition already created. What you can not see, from the image, are the included options in the drop down lists. With different types of filters you will have different drop down lists available. The different types of criteria you can select include: Header, Age, Phrase, Flag, Color lables, etc. Say you select the Header from Match Criteria. When you do you can then select:

Name: From this drop down you can then select such familiar items as To, From, Reply To, etc.

Header: This is where you decide if your header Contains or Doesn’t Contain. Basically this is a positive or negative match.

Once you have your condition rule set you then click the Add button. If you want you can then create more rules for this one condition. Each condition can have multiple rules and you can move the rules up or down in the chain of command. You can also configure if the rule must meet all or at least one of the rules.

Figure 3

When you are finished with your Condution click OK and it is set. You are now ready to define your Action. Click the Define button associated with Action which will open up a new window (see Figure 3).

This is the easier portion of the setup. What you do is select what action you want to take from the Action dropdown and then select the associated sub-action. The associated action will depend upon which Action you choose. For instance, if you select to Move the mail you will then have to select the Destination folder. If you want to flag the message you will have to select how you want it flagged.

Once you have completed this section click OK. Now, before you finalize the new Filter you have to click the Add button in the main window. If you do not do this your newly created filter is not saved. You will get a warning if you try and then click the Continue Editing and then click the Add button.

Your filter is complete. You can test this by click the Tools menu and selecting Filter All Messages in Folder. If your folder is set up correctly you will see the changes made instantly.

Final thoughts

Claws Mail filtering is a very powerful tool that will allow you to create very helpful filters to keep your Claws Mail organized and free from unwanted email.

Related posts

• Stop SPAM in Postfix with Spamassassin (1)
• What’s wrong with those Rapidshare Captchas ? (44)
• Use Spamassassin for better SPAM detection (1)
• Use Bogofilter for better junk detection in Evolution (3)
• Understanding Email Headers (0)

The second type are ping and trackback spammers. This is either done by auto-posting articles that others have written without their consent on so called autoblogs. Each post generates at least one pingback to the original site. This can lead to hundreds of pingbacks over time which many webmasters and blog owners publish.

The third and most spammy type are the automated spammers that use specifically designed tools to spam thousands of blogs, forums and every other type of site where content can be posted in hours. Now that we know the different types of spammers we have to discuss how to handle them. This post will mostly deal with automated spammers who post dozens if not hundreds of comments and pingbacks.

Webmasters should use at least one anti-spam tool to block the majority of spam reaching the frontend of the website. Wordpress users can for example use Akismet or one of the several other anti-spam plugins that are available. Still, some spam will come through. Today for example a webmaster decided to copy and post more than 300 articles from Ghacks on a website. Each post generated at least one pingback, many multiple pingbacks as the tags and links were kept by that webmaster.

Akismet did not object to these ping and Ghacks ended up with more than 300 accepted and published pings from that blog. Many webmasters would now delete them one by one which takes quite a while. A far better solution is to filter for a common denominator which in this case was the url of the website. All comments, pings and trackbacks that include the domain name of that website were listed giving me the option to mark them all and send them to the spam folder.

There might be situations where this is not possible. Maybe the website or script does not offer the option to bulk moderate comments. There is however another option if the website is making use of a database. This does however require some knowledge about the database as a query has to be run in the administration. Most users will probably use MySql where a basic delete query looks like this:

delete from [table] where [column name] = 'value'

To delete all comments from a specific url in Wordpress one would do the following:

delete from wp-comments where comment_author_url ='www.example.com'

It is possible to use other table columns like the commenters IP or email for example. How do you handle mass spam to your website or blog?

Related posts

• Free Anti Spam Plugin Antispam Bee For Wordpress (18)
• reCaptcha: stop spam while helping to digitize books (0)
• Comment Spam without URLs (0)
• What’s wrong with those Rapidshare Captchas ? (44)
• Use Spamassassin for better SPAM detection (1)

Project Honey Pot is a system designed with those who receive spam in mind. What this system basically does is sit on a site and watch for email harvesters. When it finds an email harvester, the honey pot logs information about the harvester into the Project Honey Pot system. This information is then built up into various sets of statistics that are used in court to prosecute spammers. One of the things that makes Project Honey Pot cool is that it shows all this data on their website for the world to see. This allows those curious about their own IPs to check and see if they are considered a spammer. It also offers information on various IPs and statistics such as the average amount of emails sent to the honey pot.

Website owners can do one of three things to help Project Honey Pot catch spammers. A honey pot can be added to any website which will watch for and log any suspicious data on that site. This is for those who have a web host and are willing to install the honey pot script onto their site. Those who don’t have their website hosted or don’t want to install a honey pot can install a QuickLink. When a bot visits a site, they likely visit other sites that the original site is linked to in order to find as many email addresses as possible. A QuickLink is a hidden, secret link that only bots can see and visit. The QuickLink will take the bot to a site that does have a honey pot installed. Another thing that webmasters can do is donate an MX record to the project. What this does is give Project Honey Pot an email address to receive spam. Project Honey Pot will use this email address to see what kind of spam the harvesters are sending among many other statistics. This option is for webmasters who have their own domain name.

Project Honey Pot is a completely free service that survives on donations and tshirt sales through CafePress. They also offer various other services such as a directory where users can look up information about various IPs, including IPs that are known to belong to dictionary attackers.

Related posts

• Tinymail Email Protection (18)
• Reduce Spam by using alternative Google Mail Address ? (8)
• How do spammers spam? (1)
• Stop SPAM in Postfix with Spamassassin (1)
• Phishing Explained (4)

There might be white hat reasons for running a bot on a website to retrieve all the email messages found. A reason that comes to mind is to locate all emails that are posted on a public website to remove them from that website in order to protect the owner from spam.

Droid Email Seeker is one of the few free email extractors that are available for the Windows operating system. It can be used to quickly scan a website for email messages. It will begin crawling the website at the specified url and follow all inbound links that point to other pages on the same website. It will also ignore links pointing to other websites.

Another option of using the software is to let it search for keywords on Google and check the websites that turn up as results for email addresses. The number of sites can be specified. It is a little bit irritating that the process of scanning a website cannot be stopped from within the application. The only way is to terminate the program in Windows.

The email extractor software supports web proxies which it can verify. All email addresses that are found on the websites that are crawled will be added to a database. This email database can be exported as a csv file at any time. Droid Email Seeker requires the Microsoft .net Framework 2.0 to be installed on the computer system.

Related posts

• Understanding Email Headers (0)
• Trap Spammers with Project Honey Pot (4)
• Tinymail Email Protection (18)
• Thunderbird 3 Beta 2 (7)
• Stop SPAM in Postfix with Spamassassin (1)

With a little preparation this setup will go quickly. Without preparation, it will take some time for Bogofilter to learn SPAM/HAM.

Your preparation

The easiest way to train Bogofilter is to have a collection of SPAM and HAM ready (approximately 200 each for training purposes) for it to use in the training process. These will be placed in SPAM and HAM folders (respectively) to be used once Bogofilter is installed and ready. But before you get to that point, you need to install Bogofilter and the Bogofilter Evolution plugin.

To install the necessary items open up your Add/Remove Software tool. Within this tool do a search for “bogofilter” (no quotes). You should see two particular pieces of software to install: bogofilter and bogofilter-evolution. Mark both of these applications for installation and click Apply to install them.

After they are installed you are ready to set up Bogofilter.

Bogofilter setup

The first thing to do is to enable the Bogofilter plugin in Evolution. Click on the Edit menu and select the Plugins entry. In this new window that opens click the Bogofilter check box to enable to plugin and then close the window.

Figure 1

Now that the plugin is enabled, it’s time to configure it within Evolution. Go back to the Edit menu and select Preferences. When the Preferences window opens up click on the Mail Preferences button and then the Junk tab (see Figure 1).

From within the Junk tab the first thing to do is to select Bogofilter from the Default Junk Plugin dropdown. Now go back to the top and make sure “Check incoming messages for junk” is checked. Close this window after you have completed these steps.

Now you are ready to train Bogofilter.

Training

A lot of people complain that Bogofilter doesn’t work well. The main reason it doesn’t work well is because it hasn’t been trained. Remember those SPAM and HAM emails you collected in the SPAM and HAM folders? Now you are going to use them. First click on the HAM emails. These are all good emails (not SPAM). Select all of these and mark them as Junk. I know it sounds crazy, but it’s necessary. Now click on the Junk folder and you should see all of those emails you just marked as SPAM. Select them all again and mark them as Not Junk. Bogofilter just learned what you consider to not be junk.

Now click on the SPAM folder, select all of these messages, and mark them as Junk.

That’s it. Bogofilter should now be trained properly. And remember the more training you give Bogofilter, the smarter it will be.

Final thoughts

Bogofilter is a great tool for keeping SPAM out of your inbox. And best of all, it doesn’t require you to open up a terminal and issue a bunch of commands in order to get it working properly.

Related posts

• Spam filtering with Kmail (2)
• Use Spamassassin for better SPAM detection (1)
• Replace Outlook with Evolution: A Linux Groupware Suite (17)
• Kontact: The Swiss Army Knife of PIMs (3)
• Connect Evolution to Google mail and calendar (1)

By employing Spamassassin you can set up an outstanding SPAM  filter system that will protect your users. It’s not as simple as double clicking an .exe file to install, but the end results will be worth the time and effort.

Installing the tool

This portion of the task is simple. Open up your Add/Remove utility, do a search for “spamassassin” (no quotes), select the results, and apply the changes. After you have installed the package you need to take a few steps to finish up the installation.

Now you are going to need a local.rc file. You can open up the /etc/mail/spamassassin/local.rc file for hand editing, or you can use this handy web-based tool to set it up for you. This tool was written by Michael Moncur and makes the setup of Spamassassin much easier. Once you have selected all your options click the Generate button and then click the Download button. You will need to place this file in /etc/mail/spamassassin in order for it to be used.

It’s time to start the daemon. Issue the command /etc/init.d/spamassassin start (or /etc/rc.d/init.d/spamassassin start – depending upon your distribution.)

Test the install

Spamassassin comes with a sample file you can run through the filter for testing. In modern installations this file is located in /usr/share/doc/spamassassin-*/sample-spam.txt. To test this issue the command:

spamc -R </usr/share/doc/spamassassin-3.2.5/sample-spam.txt

You should see results like this:

Content analysis details:   (1000.0 points, 5.0 required)

pts rule name              description
—- ———————- ————————————————–
-0.0 NO_RELAYS              Informational: message was not relayed via SMTP
1000 GTUBE                  BODY: Generic Test for Unsolicited Bulk Email
-0.0 NO_RECEIVED            Informational: message has no Received headers

As you can see, this sample scored 1000 points. Only 5 points are required for an email to be considered SPAM. It’s safe to say this is SPAM and safe to say Spamassassin is working.

Using Spamassassin with Procmail

You will need to set up Procmail (or another MTA) in order to deliver mail. What we want to do is set this up globally so you don’t have to deal with each users ~/.procmailrc file. To do this you will edit the /etc/procmailrc file. All you need to do is add the following lines:

DROPPRIVS=yes

:0fw

| /usr/bin/spamc

Spamassassin should now be working.

Training spamassassin

At first you might not notice much of a drop in SPAM. This is because Spamassassin has to have a period of training.  There is a built-in tool for this called sa-learn. What you need to do is create two folders, one for SPAM and one for HAM. In the SPAM folder collect 100 or so emails that are definately SPAM. In the HAM folder collect 100 or so valid emails. Once you have those folders collected issue the following commands:

sa-learn –spam /PATH/TO/SPAM/FOLDER

sa-learn –ham /PATH/TO/HAM/FOLDER

Where /PATH/TO/SPAM/FOLDER and /PATH/TO/HAM/FOLDER are the explicit paths to these folders.

You can also set up a cron job to help Spamassassin train frequently if you need.

Final Thoughts

If SPAM is clogging up your Linux mail server you will be wise to employ a tool like Spamassassin. Your users and your IT staff will thank you for it.

Related posts

• Use Bogofilter for better junk detection in Evolution (3)
• Spam filtering with Kmail (2)
• Make Sendmail accept mail from external sources (1)
• Yoggie PICO Personal Mobile Security Computer (3)
• With Ubuntu 9.10 Arrives Wubi 9.10 (2)

All kinds of protection have been created to prevent this from happening. Some suggest using images instead of text, many obscure their emails in the hope that the bots will not be able to identify the right one and others are not publishing their mail at all.

Tinymail steps in and tries to be a barrier between your email address and the Internet. It does that by linking your email address to a Tinymail webpage which becomes your profile page. Instead of publishing your email on the web you embed the Tinymail code that is created after linking the email to a Tinymail email address.

The Tinymail code is showing part of the real email address and a link to the profile page which is only accessible if the user enters a captcha. If he does that he can take a look at the real email.

The idea itself is nice but it has two flaws in my opinion.The first is that it adds another step to the contact process. That might not be a problem if you desperately are trying to contact one but it is definitely a problem for other forms like providing feedback on a product. Users might give up in frustration and prefer to spend their time elsewhere.

The second is the captcha protection. Captchas have been broken in the past and once it is broken it could become a haven for a email collector who stored all those Tinymail emails in a database waiting for the right moment to decipher them all.

It would be nice if the email link could be deleted again after usage for a certain time, maybe even let it run out automatically after x days where x is a figure that the user can define in the options.

Related posts

• Trap Spammers with Project Honey Pot (4)
• Reduce Spam by using alternative Google Mail Address ? (8)
• Yahoo Mail Integrates Drop.io To Support 100 Megabyte Attachments (8)
• Stop SPAM in Postfix with Spamassassin (1)
• Recover deleted or corrupted Thunderbird messages (15)

A click on the Calendars tab loads the calendars that are currently active. A click on the Calendar loads the details of that calendar with information about the calendar timezone and addresses. There is also another tab in that view that lets the user share the calender with other users.

A click on the Share This Calendar tab displays a list of all users who have access to this calendar with the option to add new users by pasting their email address into the form field.

The problem arises if a Gmail email address is pasted into that field. Nothing happens until the changes have been saved and the question if the user should be invited if he does not use Google Calendar is denied.

The full name of the user is disclosed int he Share This Calendar tab even if that user has chosen a gmail address that is not made up of his first and last username.

This might not seem like a big deal for many users but this is a honeypot for spammers. All they need to do is enter email addresses to find out the real name of the user to send out personalized spam. You probably would not react to a phishing mail asking you to login to your eBay account if the name would be missing or be wrong but what about if the real name would be there ?

Related posts

• Use Gmail To Host And Share Photos (6)
• Tracking Gmail Account Usage (2)
• Synchronize Contacts Between Thunderbird And Gmail (12)
• Sync Gmail Contacts with Thunderbird (13)
• Reduce Spam by using alternative Google Mail Address ? (8)

The captcha is made up of characters and animal images and the user is asked to fill in the four letters that have the image of a cat attached to them. The problem with that captcha however is that the animal images look really alike and it is damn hard to tell if you see a cat, a dog, a donkey or some other four-legged animal with a tail.

If you concentrate you can identify the cats and fill in the form. The problem is that a wrong answer will load yet another capture with and you have to start over again. I’m all for protection and anti-spam measures but this one is going to far in my opinion. There are better ways to implement captchas. What’s your take on that new captcha ?

Related posts

• reCaptcha: stop spam while helping to digitize books (0)
• Rapidshare Files (17)
• Megaupload bypass country limit (7)
• Who is hosting ghacks ? (1)
• Using a Web Hosting Directory can Aid your Search for a Host (3)

The software Email Address Extract (via Ades Blog) works surprisingly well. All you need to do is point it at a folder on your hard drive and select the file type that should be crawled. Some preconfigured files types are htm, log and dat but it is possible to use wildcards or other file types as well. The option to process subfolders automatically could be worth checking as well.

The scan itself does not take longer than a few seconds normally. I did test it on one of my mailbox files in Thunderbird and it did extract more than 6000 emails from that which means it works practically with all files that contain text. Doubt it will be highly successful crawling binary files.

Emails that have been found can be exported into a text document for further processing. They can be sorted by username or mails server before doing so.

Related posts

• Quickly check mails without downloading them (8)
• Microsoft Outlook Personal Folders Backup (2)
• Make Gmail The Default Email Client (3)
• Zip Repair (3)
• Zen Key An All Purpose Application Manager (3)

That’s the main reason why I’m using one-way emails, to signup at websites that force you to signup before you can access information. Most disposable emails are not risk free especially if you use them to signup at a service that you do use regularly. If someone were to discover your email he would be able to access the account at the website of the disposable email service. They are free for everyone, remember ? He could request a new password for the website and hack your account for instance.

The following list contains only those one-way email services that I do use regularly for all kinds of purposes. All are free to be used and require no registration whatsoever.

Blockfilter – You can create a email @newsups.com. All incoming emails are deleted after 2 hours automatically.

Guerrilla mail – create a random email on the fly that lasts for 15 minutes. You can extend that period for additional periods.

Mailinator – probably the most popular disposable email website. Offers some alternate domain names that redirect mails to the same mailbox. Great if the original mailinator url is banned from a site.

I know that the list is a bit short but these are all that I do use regularly.

Related posts

• Temporary Email from BugMeNot (2)
• List of 20 Temporary Email Services (26)
• Disposable Email Address Services March 2006 (9)
• TrashMail.net Firefox Add-on (1)
• Trap Spammers with Project Honey Pot (4)

It might seem like a solid trick unless you think about it for a second. If I know that there are two email addresses on those two Google domains that lead to the same user the spammer could know as well and most likely will. So, even though you use one email for private matters and the other for everything else Mr. Spammer will simply add a script that sends mails to both Google accounts automatically.

The only real way that works in my opinion are separate email accounts with no connection whatsoever. Using one account with those two email addresses is simply not reducing the amount of spam that you receive.

Related posts

• Why you should always log off Gmail (9)
• Trap Spammers with Project Honey Pot (4)
• Tracking Gmail Account Usage (2)
• Tinymail Email Protection (18)
• Gmail Xp (7)

In a form of an online service, reCAPTCHA offers exactly that. After signing up for the service, you’ll be able to place a captcha module on your website and avoid automated abuse while helping to read and store books of the past. With this special type of captcha engine, users are besides writing an already known word correctly into the widget’s field also required to recognize an additional word gathered by digitizing books which the OCR system wasn’t able to recognize due to various defects in characters.

Besides an obvious advantage of this service that makes real use of captcha, there are other great advantages to it. It’s easy to install thanks to plugin support for major CMS like Wordpress, it’s accessible for eyesight-disabled people and it is based on high security standards that make it nearly impossible to penetrate. Moreover, the whole system can be quickly updated whenever a vulnerability is found without the webmaster having to worry about it. It’s also capable of IP filtering.

Should you wish for a great, free, customizable service with its own API that transforms waste of time into a useful and valuable activity while protecting your website against the dirt of spam? Here you go.

Related posts

• What’s wrong with those Rapidshare Captchas ? (44)
• How To Handle Bulk Spam As A Webmaster (7)
• How do spammers spam? (1)
• Comment Spam without URLs (0)
• Use Spamassassin for better SPAM detection (1)

It’s like the system that is used by Wordpress plugins like Spam Karma or Akismet. They have their own spam filters that filter out spam but also access blacklists and whitelists on the Internet that are created by a lot of users.

Bullgard Spamfilter integrates with Microsoft Outlook, Outlook Express and Thunderbird and requires a user account at Bullguard which can be created during setup (just enter a email address and password). A huge advantage over tools like Spamihilator is the fact that you do not need to change the account settings, e.g. the mailserver, in the email client that you are using, it works right out of the box.

One aspect that I personally do not like is that Bullguard adds a footer message to all mails that are send from your account, saying:

I use BullGuard Spamfilter to keep my inbox clean.
It is completely free: www.bullguard.com/freespamfilter

This can’t be unchecked in this version and is definitely a reason for me personally not to use it.

Related posts

• Importing Calendar From Microsoft Outlook To Mozilla Lightning (5)
• Xobni for Microsoft Outlook (1)
• Why I’m Still Using A Software Email Client (17)
• Truemark Email Identification (5)
• Tablet Enhancements 3 for Outlook (1)

Your automatic spambots cause a lot of work for me. Since your posts automatically land in the moderation queue I have to click on the delete button about one hundred times a day which is not a pleasant thing to do. The next mark in Spam Karma will be 150000 spam comments, trackbacks and pingbacks that I had to delete.

Guess how many made it into the comments of my website ? None ! Why the fuck are you still spamming my site with your stupid automatic programs if there is ZERO chance that you comment will make it on the website ? The only thing that you are achieving is that you are beginning to piss me off.

I therefor have decided to do the following:

• I whois the website that spams my blog and report it to the hoster of the domain name and webspace hoster. If this is run on a rootserver I contact the company that rents the server and report you there
• I will contact any advertisement company that has advertisement on your website and will notify them that you are spamming the Internet with your shitty comments which will hopefully lead to account closure.
• I will contact the ISP of the user who submitted the comment reporting the spam. Even if a proxy has been used I will report each and everyone

Let the war begin..

Update:

To find out a domain owner you can use the service from Whois.net

Related posts

• What’s wrong with those Rapidshare Captchas ? (44)
• Use Spamassassin for better SPAM detection (1)
• Use Bogofilter for better junk detection in Evolution (3)
• Understanding Email Headers (0)
• Trap Spammers with Project Honey Pot (4)

If you do run a website you might have come upon comments that are posted that contain one sentence saying something unrelated but positive about the website or webmaster. Those comments can be clearly identified as spam because they do not add to the discussion or article in any way.

What is happening here is that spammers are trying to get some bonus points from the spam filter of the website so that his next attempt at posting an entry with an url does not get blacklisted or queued for moderation automatically.

This would be indeed be a great spam preparation method if they would use unique comments on each blog that are related to the article. Since it is not possible to do this and spam thousands of blogs per hour they have to rely on nice remarks about the website which surely pleases some webmasters enough to keep the comment.

It does not really matter if their intention is to get some positive karma or train the spam filter to accept certain words that are used in the comments. The reason behind this is to prepare your website for the spam.

A better variant would be for instance to ask a question which would surely have a much higher rate of being kept. “I did not really understand what you have been writing. Could you please elaborate it a little bit more ?” or sentences like that would probably result in a higher success rate.

I generally delete all content that is either not related to the article that I have written or that does not feel right. Someone who uses ‘Budget Web Host’ as his name is surely to get blacklisted at my site pretty quickly.

Related posts

• reCaptcha: stop spam while helping to digitize books (0)
• How To Handle Bulk Spam As A Webmaster (7)
• Zoundry Raven portable Blog Editor (6)
• Wordpress Issues (16)
• Wordpress 2.6.1 released (1)

The mails are send out with various subjects such as Internet Dating, Member Details and New Member Confirmation and contain (fake) username and password information as well as a link that is always shown in IP form. I created a screenshot of one of the messages that I received today, take a look:

I was not able to identify any recurring information that could be used in the header of the emails but fortunately for us the body contains information that are present in every spam mail send out by the spammers.

You always find a link to an IP address in those mails and we can use this information to filter out these emails. I will explain a step by step tutorial on how to setup the filter in Thunderbird, other mail clients should offer a similar functionality.

Open Thunderbird
Create a new mail folder where the spam that is found will be moved into
click on Tools > Message Filters
Choose an account and click on New
Name it accordingly, something like Membership Spam will do
Hit the + button in the top form eight times and edit all nine filters the following way
Select Body instead of Subject in the first pulldown menu
Leave the second pulldown menu unchanged
Add http://1 to http://9 in the nine textfields in the third pulldown menu (one at a time)
Change the mail folder to the folder that you created before creating the filter and click on ok

If you have done everything correctly it should look like the following:

This mail filter makes sure that every mail that contains a link to an IP address will be moved to a folder that you created. I decided to move the mails instead of deleting them right away because it is theoretically possible that you do receive an IP link in a mail that is not spam.

If you think that this is highly unlikely you can change the move to command into delete to delete the spam mail right away. Let me know if you have any questions or difficulties setting up this filter.

Related posts

• Thunderplunger: Keep Thunderbird Clean (1)
• Thunderbird Security Update To 2.0.0.17 (0)
• Thunderbird Mailbox Alert (0)
• Thunderbird Birthday Reminder (0)
• Thunderbird 2.0.0.16 Out (0)

Image spam on the other hand is on the rise because of several new spam techniques that make it pretty hard for the filters to automatically recognize spam.

The left image is an example of a typical image that is send in spam mails. The following techniques were used in this mail to bypass the spam filter. The first obvious element are random pixels that overshadow some part of the image. This is done to create random images which can bypass spam filters even though an image with the same information arrived before in your mailbox.

Another option to create a unique image would be to use colors that look the same to the human eye but differ for the computer. Randomizing the process creates unique images as well.

Some spammers use different layers for a set amount of pixels which makes it incredibly hard to to use hash values to determine spam images.

The last aspect of such a spam mail is seemingly random text that is copied before or – more often – after the image. The text itself has nothing to do with the intention of the spammer. It is solely used to simulate a normal mail with a set amount of neutral and positive words.

The image on the left shows another image that is often used to bypass spam filters. It uses random colors much like the previous image used random pixels that made the image unique.

Related posts

• Trap Spammers with Project Honey Pot (4)
• Tinymail Email Protection (18)
• Stop SPAM in Postfix with Spamassassin (1)
• Reduce Spam by using alternative Google Mail Address ? (8)
• Phishing Explained (4)