Re: Improved SPAM filter

From: Piotr Keplicz (keplicz@bigfoot.com)
Date: Thu, 13 Jan 2000 23:13:47 +0100

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: Andrew Hodgson: "Re: Yarn ver89 is Y2K compliant"
Previous message: Lulu of the Lotus-Eaters: "Improved SPAM filter"
In reply to: Lulu of the Lotus-Eaters: "Improved SPAM filter"

Lulu of the Lotus-Eaters <quilty@ibm.net>:
: I have used FILTER.EXE to weed out a few recognized spam patterns. But
: unfortunately, FILTER is fairly crude: No regex's, searches only on a
: few of the header fields (e.g., not against Message-ID), can't compare
: header fields to each other (e.g., Message-ID having a different tail
: than From indicates likely forgery).

Or even more likely a MS Outlook/Exchange/... mail reader :)

Person'lly I use procmail to filter mail before I download it (yet you
need to have a un*x shell account to do so). Rules for spam filtering
are:
* no From:, no To:
* my email address not present in To: or CC:
* Apparently-To: header
* Comments: Authenticated sender... header, when X-Mailer isn't Pegasus

Simple but effective.

: I was wondering if anyone had some
: pointers in getting started; someone who has started something similar?

Well, SOUPLK does something similar in general: it rewrites MSG files
message by message so I think it could be helpful. However, sources are
poorly documented, and even if any comments exist they're likely to be
in Polish. Drop me an email, if it doesn't discourage you :)

___ _ _
| . ) |/ / -- Piotr K=EAplicz ------ Nowy Polski S=B3ownik Pijacki: =
-----
|__||_|\_\ -------------------- http://rainbow.mimuw.edu.pl/~pkeplicz -=
-

Next message: Andrew Hodgson: "Re: Yarn ver89 is Y2K compliant"
Previous message: Lulu of the Lotus-Eaters: "Improved SPAM filter"
In reply to: Lulu of the Lotus-Eaters: "Improved SPAM filter"