I have a small list of email addresses and of late I am getting spam with most of them being used. The latest is my mod title - how would they get that!?. How do they get any of them? I am with talktalk and I am wondering if they have a leak. I am getting fed up 'unsubscribing' from the stuff I am getting.

Either (a) a leak, or, more likely and more common (b) a dictionary attack

(b) being simple in concept, the culprits have a list, generally of real words (hence "dictionary") supplemented by common human names and other common made up words.

Take one dictionary list, one bot script and hey presto, a spam campaign. :E

This is the reason I use Mailwasher (if you're downloading your emails to your computer as I do).
Mailwasher allows previews of spam and unwanted emails, allows you to mark senders as spammers - and best of all, allows you to bounce spam and scam emails, so it appears your email address is invalid.
The number of spam and scam emails I now receive would total about 2 a week at most on average - out of around 70-80 emails a day.
I quite often go for 3 weeks without receiving a single one.
Be aware that databases of email addresses are regularly sold, both legally and illegally, to anyone who wants to buy them.

This is the reason I use Mailwasher (if you're downloading your emails to your computer as I do).
Mailwasher allows previews of spam and unwanted emails, allows you to mark senders as spammers - and best of all, allows you to bounce spam and scam emails, so it appears your email address is invalid.

Client-side filtering is a waste of time.... it is (a) still eating up your computing resources (b) requires much manual intervention and is not as accurate as server side. The only thing worse than client-side filtering is greylisting which is an utter waste of time.

You really should find a provider who can do decent server-side filtering for you on the emails as they arrive on the server.

100% of my emails are filtered server-side and maybe one or two spam emails a week makes it through the filters compared to the thousands I know are eradicated before they even hit the server.

and best of all, allows you to bounce spam and scam emails, so it appears your email address is invalid.

NEVER, EVER DO THIS.

Sorry for the emphasis, but this is known as "backscatter" and it is BAD ! Spammers frequently hide behind other people's email addresses and servers.... by actively bouncing rather than just silently discarding, all you do is p!ss off server administrators who have nothing to do with the offending party.

If you don't want it, you should silently discard it. You should not send bounce messages unless you are confident they will be usefully delivered.

If you want it from the horse's mouth, here's what the standards say (RFC5321)

Conversely, if a message is rejected because it is found to contain hostile content, rejection ("bounce") messages SHOULD NOT be sent unless the receiving site is confident that those messages will be usefully delivered. The preference and default in these cases is to avoid sending non-delivery messages when the incoming message is determined to contain hostile content.

I am getting fed up 'unsubscribing' from the stuff I am getting.

Never, ever unsubscribe from the spam you get. Most of the time the "unsubscribe" button usually found on the bottom of the spam mail you've got is just there to confirm that your email is valid. Within a few days you should therefore see plenty more of those mails.

The only time I would use this feature is when I unsubscribe from a service that I know (and rembember) to have requested in the past.

Proxus

NEVER, EVER DO THIS.

Sorry for the emphasis, but this is known as "backscatter" and it is BAD ! Spammers frequently hide behind other people's email addresses and servers.... by actively bouncing rather than just silently discarding, all you do is p!ss off server administrators who have nothing to do with the offending party.

That depends on how you do it. Accepting mail and then processing it and generating a fake bounce does indeed cause backscatter and is to be avoided.

Generating a correct 5xx bounce as part of the incoming mail transaction is a perfectly reasonable way of dealing with the junk mail. Your average spam zombie, on receiving the reject, will drop the message on the floor and not attempt to send it elsewhere because it's a waste of its resources given that it knows that the From: field is likely to be invalid. I've always used this approach, but it does require you to have your own on-line mail server to do it, once it's hit a POP3 or IMAP server somewhere then it's delivered.

as part of the incoming mail transaction is a perfectly reasonable way of dealing with the junk mail.

Indeed, its actually code 521 you're looking for and I use that on mailservers once some basic validation checks happen and before processing mail any further to ensure no unwanted email ever hits storage. But Mailwasher and such like running on client machines aint' the incoming transaction by any stretch of the imagination. :E

I always check the real sender behind the visible address and then send the site webmaster a message that his site is being used to generate spam.

I always check the real sender behind the visible address and then send the site webmaster a message that his site is being used to generate spam.

Save yourself some time and effort, just copy/paste the raw source text of the email into Spamcop. :ok:

mixture, what do you mean by that. A senior moment I think but I couldn't figure it.

PPP

mixture - thanks :ok: understand but alas cannot see raw source text from Jelly Bean

Mailwasher is only client-side filtering in a way - it downloads the headers rather than the whole mail, allows you to select/preselect what you don't want and then deletes them all from the server long before they hit your machine.

Since a trip to Buenos Aires a couple of years ago I get lots of medical advertising spam from South America, mostly from a couple of adsites, that would take ages to download and clog my machine. Messages to [email protected] and [email protected] have been ignored. Before I connect, Mailwasher checks my badlist and starts by deleting all the known unwanted crap from the server and I can just tick off a few more before fetching my mail.

These are quasi-legit sites and there is no way for me (or most people) to set up my own personal email filter at my ISP (who in fact does a pretty good job themselves of deleting obvious spam and malware). AFAIK none of the big ISPs in S. Africa have this facility.

So Mailwasher it is - why are you so agin it mix?

And no, I don't bounce stuff - it has little effect and just clogs up the Web even more.

Mac

:suspect:

mixture, what do you mean by that. A senior moment I think but I couldn't figure it.


Spamcop as in spamcop.net

Its a website where you can copy/paste the raw source of an offending email and it does all the analysis for you and automatically proposes the correct email addresses to report to (and will even send reports too).

Very handy.... and you get a reasonably generous amount of usage for free.

If, on the other hand, you meant "what is the raw source ?" ... by that I meant the text version of the email that contains the Header and other lines that are normally hidden from you in the normal email interface.

Mailwasher is only client-side filtering in a way - it downloads the headers rather than the whole mail, allows you to select/preselect what you don't want and then deletes them all from the server long before they hit your machine.

Yes, but proper server-side filtering doesn't even store or parse the majority of spam emails. Over 80% of spam can be defeated at the initial SMTP transaction stage (SMTP HELO)... the remaining 19.99998% can then be defeated through analysis on the server.

Client-side filtering of any sort is a waste of time and computing resources.... its already too late.

Keep on prodding your email provider to improve their anti-spam.

Well mix, there's spam and there's spam

Yes, there's the Viagra and penis-enlargement stuff - real spam which my ISP immediately ditches (but of course a few real spams make it through their filters).

Then there's the semi-spam - newsletters from hardware or software people that I have dealt with, new products from surgical companies that I have bought stuff off in the past - all crap that I'm not interested in anymore. This actually makes up the bulk of my inbox crap, but there is no way that my ISP can guess that I don't actually want to read it.

If my ISP were to ditch everything that even smelled faintly of spam then I'm pretty sure that a fair bit of mail that I do want to read would go in the bin too and emailing me would be highly unreliable.

Complete server-side filtering cannot work unless the ISP has individual whitelists and blacklists for every client and I don't know of one that does.

In the real world a utility (like Mailwasher) which downloads the message headers and allows one to delete them off the server before invoking the full email client is the only possible solution.

I hesitate to say it, but I sounds as though you do not see that it is near impossible to differentiate unwanted/uninteresting mail from wanted mail for an individual adressee.

Mac

:ouch:

Well, I can't speak for Windoze but on my Mac I use a mail client that does exactly that. The Mac Mail app has itself a junk filter but my online mail system is MacAce which has a system that you train. There is a range of choices including tagging as junk mail and blocking. It doesn't throw anything away but it puts all the Viagra type stuff in a folder on its server and every few days sends me an email with all the items listed. I simply scan them and put the lot into trash. Occasionally something that I want does sneak in there and so I send it to my inbox.

Mac, are you saying that Mailwasher, which I installed overnight, will do a clean up job before it gets to my inbox?

I have two mails so far and IT ignored them.

If my ISP were to ditch everything that even smelled faintly of spam then I'm pretty sure that a fair bit of mail that I do want to read would go in the bin too and emailing me would be highly unreliable.

Complete server-side filtering cannot work unless the ISP has individual whitelists and blacklists for every client and I don't know of one that does.


Based on personal experience, I can absolutely irrefutably say that lot you've just spouted is a load of codswallop.

On the system I and numerous others in the world are using, if correctly configured, you get zero false positives and very few misses.

I've been running my present system for over 3 years now, and have indeed had zero false positives, and at most I get two or three spams a week make it through. I run email services for others on the same platform too... so we're talking a substantial number of messages being parsed.

You do not need individual blacklists or whitelists.... indeed blacklist/whitelist/graylist type systems only make things worse, not better because they require manual maintenance.

Commercial systems such as Symantec Brightmail and Postini also don't require messing around with blacklist/whitelists and have zero false positives and minimal misses.

"Mac, are you saying that Mailwasher, which I installed overnight, will do a clean up job before it gets to my inbox? I have two mails so far and IT ignored them."

Yes, it will, but it isn't psychic!

Mailwasher will download all the headers, and mark for deletion all the items that it thinks are spam, based on Spamhaus/SpamCop lists and Bayesian filters. You then mark spam as such and it will remember this for the future. There is also a learning algorithm, so it gets smarter as you go along. You can also mark stuff for one-time deletion but not as spam. There are many ways of fine-tuning it, such as excluding whole domains - have a read!

Once Mailwasher has finished deleting all the crap from your mailbox it will then open Outlook (or whatever) and you can properly download the washed mail into your inbox.

mixture

"Based on personal experience, I can absolutely irrefutably say that lot you've just spouted is a load of codswallop."

Well, I can absolutely irrefutably say that you have either not read or not comprehended what I have written (and that you have a nasty temper and don't listen).

"On the system I and numerous others in the world are using, if correctly configured, you get zero false positives and very few misses.

I've been running my present system for over 3 years now, and have indeed had zero false positives, and at most I get two or three spams a week make it through. I run email services for others on the same platform too... so we're talking a substantial number of messages being parsed."

I can quite believe it, for by using Brightmail or Postini (or Dovecot or SurgeMail or whatever) you are acting as the ISP/mailserver and can set-up your spam filters as you wish!

Put your bile aside and consider for a moment the following situation - one of my less stable patients regularly forwards to me vast amounts of fundamentalist Christian literature which I have no interest in. This is not spam as such and there is no way for my ISP (MWeb) to know that I do not wish to receive these communications. I do not control my POP/IMAP server and neither do most of us.

When I wish to check my inbox I start by invoking Mailwasher, which downloads the headers and knowing that I do not wish to receive mail from [email protected], deletes the entire message from the MWeb POP server. When I have removed all the crap, Mailwasher will then invoke my email client and I can download the rest.

Most people will have realised by now that we are talking about two different things, one is the situation of the ordinary user who accesses their mail through a POP/IMAP provider - the other, as in mixture's case, is administration of a POP/IMAP server where you can of course configure your filters as you like.

This is not rocket science guys - either mixture is being extremely dense or....

Mac

:rolleyes:

Are those offers from Nigeria consider spam? I regularly put them in the junk file, but is there another way of handling them like sending them to Cap ?

This is what Mixture said:
On the system I and numerous others in the world are using, if correctly configured, you get zero false positives and very few misses. (my emphasis)
Once again I can only speak for my system but I have an ordinary POP account. However, my online mail client does allow me to configure my filters. Maybe I am lucky in having a very good mail server for the Mac in the form of MacAce, but I can assure you that MacAce is one of the most popular and most-used systems, used by ordinary Mac users like me and, I repeat, I am easily able to configure filters - it comes with the package. Yes, Mixture can be acerbic, but he has helped me and a lot of others on these forums and I suggest you try to read what he is saying before throwing it back at him.

, if correctly configured,

Indeed. Those words were put there with purpose. Not simply for padding.

I have seen the effects of people implementing overly aggressive anti-spam configurations.

You have to spend a couple of months monitoring the system and tweaking it for your own purposes... you can't just copy paste configurations you've found on the internet. Which is where most people go wrong and are then surprised when they get a whole load of false positives which is only down to their own stupidity.

However, once correctly tweaked during the initial setup, it runs very well indeed. As I said, I use it and I know many other companies around the world who use it (and with whom I have absolutely no relationship, I just know they use the same setup), and I trust it sufficiently that I don't operate the quarantine functionality.

MacAce - "Our advanced spam filtering system is fully customisable on a per-account basis. It’s a fully loaded defence system that can perform over 500 tests on each and every incoming email for you - including SPF, sender confirm, auto-whitelists and endless manual filtering options. We provide 5 default one-click settings so that filtering can be customised to suit your needs - or indeed turned off completely. It’s about control, we understand that everybody likes their email and spam treated differently and so there are over 50 advanced settings too."

Very few ISPs offer spam filtering on a per-account basis (as I pointed out) - I only wish that more of them did!

IF MWeb provided this facility then I would use it rather than Mailwasher - though since MW only downloads the headers it isn't that big a deal.

:cool:

Very few ISPs offer spam filtering on a per-account basis (as I pointed out) - I only wish that more of them did!


You miss the point !

Per-account is as pointless as client-side, you miss a whole load of filtering opportunities.

ISPs should offer better spam filtering.

That is the point I am trying to make (with an implied suggestion that people perhaps shop around for either different ISPs or somewhere else to host their email where proper filtering does take place).

e.g. Gmail.... which I gather is pretty good since the Postini acquisition.

Oooooh....facepalm!

No, you miss the point - my ISP (MWeb) are pretty good at pre-deleting real spam but that still leaves a lot of unwanted non-spam garbage that I have no interest in.

But as I have tried so very hard to explain, there is no way that MWeb can know that I do not wish to receive my patient Mrs McGuire's frequent observations on her health (unless they are psychic!) [or for that matter the latest bulletins from Solarwinds, The University of Cape Town, Oracle or Ubuntu].

The only way I can pre-delete this sort of unwanted stuff directly from the MWeb mailserver, before it hits my mail-client inbox at home, is by using an application such as Mailwasher (and it works very well).

Evidently we are talking at cross-purposes here and it is getting late, so I suggest that we both wish the other a cordial goodnight.

Sleep tight!

Mac

:\

Back to Pop's problem? Pop, forward one of the spams to me and I'll see if I can find the origin.

Evidently we are talking at cross-purposes here and it is getting late, so I suggest that we both wish the other a cordial goodnight.

Indeed I think this thread is indeed drifting, and perhaps needs to be left to RIP.

One needs to check the anti-spam facility at your ISP from time to time. Very occasionally I have discovered important emails in the ISP trap which, by any measure of human reason should have been passed on without so much as a blip. A couple of times this has been quite serious and important information has been delayed. (My ISP consistently has one of the highest customer satisfaction ratings in the country).

I have also used Mailwasher almost from the time it was first released. I consider it to be an essential part of my internet software - even though it may be a last resort from a technical aspect.

and perhaps needs to be left to RIP

But Routeing Information Protocol is nothing to do with SMTP mail content... :E

Well, I have been using Mail Washer since it was suggested and so far my spam has reduced by more than half. As time goes on I suspect, as Mac says, that the problem will be much smaller - maybe even disappear.

Thank you.

PPP

when the Nigerian 419 scams started I used to pass them on to the City of London Fraud Squad - at their request - after a couple of years they called off monitoring them as a) there were so many b) everyone was aware of them

best was when I had an email supposedly from a Prince Eze - as my company had actually dealt with the man himself (and there is a whole book to be written about THAT) I mentioned this to the law - and received back a rather amusing but scurrilous limerick on the subject...... :p:p

when the Nigerian 419 scams started I used to pass them on to the City of London Fraud Squad - at their request - after a couple of years they called off monitoring them as a) there were so many b) everyone was aware of them

I believe the Met Police took over that role and you can still email them..... whether much action is taken is another question.