[Nottingham] Tux Games Antispam - Your message is being held

[Tom Bird]

Martin wrote:
> Tom Bird wrote:

(c/r)

>> It isn't just broken from the POV of the snowball effect, it is
>> tremendously selfish even now where fortunately few people have the
>> required mixture of technical ability and ignorance to deploy it.
>>
>> could go on...
> 
> Please do and (politely and intelligently) please explain how to defeat
> the spam menace and for minimum cost in time, effort, and money.

I wish I could!  I'd make millions.  The solution won't come from just 
one person though, this is for sure.  It needs more cooperation from 
governments - there could well be less than 10 people behind 90% of the 
spam, looking at the patterns in what I get.  Fortunately, for them to 
make money there has to be a trail back to them, find them, lock 'em up, 
they are causing havoc.

Secondly, cheap domestic internet services should have port 25 blocked 
except to the provider's own smarthosts, if the pwned windows machines 
can't connect out, they can't spam, and if they go via the smarthost 
then its logged and can trigger a block.  *All* my spam comes in from 
such nodes, peopel will moan about being filtered but you **do not need 
a smarthost in your home**, those wanting to play bedroom isp can get a 
business service.  Freeserve got this right years ago, so it can't be 
too hard.

There's an RFC re point two above, http://www.ietf.org/rfc/rfc2476.txt 
-- I have port 587 configured on my own hosting platform and people do 
use it.

> If not CR, what works just as effectively for the spam victim? (And more
> usefully than just directing everything into "/dev/null".)

I've been using spamassassin and clamav (tied together with exim) which 
has been good.  Fettled spamassassin's settings a bit, catches the vast 
majority but obviously there are still some that get under the net.

> (Tom & Andy: You're welcome to present your case at a meeting if you're
> interested.)

Afraid I don't live anywhere near Notts these days...

Tom