Spam filter useless?

WineIsGood

WineIsGood

Perch
I have turned on spam filtering set to "normal" but it doesn't seem to filter anything. Yes, I turned on the main domain one, setup whitelists, and turned on each one in every individual email account also. I just don't notice any decrease in spam at all... we're talking hundreds each day. Should I be setting it to a more aggressive setting?
Thanks,
-Dave
 
Can you look at the source of the email and see it it has a spam assassin tag added to it?
 
for an example (taken from email via this mail server)

X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on cp.m****here.biz
X-Spam-Status: No, hits=1.0 required=5.0 tests=HTML_40_50,HTML_MESSAGE
autolearn=no version=2.63
X-Spam-Level: *
 
Nope, I don't see anything in the source of the email like that.
I use Outlook Express to gather mail from my domains hosted here.
-Dave
 
Ok that is telling me it is not going through the spam filter, could you email (stephen @ jodohost.com) the domain or Private Message it to me, I will login to your control panel and make sure it is all set up and activated properly.
 
Hi there,

I'm getting the same problem as Dave, there are no X-Spam entries in the email headers I'm recieving (although there is a X-Virus-Scan hearder there), I've got two addresses set up on my domain (aside from webmaster and postmaster), one is a private address and the other a catch all account.

I've been tinkering with the Spam check levels over the past two days changing between system default to very aggressive then setting a domain default. None of which is helping.

If I pm you my domain details could you have a look?

Thanks,
Andrew
 
Would prefer email but send away. I have not gotten Dave's resolved yet, it more complex than I thought, but please send me the domains.
 
It seems that the spam filter is working sometimes and not others, on my email now included. I will be speaking with the unix admins about this to see if we can get it resolved.
 
Hi there,

Seems fixed now.

Tested both accounts, the catch account still had lots of spam but I checked the control panel and spam checking was turned off, turned it on, sent a test email and the X-Spam headers were there.

Thanks very much.
-Andrew

Edit:
Actually, it only seems to be working intermittently, some spam is getting through (no X-Spam headers) and others are being stopped.

I assume the problem is still being worked out?
 
Yes, I noticed that this morning also... I received some spam, but not a lot. Only a few of the messages had the spam filter code within the header, though.
-Dave
 
Rajneesh is aware of the problem and is monitoring it. As I mentioned it also happened on my account. But at that same time another test email went through and was scanned. We are looking for what is causing this and will work to repair it, sometimes just tracking down these issues that do not occur all the time is harder than anti-spam just being down for good.
 
One of the problems happening to me is that I have an email account which forwards mail to another. That alias account doesn't seem to filter spam. I try to turn on the checkmark, and it looks like it's on, but the spam blocking icon is gone when I return to the list of email accounts. My main account is "dave" which has spam filtering on, and I see the icon. My alias account is "david" which routes mail to "dave". That icon is not on even thought I tried to turn it on, and I get a lot of spam on that account. Ideas?
-Dave
 
Forwards and aliases to not get filtered. All I can say is that the development company overlooked it, many hosts are "screaming"
 
Sh*t. Seriously? A mail alias, which directs to another mailbox (which get filtered) doesn't get filtered? Neither of the boxes get filtered -- neither the alias, nor the one it gets sent to??? That's tragic!
-Dave
 
To be honest, such an approach to spam filtering through headers and email addresses is not efficient or the best way to handle things. Is there any way for people to set up a "rules" file for their mail server so we can have our mail server scan the mail directly itself by sender, From, subject, and body? This is the way all the hosts I've worked with now do things, and it is much more effective and has better finite control. White listing and black listing takes too much time to manage, and this approach produces an endless list that isn't useful, as most spammers now use software that can fake email addresses and headers. As an example of what I mean, here is one set of rules lines from my old rules file at another host.

B~(\w|-)*(house|days|concepts)\.(com|net|org|biz|info|us|ru):NUL
F~(\w)*coo.net:NUL

Note the first rule looks in the "B"ody of the email to find any non-space inclusive string that begins with any letter/number character or a dash, followed by any substring in the second "( )" in an OR structure, followed by a "." and then an domain suffix in subsequent "( )" OR set. Many spammers are trying to get you to click through to an aflliates program, so I simply sceen for that domain in then body, send it to NUL email acount(Deleting IT), and it doesn't matter where or who it came from.

The second line accomplishes a similar pattern as to a Black list by deleting mail with any address coming from coo.net.
"AND" and "OR" conjunctions can also be used to do more complex fitlering based on mulitiple fields, plus in place of NUL one can indicate a specific email address under the domain as a spam catch account if you'r concerned about being able to review all spam before deleting it. Since this approach works by server and domain and is infinitely refinable, there is no need to turn spam filtering on and off for a domain or individual accounts.

Similarly, I can also screen for a blank body, or blank body and subject, for embedding of java or activex objects used for invasion and trojan techniques used in HTML mail.

A rules file usually is placed inside the root of user's account, typically as "rules.ima" or something, and the mail server loads it for the default domain as a whole.

This is a much more powerful way to go, and it is implementable on Win servers, and hence there would be no need for an plugin system like SpamAssasin.
 
Mart said:
Subject, sender and from are in the headers...
Click to expand...
And how to do we access filtering them? From what I see in the spam settings for my account, all we can really do is screen email addresses. That's not enough. I've been hit with over 40 spams today so far (I received none with the filtering system I had on my last host using the same name/doman email address). Many of them are to the same site's so the sending is looking for hits on an affiliate program. Each one has a different subject, from, and sender. But the link the body always has to be the same.

Some spam programs can even send out without a legitimate sender email address. It's actually a process that's starting to go. So again, a language based filter would allow the screening for emails that DO NOT have the "@" character in them, or have a particular link listed in the body of the email.

All in all though, this is my only sharp criticism. We've had our site on Jodohost with resolved domain for the last 24 hours. And overall, I'd give Jodo an "A" for all else with the only low mark a "C-" on spam filtering.
 
You must log in or register to reply here.
Back
Top