I get a lot of spam, or rather, I used to get a lot of spam. I used to get easily a dozen per day, compared to 2-3 pieces of legit e-mail.
I’ve been dutifully training the adaptive filter in Thunderbird for years, but even though I don’t see many false positives, I’ve never quite trusted it enough to have it automatically dispatch the messages it tags as junk. I also turned on the Spam Assassin feature on my mailbox at my hosting provider, but again, I didn’t trust it enough to have it deal with the messages it flagged automatically. The only thing that really worked was retiring an e-mail address I’d been using since the mid 90s, and that worked for a while, but the new address has leaked out.
I’ve been unwilling to use GMail or Yahoo because I’d rather be in more control of my own mail, but I haven’t been eager to spend a lot of time setting up and tweaking specialized filters either.
Instead, I’ve been waiting for “Pair.com”:http://pair.com, who provides web and e-mail hosting for Geekfun.com, to roll out a new anti-spam system they announced months and months ago. The new system added support for mailserver blacklisting (which refuses mail from mailservers that various groups have identified as spam havens), adaptive filtering and mailserver greylisting.
Pair has allowed its customers to configure their accounts for the new system for months, but Pair has hundreds of servers, each hosting a hundred or so customers, and they were going through them in small batches, often with long delays to work out newly discovered kinks. I’d gone in and turned on greylisting. Greylisting temporarily rejects e-mail from questionable mail servers and counts on legit mailservers to retry again after some period of time. Spammers are usually in a hurry and won’t retry. I was less confident in using blacklists since they can be overaggressive in their stance. I also decided to skip the adaptive filter, at least for now, because I didn’t want to take the time to train it, and becasue I still have concerns about false positives.
I was beginnning to wonder though if I’d ever get to try out the new features before I choked to death on a growing torrent of spam. It took a long long time for them to finally upgrade my server to the new system, and at first, it wasn’t obviously better. I kept getting spam. Most of it was getting tagged, but when I inspected the message headers, it looked like the greylisting feature wasn’t being triggered at all, even for e-mail that clearly originated from someone’s cable modem somewhere.
After a bit of digging I discovered the problem. The old mail handling system had mail delivered directly to the server that hosted my mailbox. The new system relied on a new “mailwash” server to do all the spam filtering before passing the message to the machine hosting my mailbox for final delivery. The delivery destination for outside mail is determined by a DNS MX record. I’d done custom configuration of my DNS record and so Pair hadn’t automatically updated the delivery destination for geekfun.com when they upgraded my server to the new antispam system. As a result, mail was still being delivered to the server with my mailbox. This server saw that it hadn’t been “mailwashed” yet, so it would hand it over to the mailwash server. The mailwash server would see that the mail came from another pair server, rather than some cable modem connected box somewhere, and pass it along through.
So, I updated the MX record for geekfun.com to point at the new mailwash server and over the course of a day or so, that information made it out onto the wider net. Now all my mail is going through the mailwash server first, and it seems to be successfully turning away bogus messages before any of the other filters even come into play.
It’s pretty sweet not to have to deal with a few spam messages every time I look at my e-mail. It’s also a bit disconcerting. I keep wondering if my email is working.