Evolution

Jeffrey F. Bloss jbloss at tampabay.rr.com
Tue Mar 27 18:12:47 UTC 2007 

John Dangler wrote:

> > > At this point, I'd like to blacklist my entire mailbox, and open it only
> > > to those I want to allow in, either by sending an autoresponse (like
> > > "hey, reply to this and i'll read your mail") , or some other method.
> > 
> > Well, you don't want to do that.
> > 
> > You've just suggested spamming the From: address of every forged e-mail
> > you receive. You'd become part of the problem then.
> How does that work?

How does it *not* work? 

If you challenge every unknown address and I start force feeding you
messages with a forged From/Reply-To/etc headers, you're going to
automatically send your challenge to those addresses, not me. If they're
forgeries of live addresses there's probably someone on the other end
saying "WTH is this crap!".

Even if they're not live addresses you're still forcing extra useless
messages through an already busy pipe. If your challenge/response
scheme is *really* brain dead it may even escalate the problem by
trying to re-challenge the bounce messages its challenges generate.
Even if it's smart enough to recognize "endless loop" problems (not
always as easy as it sounds), you're still sending out unsolicited
messages in bulk, which by strict definition makes you one of the
BadGuys(tm).

You *might* even be used as a pawn to flood/annoy/DoS a third party by
someone purposefully forging a specific address and having you send
multiple challenges. Arguably putting you in the unenviable position of
being classified as an "open relay" by your ISP, and having your
account yanked. :(

> > 
> > > 
> > > Is there a way to set this up in Evolution?
> > 
> > As a starter, set up a filter that redirects all mail to the Trash
> > unless it matches each address in your list.
> So this would be like setting up rules to say if sender is
> such-and-such, move to inbox..., (but how do you set up mail to go
> somewhere else by default?) but as a default everything would go to a
> hold/trash folder.  Then if I don't move it, its trashed, either
> programmatically or via some other method (although I hope the other
> method isn't manual, since right now it takes me about an hour a day
> just to dump mail I know I don't want)...

Evolution (I think) has a conditional to check if an email address is in
your address book. If that's met, move the messages to a folder named
"Friends" or whatever. You might want some rules just before this to
move mailing list messages to their own folder just to cut down on
processing time, but however you sort "known good" messages from unknown
messages your very last rule will be a "match everything" condition that
"moves to trash". Rules are generally executed in order, with any
"move" action ending the processing of that particular message.

The "delete what's left" method is a heavy handed way of dealing with
spam that will almost undoubtedly result in lost mail. Better to move
to an "Uncertain" folder and hand sort your leftovers, but then that's
not much better than no filtering. You still have to see the crap.

The best overall course of action IMO, is to first whitelist your
"friends" then submit what's left to a good Bayesian spam filter. The
stuff that triggers Bayes filtering gets marked read and moved aside so
you don't have to see it, but it's still there in case you find
something important has gone missing. What's left after the "friends"
and Bayes filtering is all you really have to hand sort, and with a
little training that's going to be a pretty minor inconvenience. 

I process upwards of 1000 messages a day on my little home server, most
of them mailing list messages. Between 10 and maybe 50 of them will be 
spam. With the method above and using only Bogofilter and ClamAV (which
detects some phishing attempts), I only actually have to look at maybe
1 or 2 spam messages a week, on a bad week. :)

-- 
     _?_      Outside of a dog, a book is a man's best friend.
    (o o)         Inside of a dog, it's too dark to read.
-oOO-(_)--OOo------------------------------[ Groucho Marx ]---
                    http://wrench.homelinux.net/~jeff/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 892 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20070327/749a07d9/attachment.sig>

More information about the ubuntu-users mailing list