Evolution

[John Dangler]

On Tue, 2007-03-27 at 16:53 -0400, Dave Scott wrote:
> Jeffrey F. Bloss wrote: 
> > John Dangler wrote:
> > 
> >   
> > > > > At this point, I'd like to blacklist my entire mailbox, and open it only
> > > > > to those I want to allow in, either by sending an autoresponse (like
> > > > > "hey, reply to this and i'll read your mail") , or some other method.
> > > > >         
> > > > Well, you don't want to do that.
> > > > 
> > > > You've just suggested spamming the From: address of every forged e-mail
> > > > you receive. You'd become part of the problem then.
> > > >       
> > > How does that work?
> > >     
> > 
> > How does it *not* work? 
> > 
> > If you challenge every unknown address and I start force feeding you
> > messages with a forged From/Reply-To/etc headers, you're going to
> > automatically send your challenge to those addresses, not me. If they're
> > forgeries of live addresses there's probably someone on the other end
> > saying "WTH is this crap!".
> > 
> > Even if they're not live addresses you're still forcing extra useless
> > messages through an already busy pipe. If your challenge/response
> > scheme is *really* brain dead it may even escalate the problem by
> > trying to re-challenge the bounce messages its challenges generate.
> > Even if it's smart enough to recognize "endless loop" problems (not
> > always as easy as it sounds), you're still sending out unsolicited
> > messages in bulk, which by strict definition makes you one of the
> > BadGuys(tm).
> > 
> > You *might* even be used as a pawn to flood/annoy/DoS a third party by
> > someone purposefully forging a specific address and having you send
> > multiple challenges. Arguably putting you in the unenviable position of
> > being classified as an "open relay" by your ISP, and having your
> > account yanked. :(
> > 
> >   
> > > > > Is there a way to set this up in Evolution?
> > > > >         
> > > > As a starter, set up a filter that redirects all mail to the Trash
> > > > unless it matches each address in your list.
> > > >       
> > > So this would be like setting up rules to say if sender is
> > > such-and-such, move to inbox..., (but how do you set up mail to go
> > > somewhere else by default?) but as a default everything would go to a
> > > hold/trash folder.  Then if I don't move it, its trashed, either
> > > programmatically or via some other method (although I hope the other
> > > method isn't manual, since right now it takes me about an hour a day
> > > just to dump mail I know I don't want)...
> > >     
> > 
> > Evolution (I think) has a conditional to check if an email address is in
> > your address book. If that's met, move the messages to a folder named
> > "Friends" or whatever. You might want some rules just before this to
> > move mailing list messages to their own folder just to cut down on
> > processing time, but however you sort "known good" messages from unknown
> > messages your very last rule will be a "match everything" condition that
> > "moves to trash". Rules are generally executed in order, with any
> > "move" action ending the processing of that particular message.
> > 
> > The "delete what's left" method is a heavy handed way of dealing with
> > spam that will almost undoubtedly result in lost mail. Better to move
> > to an "Uncertain" folder and hand sort your leftovers, but then that's
> > not much better than no filtering. You still have to see the crap.
> > 
> > The best overall course of action IMO, is to first whitelist your
> > "friends" then submit what's left to a good Bayesian spam filter. The
> > stuff that triggers Bayes filtering gets marked read and moved aside so
> > you don't have to see it, but it's still there in case you find
> > something important has gone missing. What's left after the "friends"
> > and Bayes filtering is all you really have to hand sort, and with a
> > little training that's going to be a pretty minor inconvenience. 
> > 
> > I process upwards of 1000 messages a day on my little home server, most
> > of them mailing list messages. Between 10 and maybe 50 of them will be 
> > spam. With the method above and using only Bogofilter and ClamAV (which
> > detects some phishing attempts), I only actually have to look at maybe
> > 1 or 2 spam messages a week, on a bad week. :)
> >   
> I'm using Thunderbird and have tried setting up filters both ways. The
> easiest I've found is to start with a "move everything to trash" where
> the match condition is two-fold - one to check to see if "@" is in the
> From: field and one to check to see if "@" is not in the From: field.
> That guarantees every message will be processed and nothing should end
> up in the inbox. 
Could you post an example of this?  I'd like to try it...
> 
> Then I start inserting whitelist filters above that "catch-all" and
> direct them to move the message to a specific folder. The reason I
> chose this method is that I put a number of messages together in the
> same folder from different senders. Family gets all the email from
> family and close friends. Techstuff gets all the web technical stuff I
> subscribe to.
> 
> I like the idea of putting list filters first, but they don't all come
> to the same account, so I just set up filters there as needed. 
> 
> Dave
> 
> -- 
> David E. Scott              
> DaveScott at Columbus dot rr dot com   Software Development
>