« Rodney | Main | Software Update Exploit »

created 25 June 2002

On dealing with Spam...

If there is another issue that makes people so angry that they throw away common sense as easily as spam, I don't know what it may be. I can almost understand it, as the constant barrage of idiocy from the people out there who think that I have a really horrid self image, am impotent, without friends, and unable to meet girls, (okay, I'm a geek. Most of my friends live in other parts of the country, and face it, a lot of women don't like being second to a glowing box. To all the women of the world: If you want to be numero uno in a man's world, don't date a computer geek. You may tie for number one for a brief while, but eventually, you are firmly ensconced in the number two slot. That's just the way geeks are.), can't make pancakes or salads without mechanical aid, etc.

So there is the hue and cry for "There ought to be a law...". Well, no, there shouldn't be. I mean really, how do you enforce anti-spam laws on the Internet. When a spam server is in a different country? The answer is you don't, so these idiotic spam laws are just that. Idiotic, a waste of time and money, but they look good on the campaign trail.

Another highly touted option is RBLs, or black-listing spammers. They don't work as well as we'd like them to. Spammers are annoying, but they aren't stupid. They just switch mail servers, mail domains, etc. As well, most of the RBLs aren't the most professional bunch of folks I've dealt with. I don't want idealists filtering incoming mail. Idealists get angry, idealists justify vendettas, idealists are usually incapable of admitting error. I want to do business a bunch of cold-hearted pragmatists who understand things like due diligence, SLAs, allowing clients to see test results, proper notification schemes, etc. All those things that aren't cool, and get in the way of SAVING THE WORLD FROM THE EVILS OF SPAM. You aren't saving the world, you're providing a service. Therefore, you aren't Spider-Man, you're Business-Man...act like it.

So RBLs, while a partial answer, (they do work well when run well, but they aren't the panacea people want them to be), don't eradicate spam. What about anti-spam applications? Well, again, they will work better than nothing, but remember, spammers aren't stupid. They can get a copy of any anti-spam application just like you, and beat on it until they find the weaknesses and holes, and blow right through them. The same goes for anti-spam functionality in email applications. Even fun ones, like the 'bounce' feature in Apple's Mail application end up being rather manual, and time consuming.

Another option that I've seen recently is to change email addresses regularly. This one is probably the worst option of all, particularly for a business, or if you are on mailing lists. It's also temporary. The spammers will find you, they always find you.

But you can't just give up, and spend hours a day wading through spam. So how do you filter out spam? It's really simple. You don't, or at least not directly. See, the problem is, that spam isn't consistent. The headers change, the subjects change, it all changes. Email rules, filters, anti-spam applications don't do well with fuzzy logic. So eventually the spam gets through.

So here's the trick. Don't filter the spam. Filter everything else. The stuff you want to get, or are supposed to get is rather static after all. You know what work email is going to look like, create a work folder, and filter all work emails into that. Mailing lists the same way, friends, family, etc. I've been doing this forever, or at least since Emailer 2. I got the idea after re-reading one of the entries in a favorite book series of mine, The Destroyer. In one of the books, (I leave it to you to figure out which number), a scientist has finally figured out an economical way to extract shale oil. He doesn't. What he does, is find uses for all the non - oil products of shale. So the oil, which is the valuable part, is now a by-product, and therefore costs nothing to get. I realized that this would work for spam as well.

I don't filter my spam, I filter everything else. Therefore, 99% of what is left in my inbox can be assumed to be spam. It takes about thirty minutes a day, tops, to deal with the spam, and that is mostly scanning from headers and subject lines. So, I can just do a big select and delete on almost everything in any of my inboxes. Spam is gone, very little time wasted, and I find that by using filters on my incoming mail, I can be more efficient in dealing with the non-spam email as well.

This approach is more of an aikido-ish approach than a blunt force method. You aren't stopping the spam with a head-on attack. You are diverting the mail you do want, and then gently guiding the spam into your trash. While it doesn't stop spam at it's source, or at the server, it does remove the efforts of constantly tuning anti-spam applications, etc. This also works on any email client that has even rudimentary filtering, which is most of them. If your ISP is using an IMAP server, such as Communigate Pro, then you can easily create server side filters that filter your wanted email as it comes into the server, so when you go to check your email, the filtering is done before the email ever gets to your Mac. Far simpler than creating multi-layered conglomerations of RBL subscriptions, anti-spam applications, junk mail filters, etc.

It doesn't do anything to stop the spammers, but it makes dealing with their effluent far easier, and that's a worthy goal as well.

Comments

Warning for Notes users: The commenting system uses HTML.
I know this will be scary for some of you, especially Notes fans. However, open standards, rah-rah.
If you want to use less-than or greater-than signs, or other similar characters that HTML reserves,
you'll simply have to learn to do it the HTML way. Luckily, HTML is kind of popular, no matter what
your re-educators have told you, and you can easily find help on the intertubes.