Spam Assassin Killed Our Email!
Posted 03-30-2008 at 08:54 PM by Bob_McMillen
For those of you who have seen a large drop in spam, that unwanted email, you likely have a little program called Spam Assassin to thank. It's a free Linux program that filters out junk mail by the billions every day. Since less than 1% of all email worldwide is wanted email, this is a significant program.
Up until around five years ago you had to pay for a decent spam filtering program, but since Spam Assassin has gained traction anyone with a little Linux knowledge can make this program work.
Spam is what we don't want. Ham is what we do want. Just like in real life there is a difference that is easily recognizable.
So why is there so much spam? Its because a large portion of you knuckleheads click on the links and actually buy stuff from these crooks.
If people would stop buying then crooks would stop selling. Again this is just like the real world.
I say that as though it's not really real, but its just a different kind of reality. Really?
Money is still money whether you're buying illicit drugs on the street or Chinese knockoff Viagra on the web.
This week however things took a stranger than normal turn. ORDB.org was a website that spammers hated. It was a real time blocking list that showed IP addresses of any mail server that was sending spam. There are several of these worldwide. Mostly outside the US, because although we hate spam, our constitution allows spammers to operate almost without impunity.
ORDB.org was trying to do a good thing, but spammers buried it in internet attacks, and lawsuits. They finally succumbed because they were a free non profit company that didn't have the resources to continue.
Now we get to the assassin part.
Spam Assassin comes with built in real time blocking lists to draw from. The way it works is when SA sees an email on its way to your mail server, it stops for a second to check in with the RBL listing websites to see if its coming from a known spammer.
If it is, then the email is immediately dropped. If not then it goes right through.
SA decided it was a good idea several years ago to build in several good RBL websites like ORDB.org.
ORDB went under two years ago but the code stayed in. Until last week it was just a line of code that was ignored, but then soemthing happened.
Any spam filter with ORDB.org in the list of RBL sites started to reject every single email. The good ones and the bad ones.
Governments, hospitals, schools, and businesses big and small had email rejected by the ton all at once.
It took anywhere from several hours to several days for it to stop happening. The funny thing is that it barely made a dent in any kind of news. This happened despite the fact that almost everyone in the world had at least one email rejected, and many had every email rejected because of it.
The fix was simple. Just remove the line of code and you are good to go.
For some organizations it took days to do this because of a lack of information available about it.
Was it because it was a free product? Maybe the commercial products were gloating that their software didn't automatically do this. It did however if it was manually added, but not by the fault of the software makers of course.
One thing for sure is that we (network administrators) will keep a more watchful eye on the code from free products going forward. I use many of these products myself, usually without issue.
But even I will take a closer look to keep these things from happening again.
Spam can be just nasty.
All hail Ham and its salty goodness!
Up until around five years ago you had to pay for a decent spam filtering program, but since Spam Assassin has gained traction anyone with a little Linux knowledge can make this program work.
Spam is what we don't want. Ham is what we do want. Just like in real life there is a difference that is easily recognizable.
So why is there so much spam? Its because a large portion of you knuckleheads click on the links and actually buy stuff from these crooks.
If people would stop buying then crooks would stop selling. Again this is just like the real world.
I say that as though it's not really real, but its just a different kind of reality. Really?
Money is still money whether you're buying illicit drugs on the street or Chinese knockoff Viagra on the web.
This week however things took a stranger than normal turn. ORDB.org was a website that spammers hated. It was a real time blocking list that showed IP addresses of any mail server that was sending spam. There are several of these worldwide. Mostly outside the US, because although we hate spam, our constitution allows spammers to operate almost without impunity.
ORDB.org was trying to do a good thing, but spammers buried it in internet attacks, and lawsuits. They finally succumbed because they were a free non profit company that didn't have the resources to continue.
Now we get to the assassin part.
Spam Assassin comes with built in real time blocking lists to draw from. The way it works is when SA sees an email on its way to your mail server, it stops for a second to check in with the RBL listing websites to see if its coming from a known spammer.
If it is, then the email is immediately dropped. If not then it goes right through.
SA decided it was a good idea several years ago to build in several good RBL websites like ORDB.org.
ORDB went under two years ago but the code stayed in. Until last week it was just a line of code that was ignored, but then soemthing happened.
Any spam filter with ORDB.org in the list of RBL sites started to reject every single email. The good ones and the bad ones.
Governments, hospitals, schools, and businesses big and small had email rejected by the ton all at once.
It took anywhere from several hours to several days for it to stop happening. The funny thing is that it barely made a dent in any kind of news. This happened despite the fact that almost everyone in the world had at least one email rejected, and many had every email rejected because of it.
The fix was simple. Just remove the line of code and you are good to go.
For some organizations it took days to do this because of a lack of information available about it.
Was it because it was a free product? Maybe the commercial products were gloating that their software didn't automatically do this. It did however if it was manually added, but not by the fault of the software makers of course.
One thing for sure is that we (network administrators) will keep a more watchful eye on the code from free products going forward. I use many of these products myself, usually without issue.
But even I will take a closer look to keep these things from happening again.
Spam can be just nasty.
All hail Ham and its salty goodness!
Total Comments 0
Comments
Recent Blog Entries by Bob_McMillen
- Trunks and VLANs and Firewalls, Oh my. (Part 4) (08-07-2008)
- Trunks and VLANs and Firewalls, Oh my. (Part 3) (08-07-2008)
- Trunks and VLANs and Firewalls, Oh my. (Part 2) (08-07-2008)
- Trunks and VLANs and Firewalls, Oh my. (Part 1) (08-07-2008)
- Video Problems with Vista Beta (06-18-2008)
