Why Spam Is Out Of Control

Very worrying article in today’s Guardian technology section. We all know that spam levels are constantly increasing but this article says that 91% of email is now spam. It then goes on to put at least some of the blame on the people who connect completely unprotected PCs to the internet. These PCs then get attacked and taken over by Trojan horse or worm programs which place many of the PC’s resources at the resources of unscrupulous people who can then use the PC for various nefarious purposes. These networks of compromised PCs (or “botnets”) are increasingly being used to send spam. And there are literally millions of these PCs out there. Which means huge amounts of spam.

ISPs and PC vendors need to do a lot more work to educate people into protecting PCs that are connected to the internet. Currently it seems that the vast majority of PC owners have no idea of the problems so they just carry on regardless. The article contains a guide to checking to see if your PC is being controlled in this way. Everyone with a PC connected to the internet[1] should be encouraged to go through this procedure and then to install decent firewall software.

[1] Well, at least, those running Windows. Computers running Linux or MacOS aren’t immune, but they aren’t often targeted as so many people run Windows that it offers far greater returns.

Filtering Spam

A few months ago I changed the way my email server works. Instead of using POP3 to download the mail and then filtering it on the client side using procmail, I configured the system to filter the mail on the server side so that I could read mail using IMAP. At some point during that change I broke the Spam Assassin set-up so that Bayesian filtering no longer worked. The upshot of this was that I was suddenly getting an extra 150 or so pieces of spam that were ending up in my inbox rather than being shunted off to my spam folder. This was most obvious in the mornings when I’d always wake up to 70 or 80 unwanted messages in my inbox. Despite this being an annoyance, it never became enough of an annoyance for me to spend the few hours it would take to fix it.

Then this morning I found only ten or so spam messages in my inbox. My immediate response was to think that there was some kind of problem with my mail server (the recent trackback denial of service attacks have made me sensitive to problems like this and the constant stream of spam is a useful heartbeat to monitor).

But once I’d woken up a bit more I realised that that wasn’t the problem. Actually there wasn’t a problem at all. All that had happened was that yesterday I had finally got round to upgrading to version 3 of Spam Assassin (only 18 months after it was first released!) And this version is much better at catching spam than the old version. So I’m seeing less spam in my inbox again. Which is, of course, good.

Not sure if the Bayesian filtering has started working again tho’. Need to check that over the weekend.

SIDStore are Spammers

(This is me using what limited Googlejuice this site has to get personal revenge)

Last June I bought a t-shirt from SIDStore. It was a nice t-shirt. It had a dalek on it. Here’s a picture of me wearing the t-shirt. I was happy with my purchase. All was well with the world.

Of course, as I bought the t-shirt over the internet, I gave my email address to the vendor. This was (I assumed) purely so they could sent me email relating to the purchase of the shirt. At no point did I sign up for them to start sending me marketing email. I never sign up for marketing email and always make sure I’ve unchecked that checkbox on any web form I fill in.

Everything continued being well with the world until early this year. At that point I got an email from SIDStore trying to convince me to visit their site and buy more t-shirts. I deleted it. And then a couple of weeks later I got another one. This time I replied to the email. I asked why they had taken it upon themselves to start sending me these emails and told them that I didn’t want to get any more. I got no reply other than another similar marketing email a couple of weeks later. I replied again asking once more to be removed from their mailing list. I should point out that none of their messages contain any details on how you might unsubscribe from their mailing list thereby breaking one of the basic rules for bulk email.

Of course, my second email was ignored too. And this morning I got another marketing email from them. So I’m going to assume that my email to them is being ignored for some reason and am forced to take alternative action. Stage one is this post. I’m hoping that this will get on the first page of a Google search for “SIDStore” and people will see that SIDStore use dubious onlne marketing tactics – sending marketing email to people who haven’t requested it and not removing people from their mailing list when asked to.

SIDStore make nice shirts. I was very happy with the one I bought from them. But I won’t buy from people who send unsolicited commercial email. So I won’t be buying anything else from them until they remove me from their mailing list and explain why I was put on their list and why my previous requests to be removed have been ignored.

I strongly suggest that you do the same.

To summarise: SIDStore are spammers. Don’t deal with them.

Update: Success. Currently this is the fourth second hit for a search on sidstore. I ♥ Google.

Configuring Spamassassin

I moved my email handling to a new server a month or so ago and since them I’ve noticed a larger than usual amount of spam getting into my inbox rather than being caught by Spamassassin. Today I decided that enough was enough and that I’d investigate further.

My first theory was that in moving my configuration onto the new server, I’d somehow lost my database of Bayesian scores but no, that still seemed to be be intact.

Then I checked the spam score on on of the spam mails that had found its way into my inbox. It was 6.5. And everything over 5 is supposed to be identified as spam. Except on this box it wasn’t. I’d installed Spamassassin from an RPM file provided by Fedora. And they had changed the default spam score from 5 to 7.

And guess what. Every piece of spam that found its way into my inbox has a spam score of between 5 and 7.

So a quick edit to /etc/mail/spamassassin/local.cf and everything seems to be back to normal.

Which makes me wonder why the Fedora people decided to mess with the defaults. If it ain’t broke, don’t fix it.

Update: If you’re on a Fedora system and you’re having the same problem, don’t forget to run “service spamassassin restart” in order for your changes to be registered.