logo

Mail Filtering News

Stay up to date on the latest in ACME Labs' mail filtering technology, and spam news in general.


28oct2005 - Microsoft Discovers Zombies:
"I'm shocked, shocked to find that zombie PCs send spam." Microsoft Stalks Super Spammers Takes legal action after test PC is bombarded by 18 million spam messages in three weeks. Microsoft announced today that it has filed a lawsuit against groups that use zombie [...]
--Read More--

08aug2005 - BMF:
I added a third Bayesian filter to my line-up. Info here.
--Read More--

28jun2005 - MX Switchover:
Since I'm now ignoring all the crapmail sent to acme.com, I started thinking about whether there might be some use for it. I asked around and found two different organizations who were interested in getting it, as a massive source of spam and virus examples. [...]
--Read More--

24jun2005 - adminfoo.net:
Got a really great review of these pages from adminfoo.net. Thanks!
--Read More--

21jun2005 - qsf:
A new version of qsf finally showed up in the FreeBSD ports tree so I installed it, upgrading from 1.0.18 to 1.1.0. With this version it is recommended that you retrain from scratch, so I did that - it took 60 hours, because I have a lot of training material! After [...]
--Read More--

17jun2005 - IP Address Switchover:
Back on the 13th I noticed acme's loadav was up to 8, and there was no idle CPU time. I don't know what was going on - maybe some new attack - but I decided it was time to switch off the old IP address and mail address. I've been running on the new address only for [...]
--Read More--

16jun2005 - Paul Graham Blacklisted:
Paul Graham, the guy whose "Plan for Spam" essay popularized Bayesian spam filtering, has been blacklisted by SBL. He makes some of the same points I did in my Hall of Shame entry for DNS-RBLs. Quoting: No doubt this particular case will get sorted out, and mail containing [...]
--Read More--

09jun2005 - PIPELINING:
One of the comments on yesterday's slashdotting suggested I should turn off PIPELINING in sendmail. I tried this, and didn't find it useful. Here's my writeup. Also more bloggings: thak's cool links, 1134.org, and we showed up in the top ten of del.icio.us / popular.
--Read More--

08jun2005 7pm - Whew:
The aforementioned collisions problem lasted a few hours, but a slashdotting tapers off pretty fast so things were back to normal by around 5pm. I helped things out by temporarily turning off mail service on my old IP address. Aside from slashdot we also got [...]
--Read More--

08jun2005 11am - Slashdotted!:
Looks like the mail filtering pages have been posted in slashdot. I haven't actually been able to check, since my network connectivity is kind of hosed right now. My CPU is mostly idle and the pipe isn't even full, what's hosing me is collisions. I'm getting about [...]
--Read More--

05jun2005 - Blacklist Scripts:
I got around to cleaning up the scripts I use to build my IP-address blacklists. They are now available in the blackmilter section.
--Read More--

01jun2005 - milter-cli:
Here's an interesting little tool I just ran across: milter-cli, by SnertSoft. It's a milter that takes as command-line argument an external program to run. The program gets the mail to be filtered as input, and returns an exit code telling the milter what to do. [...]
--Read More--

01jun2005 - Blogs:
Oops, I had a little glitch in my scripts that prevented people from subscribing to this news blog. It's because the blog is inside a frame. Anyway, it's fixed now. Also, in our first week on the air we've gotten nice mentions in two other blogs: Jim Thompson's [...]
--Read More--

25may2005 - Published:
I finished a second draft of these pages, so they're now open to the public.
--Read More--

24may2005 - FTC vs. Zombies:
The FTC is recommending that ISPs start doing outbound mail filtering. They are also going to identify specific IP addresses as being spam-sending zombies, and report them to their ISP for disconnection. This is pretty good news. Of course, the smart ISPs are already [...]
--Read More--

20may2005 - New IP Address:
Ran another experiment today, and this one had immediate and very good results. Over the past few days I've been setting up email on a second IP address (my ISP lets me have up to eight at no extra charge). I made a new domain name, mail.acme.com, which maps to [...]
--Read More--

13may2005 - Mailto: Links:
I started my first anti-spam experiment today, and it's a long-term one. I got rid of all the mailto: links on my web pages, replacing them with an image of my address and a link to a form for sending me mail. The idea is to confirm or disprove my theory about viruses [...]
--Read More--

09may2005 - Welcome!:
Today I finished writing the first version of these pages.
--Read More--

address