Roman Sandals

December 11, 2007


Filed under: spam, technology, Uncategorized — rchanter @ 10:27 am

So one of our mail servers got listed on spamcop the other day. It’s just an operational hazard of running a mail service of a non-tirvial size really, but still a PITA. Delisting is simple enough, mopping up is harder. I don’t know who I should be most annoyed with:

  1. Spamcop, for being a trigger-happy, FP-prone list (and by extension, Ironport for not doing enough to clean up their act).
  2. The people running mail servers who think spamcop is a safe RBL. This includes a few providers that I would have expected to know better.
  3. The people running rogue autoresponders inside our network, which is the most likely way for reputable senders to hit the spamcop spamtraps.
  4. IBM/Lotus, whose Out-of-Office autoresponder is an utterly brain-dead piece of crap. (and don’t get me started on how unusable mail rules are).

The right answer, of course, is all (or none) in equal measure. But deep down, I think I want to blame Spamcop and Ironport. Now, I’m all for blacklists discouraging backscatter. But no matter what measures the service operator takes, there’s always going to be something back at the mailbox that does The Wrong Thing. And Spamcop (by which I mean Ironport) have a tool that would be exactly the right thing to help distinguish between indiscriminate backscatterers and sites that mostly have the problem under control.Grrr. B’stards.

September 12, 2007

An unexpected development

Filed under: spam, technology — rchanter @ 11:19 pm

With the early lead Linux established in cheap supercomputing, and high profile compute clusters from Apple and Sun, who would have thought that the world’s most powerful supercomputer would turn out to be running Windows?

I kid, but there are a couple of takeaways here for antispam efforts. One, you can’t outspend the botnets on infrastructure. Techniques that rely on making the client do CPU-intensive work are doomed. Two, it’s ever more clear that you can’t filter spam just by looking at it (in software, I mean). Your content-inspecting filters are a distant second in importance behind all the antispam stuff you do before you see any data.

Blog at