[Spambayes] Pop mailbox filtering

Jan Fure list2003 at fure.net
Sun Apr 13 23:05:26 EDT 2003 

Dear fellow spam fighters;

Some of the requrements for a good spam tool can be summarized as following:

1. Effective filtering, so I don't have to see the spam.
2. Mobile, in the sense that the tool filters various pop3 mailboxes, 
such that the mail can be checked without being at home, without 
manually wading through the spam.
3. There should be safeguards against loosing a message.
(These are simple if spambayes runs on a server with UNIX mailboxes, but 
  being connected through @home/comcast, I am not counting on being able 
to telnet in to my home PC)

I think I have achieved this through spambayes, and a script which 
deletes messages from my pop3 mailbox if determined to be spam.

Here is the mechanics of it:

1. Script connects to the pop mailbox through the pop3proxy.py based proxy.
2. Script parses the 'X-Spambayes-Classification:' header, and if 'ham' 
or 'unsure' does nothing, if 'spam', the message gets downloaded (in 
order to have the option of training the classifier), deleted, and my 
local sendmail will send a message to the address in the 'Reply-To:' 
field, or if non-existent, the 'From:' field, with the following text:

I am sorry to inform you that your recent message was
determined to be automated by my mail-filter, and in the
event this was a mistake, please re-send the message, it
will most likely get through this filter if you change
the format to plain text.

The subject line is 'Your Recent Message to Jan Fure', which will let 
anybody sending an important E-mail realize it did not reach it's 
destination, and why, whereas this is likely to be useless to a spammer, 
and in the event the 'From:' or 'Reply-To' adresses are mail-bots 
programmed to decipher good adresses from subject lines or sender, 
neither will match anything in its databases, as my 'From:' field only 
gives a hostname for which there is no routing, and I am not re-using 
the subject line, which I will assume is unique in the case of a 
competent spammer.

Has anybody else done something like this?

My biggest qualm is the possible event that spam with a fake 'Reply-To:' 
field cauces me to send unsolicited E-mail to innocent third parties. 
But I will live with this possibility, I still think my behavior is 
just, but possibly not gentle.

In the testing phase, I have been running the script on the proxy which 
receives the spambayes mailing list messages, and none of them have 
bounced yet.

Jan

More information about the Spambayes mailing list