One new thing I tried over the holiday break was not reading any emails other than those that found their way specifically into my very personal inbox - an email address that has not (yet) been found by spammers.
This had two interesting side effects - firstly, I actually had a holiday, a relaxing break from the daily grind of deleting spam. Secondly, it allowed me to get some decent statistics on the usefulness of email, even if it was in a supposedly-quiet period for work.
The results were devastating and quite depressing. In the approximately 12 days this went on (5 of which could be considered normal work days otherwise), I received 3720 emails (after server-side and client-side spam and virus filters). After manual and automatic filtering (whitelists, blacklists, greylists, sorting by recipient, and so on), just 0.01% of those emails were genuinely useful non-spam solicited mails.
With that signal to noise ratio, it's pretty clear that email is now an untenable medium. I'd been toying with the last drastic step, pointing everything at GMail and hoping for the best, in the hopes that commercially-maintained spam and virus filters would have more hope of competing than my own meagre defenses. But today my GMail account has received 3 pretty obvious spams. I received perhaps 3 in total there throughout 2006.
This makes me think that the spammers are now working pretty hard at breaking through Google's filters, and that it's only a matter of time before GMail becomes useless too. So the effort it takes to switch is only going to provide a short-term solution at best. Do others see high levels of GMail spam, or am I just unlucky?
Meanwhile, I'm religiously maintaining my address book and the use of specific whitelists seems to deal with much of the pain. I've also dropped a handful of mailing lists and finally deleted my Orkut account, which was responsible for several spams a day. I also wonder if handing over mail filtering to an organisation like Plaxo might help - though of course, finding a trusted third party with critical mass is going to be tricky.
Posted by savs at January 4, 2007 5:21 PMOur spam ratio decreased dramatically after activating Razor inside SpamAssassin. And not being very friendly in Postfix config during SMTP link establishment (host name lookups, HELO delays, etc)
Posted by: Steven Noels at January 4, 2007 7:37 PMYup. We wrote our app indi - http://getindi.com/ - that lets you set up direct and group channels. For example, we have one for our family for exchanging Christmas pictures and such-like. The nice thing is that since it's opt-in, it's spam free.
Of course, I still keep an email client running (and using sender verification on my Postfix mail server) for everything else. But it's nice to have one spam-free comms mechanism...
Posted by: Tom Copeland at January 4, 2007 10:25 PMI once knew one of the people behind http://www.citrus-it.co.uk/ which is a commercial service doing spam filtering for corporations. Just in case you did decide to outsource it.
You totals make my 50-80 spam messages a day (that get through Oxford's basic external filters) look pretty good. 98% of those end up correctly in a junkmail folder with oxford's use of spamassassin and my use thunderbird junkmail training. I do occasionally get false positives (maybe 1 message in 1000) but these tend to be messages from mailing lists where spam also gets through.