Dave Schweisguth in a Bottle

How many meanings of that can you think of?

Filtering spam with GMail and SPF, episode II: “Attack of the Spam”

leave a comment »

A year ago I described how I sent my email through GMail to filter spam, and how I remailed my email instead of forwarding it to satisfy SPF. But there was an onion in the ointment. Because I was remailing my email, GMail learned that mail from my mail server often contained spam, which GMail recognized as spam from other sources. (“Often” here means as often as spamassassin, which I was still running on my mail server, let spam slip through.) GMail frequently guessed that real mail was spam, and although I could correct it sender by sender, I had to watch my GMail spam folder constantly for mail from real human beings whom GMail hadn’t seen before. That was almost as much work as deleting the actual spam myself in the first place. What’s more, although I’m not aware that this ever happened, for all I know GMail’s low opinion of my mail server might make it think that mail that originated on my server was spam.

Fortunately, there was an easy solution: stop passing the buck.

After a couple of months of forcing GMail to work with one hand tied behind its back, I happened to upgrade my mail server’s Linux operating system. I’d been running an old release of Fedora for several years; I upgraded to CentOS 5.4. I don’t recall what version of spamassassin I’d been running before the upgrade or whether it included sa-update, but after the upgrade I had spamassassin 3.something and I set up sa-update, which downloads new rules from the SpamAssassin project as they become available. I also began sending the spam that did get through to sa-learn to teach spamassassin to filter spam it hadn’t seen before.

I don’t know whether it was the upgrade, the stream of new rules, sa-learn or a combination, but spamassassin now works pretty well, reducing the number of spam messages that get past it from dozens to a few a day.

Now that I’m no longer remailing spam to GMail, its opinion of my mail server has improved and it’s much less likely to send real mail to its spam folder. I don’t need to keep an eye on that spam folder, and in fact I can ignore GMail altogether.

Is there still any reason to remail to GMail? It catches a handful of spam a day, certainly not enough to justify setting all this up in the first place. In fact, if that handful of spam made it to sa-learn, spamassassin might be able to catch even more of it in the first place. So it’s time to disable remailing and just let spamassassin do its job. Unless the unexpected happens again, in which case you’ll hear about it in episode III.


Written by dschweisguth

February 8, 2011 at 18:09

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s