Dave Schweisguth in a Bottle

How many meanings of that can you think of?

Archive for the ‘System administration’ Category

Filtering spam with GMail and SPF, episode II: “Attack of the Spam”

leave a comment »

A year ago I described how I sent my email through GMail to filter spam, and how I remailed my email instead of forwarding it to satisfy SPF. But there was an onion in the ointment. Because I was remailing my email, GMail learned that mail from my mail server often contained spam, which GMail recognized as spam from other sources. (“Often” here means as often as spamassassin, which I was still running on my mail server, let spam slip through.) GMail frequently guessed that real mail was spam, and although I could correct it sender by sender, I had to watch my GMail spam folder constantly for mail from real human beings whom GMail hadn’t seen before. That was almost as much work as deleting the actual spam myself in the first place. What’s more, although I’m not aware that this ever happened, for all I know GMail’s low opinion of my mail server might make it think that mail that originated on my server was spam.

Fortunately, there was an easy solution: stop passing the buck.

Read the rest of this entry »

Advertisements

Written by dschweisguth

February 8, 2011 at 18:09

Filtering spam with GMail and SPF

leave a comment »

8 Feb 2011: Caveat lector! I no longer recommend the setup I described in this post. See the followup for the reason why not. The details in this post may still be useful to some, however.

I run my own domain name service (DNS) and mail service (sendmail) on my home Linux server. Until recently I filtered spam with spamassassin, but the spam that it let through grew until it was time to find another way. I could lower spamassassin’s bar for considering something spam, but it would then not be easy to rescue good mail that was wrongly considered spam. GMail allows you to forward mail from elsewhere to it and retrieve mail via POP or IMAP and it has severe but easy-to-tune spam filtering, so that’s what I used.

In my first setup, I aliased my home account to my GMail account in /etc/aliases and used fetchmail to pull mail back from GMail to home. Initially, that appeared to work great: I got all of my mail just as before and no spam at all (in fact, I had to spend some time rescuing bulk mail that wasn’t spam from my spam folder, but GMail knows about that now).

However, I had a residual problem: some of my filtered emails had an Authentication-Results header indicating that, according to the SPF record for the sender’s domain, my home server was not allowed to send mail from the sender’s domain. Forwarding through sendmail results in email that says it’s from one domain (the original sender’s) coming from another (that of the forwarder), which is exactly what SPF is supposed to prevent. All of my mail was getting through, either because it came from domains without SPF, because it came from domains with SPF configured to ‘softfail’ (that is, to be considered as only advisory), or because GMail wasn’t acting on SPF advice. (I have no evidence that the latter was happening; I just never ruled it out.) Although I was getting my mail for now, I might lose mail if any of several things changed.

Read the rest of this entry »

Written by dschweisguth

December 6, 2009 at 12:48