Anti-Spam Email Information

Last updated on December 15, 2003.

While I want to be able to receive email from people previously unknown to me, regarding my web pages, work, and newsgroup postings; I don't want to receive unsolicited bulk email. I also want to block my web pages from annoying bots.

I currently block stuff at wolff.to based on the following:

Since the spammers have teamed up with the virus writers, IP based blocking has become a lot less effective against spam (it does help against some viruses). Currently it looks like checking to see if the connecting host accepts connections on port 25 will help. Of course that won't last once enough people start doing it. I use the following to do this for qmail:
```
#!/bin/sh
exec 2>&1 \
/usr/local/bin/tcpserver -vRDHl0 -u 0 -g 0 -x tcp.cdb 0 smtp \
  sh -c ' \
    /usr/local/bin/tcpclient -q -T 5 -H -l unknown \
      "$TCPREMOTEIP" smtp /bin/true && \
      exec /var/qmail/bin/qmail-smtpd \
    || \
    echo "451 Unable to verify remote mail server"'
```
I am trying out spfilter which is a program that will combine various block list data and produce outputs suitable for a number of different programs (rbldns in my case). They also provide daily updates for several of the block lists. The advanatge of grabbing the data and building my own list is that I don't have to tell third parties what IP addresses are sending me email.
Email sent to spamtrap addresses will block the IP of the host handing the email off to me.
Requesting certain web pages via http or https will resulting in the IP address of the connecting client being blocked. Generally only robots that ignore meta robot tags will try to fetch these pages. If you are interested in this, I have details available.
I will manually (via a quick command in my mail reader) add the IP addresses of hosts which handoff virus mesages or spam to my host.
I will occasionally manually add IP addresses of misbehaved robots that don't trigger a block on their own.
I will manually block domain names used in the envelope sender address from sending me email if I see that their mail server doesn't accept bounce messages.

My mail at UWM gets extra scrutiny, since I can't control who gets to send stuff to their hosts and they do some internal spamming, I use mail filters to drop messages based on a number of idiosyncratic rules.

There is also a domain block list for poorly run run mail servers, RFC-Ignorant. Their system doesn't integrate well with stock qmail and they don't provide data other than by DNS lookup, so I am not currently using them. However, when I find places that reject bounce messages and the like, I add their domains to my badmailfrom list.

I have also written a program that generates web pages with bogus email addresses. I have mapped a whole class of addresses (robot.*.html) to this program using my .htacces file. This is depreciated in favor of the system mentioned above.

To find out more about netiquette you can read rfc 1855 and rfc 2635 .

This page is maintained by Bruno Wolff III on wolff.to.

A secure version of this page is located at: https://wolff.to/bruno/antispam.html