|
FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc. |
|
Thread Tools |
31 Aug 2005, 07:29 PM | #1 |
Intergalactic Postmaster
Join Date: Oct 2001
Location: Melbourne, Australia
Posts: 6,102
Representative of:
Fastmail.FM |
Spam checking outgoing email...
It finally got to me. Despite all the limitations (40 messages an hour), there was still a determined bunch of 419 scammers who were signing up FastMail accounts, sending 40 messages, then just throwing the account away. Clearly 419 scamming is still a lucrative business venture given the tenacity of these guys. Anyway we'd catch most of these accounts with various little checks, but by then it was too late, what we need is to proactively stop the email getting out, but we need to be quite accurate so we don't have any false positives being blocked.
So I've now finally setup spam scanning of outgoing email. Email caught is put in a hold queue and we're notified. We can then check to make sure that we've caught real spam, and release and false positives (so far very few, but glad I went with the "hold queue" idea rather than just discarding...) I'm not going to go into all the details, just in case any of them happen to read the forum, but I'll be tuning over time to make sure we keep the hit rate up and the false positive rate down. I think the effect has been pretty good already. In the first two days we caught more than I expected, but in the last 2 days it's only been 1 or 2 accounts a day (though the first 2 days was a weekend... maybe they're more active on weekends... we'll find out shorlty I guess). So I'm hoping they'll just give up pretty quickly, and we'll have one less thing to worry about. Yay. Rob |
31 Aug 2005, 07:48 PM | #2 |
Cornerstone of the Community
Join Date: Feb 2003
Location: UK (East Anglia)
Posts: 738
|
Brilliant, Rob! Thanks. Let's hope it lays that problem to rest.
|
1 Sep 2005, 12:26 AM | #3 |
Essential Contributor
Join Date: Feb 2002
Location: Selangor, Malaysia
Posts: 460
|
Wait, this worries me.
Does that mean that if somehow or another my message gets rated as spam, some Fastmail staff would be reading my email? I think it would be only fair to know the criteria of mails and what is actually being done to ensure the privacy of emails being sent out. I know all the usual stuff about how emails are sent in plain text and all, but I am still a little uncomfortable with this fact of scanning my emails and it being viewed by a real human person who is not really authorised to read it. More details please? |
1 Sep 2005, 12:56 AM | #4 |
Member
Join Date: Mar 2004
Posts: 72
|
Is it applied to paid users too?
|
1 Sep 2005, 01:04 AM | #5 | |
Cornerstone of the Community
Join Date: Apr 2002
Posts: 803
|
Quote:
|
|
1 Sep 2005, 01:08 AM | #6 |
Senior Member
Join Date: Nov 2004
Location: fgfdg
Posts: 158
|
I remember one of the FastMail staff saying that a lot of spammers use a FastMail Enhanced account... so I think it's also for paying customers...
About the privacy issue... I don't mind... have nothing to hide, but I could understand why people are worried... |
1 Sep 2005, 10:17 AM | #7 |
Intergalactic Postmaster
Join Date: Oct 2001
Location: Melbourne, Australia
Posts: 6,102
Representative of:
Fastmail.FM |
We use an algorithm to work out who to apply the checking to. Obviously our aim is to minise the manual work we have to do, so the more accurate we can get the automatic checking so that it ONLY catches true spam, the better for us, and for all users
I really don't want to go into more details about the algorithm, but I will say that it appears to be working very well. As I mentioned above, there's only been a couple of false positives, and most of those have been 419 baiters (http://www.419eater.com/) replying to 419 scammers emails. Rob |
1 Sep 2005, 11:15 AM | #8 |
Ultimate Contributor
Join Date: Sep 2001
Location: Australia
Posts: 11,501
|
In order to see whether a message is spam or not only requires looking at the 1st sentence or so - we can see a false positive without reading the whole email.
I would note however that if it's vitally important to you that no FastMail.FM admin ever sees your emails, that you really should use a different system, since our Terms of Service do specify that we may access your account as required to maintain the smooth running of the service. I think all email providers have a similar clause - since otherwise they can't do things like check accounts for spammers or fraud. People that need this level of privacy should either encrypt their emails (which is actually very easy to do) or run their own mail server. |
1 Sep 2005, 01:38 PM | #9 |
Cornerstone of the Community
Join Date: Apr 2002
Posts: 803
|
Jeremy, I don' think its about FM reading the mails... I have no issues with that... what I too am worried is that if I sent an important mail and if it gets tagged as spam, there will be a delay while someone reviews the mail and then approves it...
Would it be possible to notify the user that the mail he/she has send has been tagged as spam and will require approval from FM staff so that we know there will be a delay.. Jinu Johnson |
1 Sep 2005, 03:18 PM | #10 | ||
Ultimate Contributor
Join Date: Sep 2001
Location: Australia
Posts: 11,501
|
Quote:
Quote:
|
||
1 Sep 2005, 09:47 PM | #11 |
Cornerstone of the Community
Join Date: Oct 2001
Location: Somerville, MA, USA
Posts: 656
|
I think this is a great idea, too -- I hope it keeps us off the blacklists -- but I am quite concerned about the remote chance that a legit outgoing message is held up until it is checked -- and I am not too crazy about FM reading the message, although I understand this is allowed under the TOS.
Any idea what other email providers do? |
2 Sep 2005, 06:12 AM | #12 | |
Guest
Posts: n/a
|
Quote:
|
|
2 Sep 2005, 06:37 AM | #13 |
The "e" in e-mail
Join Date: Oct 2002
Location: Holon, Israel.
Posts: 4,859
|
One way to reduce (or eliminate) the chance of mail being delayed is to just hold a copy for review of suspected email. Or do it on two levels (higher level of suspicion gets delayed, lower level just co and let out).
|
2 Sep 2005, 09:02 AM | #14 | |
Intergalactic Postmaster
Join Date: Oct 2001
Location: Melbourne, Australia
Posts: 6,102
Representative of:
Fastmail.FM |
Quote:
To be honest, almost all users in the forum will be fine, because part of the trust metric at the moment is time since signup. Rob |
|
2 Sep 2005, 04:38 PM | #15 | |
Cornerstone of the Community
Join Date: Apr 2002
Posts: 803
|
Quote:
|
|