FastMail not doing enough to fight spam? - Page 2

MattJhsn · 20 Jan 2006, 12:10 PM

Quote:

Originally posted by robmueller
There appear to have been a few spammers trying out some things that have been getting around some common rules recently. Unfortunately the definition of "obvious spam" may be obvious to a human, but non-obvious to a computer program that's trying to classify emails.

I've been seeing this in the form of phishing emails. The perpatrators are maqurading as wellsfargo banking. They have a 'click here' link that doesn't go to a wellsfargo server.

My threshhold is set at '4' Does anyone have an idea on what I can do to catch these emails? Let me know if you would like to see the whole text of an email. Thanks.

-Matt

JRobert · 22 Jan 2006, 12:48 AM

Quote:

Originally posted by MattJhsn
I've been seeing this in the form of phishing emails. The perpatrators are maqurading as wellsfargo banking. They have a 'click here' link that doesn't go to a wellsfargo server.

My threshhold is set at '4' Does anyone have an idea on what I can do to catch these emails? Let me know if you would like to see the whole text of an email. Thanks.

-Matt

Changing the spam score threshold is a pretty broad brush if you're basically satisfied with your filter's performance and just want to catch one particular spammer. I'd suggest a rule that matches something(s) unique to those messages, rather than risk catching false spam.

-jeff-

n5bb · 22 Jan 2006, 01:44 AM

Welcome to the EMD Forums, Matt!

You can turn on Phishing protection in the Account Preferences screen. This will detect most emails with links which don't match the text. Unfortunately, many legitimate messages also trigger this detector.

Also a friendly comment: Before posting any message or header, you should read the Forum Rules, which state that you can't post an individual spam message.

Bill

n5bb · 23 Jan 2006, 09:59 AM

Keeping your email address off of Internet postings doesn't always solve the problem. The spammers are using common name and dictionary attacks, and they apparently send an incredibly large number of messages to nonexisting addresses in hopes that one will get through. My cable provider ISP account gets a huge amount of spam, because it's a common first initial, followed by a period and a last name that has a frequency of occurrance of maybe one in 50,000 here in the US. So if the spammers are shoving a few million random dictionary attack emails per day into Comcast, I can easily get more than one per hour by a random attack. I created an unusual alias at the ISP account and get zero spam on it.

As long as it costs the spammers practically nothing to send out spam to random addresses, they will do it. What seems to me to help is using a domain that the spammers have ignored and a username which is unusual (not in a dictionary or list of people's names).

Of course, aggressive spam filtering will remove most spam. But I recommend use of whitelisting so that everyone already in your online Fastmail address book is ignored by the spam filter.

22 Jan 2006, 01:44 AM	#18
n5bb Intergalactic Postmaster Join Date: May 2004 Location: Irving, Texas Posts: 8,930	Re: phishing and pharming Welcome to the EMD Forums, Matt! You can turn on Phishing protection in the Account Preferences screen. This will detect most emails with links which don't match the text. Unfortunately, many legitimate messages also trigger this detector. Also a friendly comment: Before posting any message or header, you should read the Forum Rules, which state that you can't post an individual spam message. Bill

23 Jan 2006, 09:59 AM	#19
n5bb Intergalactic Postmaster Join Date: May 2004 Location: Irving, Texas Posts: 8,930	Keeping your email address off of Internet postings doesn't always solve the problem. The spammers are using common name and dictionary attacks, and they apparently send an incredibly large number of messages to nonexisting addresses in hopes that one will get through. My cable provider ISP account gets a huge amount of spam, because it's a common first initial, followed by a period and a last name that has a frequency of occurrance of maybe one in 50,000 here in the US. So if the spammers are shoving a few million random dictionary attack emails per day into Comcast, I can easily get more than one per hour by a random attack. I created an unusual alias at the ISP account and get zero spam on it. As long as it costs the spammers practically nothing to send out spam to random addresses, they will do it. What seems to me to help is using a domain that the spammers have ignored and a username which is unusual (not in a dictionary or list of people's names). Of course, aggressive spam filtering will remove most spam. But I recommend use of whitelisting so that everyone already in your online Fastmail address book is ignored by the spam filter.