Eradicating spam with SpamAssassin

Dan Kohn dan@dankohn.com
Sun, 14 Apr 2002 22:49:12 -0700


I have gotten SpamAssassin [1] set up as a mail proxy so that all likely
spam are tagged as such and automatically filtered to a separate
mailbox, where I can check for false positives at my convenience.  You
can see exactly how I did this below.

Am I nuts in thinking that nearly everyone on the Internet would like a
similar service, and many of them are willing to pay for it?

All that seems necessary is a regular x86 Linux box running
SpamAssassin, qmail, procmail, and Apache and a web interface to make
configuring all this trivial.  As I have done below, you could set this
up with a well-known public email address and a private one only used by
this server.

One could even avoid the step of having public vs. private email
addresses by creating a filter on your mail user agent (e.g., Outlook)
to send all mail to this server that does not have a X-Spam-Status
header.  The server would run SpamAssassin on the mail and forward the
mail back to the user.  All of this could and should be configured with
a single forms web page that also has you enter your credit card.  How
does $50 a year sound for the service, with a money back guarantee, of
course?

Well, does anyone want to put this together?  I'm happy to pay the
upfront costs for the business.



Here are the details of my SpamAssassin configuration:

The spam headers added look like this:

Subject: *****SPAM***** FW:  dan , Your first targeted e-mailing is FREE
X-Spam-Status: Yes, hits=3D15.0 required=3D5.0
tests=3DCLICK_BELOW,OPT_IN,EMAIL_MARKETING,BULK_EMAIL,MAILTO_WITH_SUBJ,LI=
N
E_OF_YELLING,MAILTO_LINK,A_HREF_TO_REMOVE,CLICK_HERE_LINK version=3D2.11
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 2.11 (devel $Id: SpamAssassin.pm,v
1.68 2002/03/04 01:22:24 hughescr Exp $)
X-Spam-Prev-Content-Type: multipart/alternative;
	boundary=3D"----_=3D_NextPart_001_01C1E436.FAD84260"
X-Spam-Report: Detailed Report
SPAM: -------------------- Start SpamAssassin results
----------------------
  SPAM: This mail is probably spam.  The original message has been
altered
  SPAM: so you can recognise or block similar unwanted mail in future.
  SPAM: See http://spamassassin.org/tag/ for more details.
  SPAM:=20
  SPAM: Content analysis details:   (15 hits, 5 required)
  SPAM: Hit! (0.9 points)  BODY: Asks you to click below
  SPAM: Hit! (2.0 points)  BODY: Talks about opting in
  SPAM: Hit! (2.0 points)  BODY: Talks about email marketing
  SPAM: Hit! (0.8 points)  BODY: Talks about bulk email
  SPAM: Hit! (1.7 points)  BODY: Includes a link to send a mail with a
subject
  SPAM: Hit! (2.7 points)  BODY: A WHOLE LINE OF YELLING DETECTED
  SPAM: Hit! (-0.2 points) BODY: Includes a URL link to send an email
  SPAM: Hit! (3.5 points)  BODY: Link to a URL containing "remove"
  SPAM: Hit! (1.6 points)  BODY: Tells you to click on a URL
  SPAM:=20
  SPAM: -------------------- End of SpamAssassin results
---------------------


To set this up, I found a kind soul willing to install procmail and
SpamAssassin and give me a user account on his Unix box.  I then set up
a .forward with:

     "|IFS=3D' ' && exec /usr/bin/procmail -f- || exit 75 #dan"

I created .procmailrc with:

     :0fw
     | /usr/bin/spamassassin -P

     :0      # All messages
     ! dan@myprivateaddress.example    # A private address

I then made a .spamassassin/user_prefs with:

     rewrite_subject       1
     report_header         1


I then forwarded dan@dankohn.com to the account on the Unix box, which
then forwards to dan@myprivateaddress.example.

Which brings me to my question

          - dan
--
Dan Kohn <mailto:dan@dankohn.com>
<http://www.dankohn.com/>  <tel:+1-650-327-2600>
Essays announced on <mailto:dankohn-subscribe@yahoogroups.com>