Home

General Information About Spam Handling

This is generalized information on Spam. For specific spam filtering setup instructions, please read the spam filtering setup instructions.

Spam appears to be inevitable and growing. Generally, the longer you have an email address, the more spam that address will receive. Email addresses are discovered by spammers in many ways. These include:

  • Signing up on websites with your email address.
  • Replying to spam messages or attempting to "opt out" of a spammer's list.
  • Opening a spam message that contains an image or javascript.
  • Spammers "sniffing" email addresses that travel through unsecured networks to legitimate email destinations or websites.
  • Any person who has your email address can expose it voluntarily or accidentally.
  • Spammers often randomly "guess" at likely email addresses.

It may seem wise to try hiding your email address from spammers. Obscurity rarely is effective, even over a short time period. Your email address will be discovered by spammers. Having good tools and practices are the most effective means to minimize the impact of spam.

Dangers of Spam Filtering

If you cause all of your email to pass through automated spam filters, errors are inevitable. Some spam will manage to slip by. Conversely, and more damagingly, good email that you want may get misidentified as spam.

If you choose to utilize public "blacklists" that purport to identify known spam relays, errors will still occur with similar consequences, except that any corrections are out of your control.

It can be difficult balancing between how much spam you could potentially receive vs. how likely a message might be misidentified. Fortunately, we have good, flexible tools to aid us.

Where Spam Filtering Occurs

When you send an email message to someone, your email program sends it to the outgoing mail server defined by your organization or ISP. That mail server then looks at where the email is destined, and begins to relay it. Your message may pass through several mail servers before reaching its destination, and all along the way your email address is vulnerable to sniffing. Having secure channels between all servers can help, but this is rarely the case.

Similarly, when you receive email, it has passed through several servers, arriving at your local, destination server that holds your Inbox. Your email program contacts this local server to gather messages from your Inbox.

Spam filtering can be done in two main places:

  • Your mail server
    This happens before it reaches your mail program. This means that no matter which mail program you use, the spam filtering will work.
  • Your mail program (client)
    This happens after mail server processing and is completely within your control.

Generally, is best to have spam filters on both the server and client sides. The server-side spam filters can be set more trusting, resulting in fewer misidentifications, while the client-side remains the second line of defense, in complete control of the end user.

Server-side Spam Filtering

Server-side spam filtering can be both effective and flexible. It occurs before an email arrives in the Inbox. As such, it can utilize any aggregate spam identification information available from other users. Also, email can be weighed and sorted based upon spam likelihood and placed in the appropriate user folders, which keeps spam out of user Inboxes.

Server-side spam filtering also allows the mail server to consult various online databases to help identify spam, or any other number of spam identification techniques that are possibly unavailable to a user's email client program.

The principle drawback of server-side spam filtering is the distance between the server and the end user's mail client program. Unless the server provides a user interface, the user has little control over the server-side spam filtering. Even if the server does provide an interface, it means the user will sometimes have to visit a place outside of their email program to deal with their spam messages.

Client-side Spam Filtering

Client-side spam filtering is completely within the control of the end user. It is implemented by the user's email client program, and each client program has different ways in which they handle spam.

Usually this is not an issue since end users tend to choose an email client program and stick with it. As such, they become familiar with its spam filtering capabilities. These capabilities can differ widely between email client programs, and some email clients have more effective spam filtering capabilities than others.

Client-side spam filtering is the best option for giving the end user the greatest degree of flexibility and control over what they do and do not want to see. Whereas server-side spam filtering may be considered optional, client-side spam filtering is not.

Effective Spam Filtering

The best spam filtering results are achieved by filtering on both the server and client sides. Generally, the server-side filtering should be less strict, relying on the end user's client program to make the truly tough decisions about what is spam, and what is not. This keeps control in the hands of the user, where it belongs.

Regardless of whether spam filtering is being handled server or client-side, a responsibility rests upon the end user to "train" these filtering programs about what is, and is not spam. The more an end user marks messages as spam, or not spam, the more improvement the end user will see in the accuracy of their spam identification. Some messages will always be misidentified from time to time, but if the end user is patient and vigilant with their training, improvements will always occur.

Keeping software up-to-date on the server and client is also critical. New heuristics and algorithms available with a software release may exhibit enormous improvements, not to mention security considerations.

Another key to effective spam management is considering what you want done with messages thought to be spam. Even if you receive thousands of spam email messages per day, having good practices can minimize or even eliminate the impact on your Inbox

Managing Large Volumes of Spam

The older an email address, the more spam that email address will receive. Many people choose to eliminate older email addresses in favor of new ones that are unknown to spammers. Doing this is simply running away from a monster that will, once again, inevitably catch you.

After following the suggestions above in "Effective Spam Filtering" a user may still find unmanageable the number of spam messages they receive. Fortunately something can still be done to minimize the impact large volumes of spam can have upon the user. The technique outlined below is specific to software configurations available in the Open Source world, and specifically to Orbis Lumen provided configurations, though certainly not limited to it!

When email arrives on the mail server it is analyzed and given a numeric "score" that indicates its spam likelihood. The higher the score, the more likely the message is spam, according to the server. This score is written into the header of every mail message received, and this header can be looked at by both the server, and the client software to manage incoming email messages more effectively.

We can tell our software that even messages with a very low score will be considered spam, and kept from our Inbox, to be placed in a low-score spam folder instead. Similarly, email messages with middle and higher spam scores will be placed in separate middle and high-score spam folders instead of our Inbox.

Doing so will dramatically decrease the number of spam messages that arrive in the Inbox. However, it is possible that some of the messages in the "low score" spam folder might be true messages, and not spam. These the user can skim through from time to time, marking any of them as "not spam" if the server mistook them. The vast majority of messages will, however, be contained in the "higher score" spam folders, which can be scanned through if desired, or just deleted outright, en masse.

We have found that sorting incoming mail into different folders based up spam likelihood scores allows users to receive literally thousands of spam messages per day with little or no impact upon their productivity. Also, it retains all messages so the end user can verify and make adjustments as they choose to.

For information on how to enable this feature on your Orbis Lumen mailbox, please read the spam filtering setup instructions. Similar approaches can easily be set up on customer systems running Linux. Please contact us if you need assistance or have any questions.

In Summary

  • Keep your software, both server and client-side, updated.
  • Use your software to mark spam messages -- keep it trained.
  • Set up filters to route spam messages out of your Inbox in an intelligent way.