The good thing about this game of catchup however, is that even if spammers are modifying their techniques to try and get around SA, they're slowly painting themselves into a corner in regards to the kind of things they can say and put in messages without being detected as spam.
[...]
Thoughts anyone ?
I agree that the spammers are painting themselves into a corner. There seem to be two sorts of spam:
1: That where the message is contained in the content of the spam itself;
2: That where a url references an Internet site.
Using 2.60-CVS with RBL (no Razor/Pyzor) support on Postfix 2.0.x/amavisd-new with minimum UCE support, I see literally no spam, using a cutoff level of 7 points - but Amavis is filtering out and quarantining a large amount of UCE. Most of it is caught by header and [raw]body checks and the collective result of the RBL checks is contributing significantly, sometimes making all the difference. Even though I have a slow - 56K modem connection, there is bandwidth enough.
As Simon says, there is a limit to what spammers can do to obfuscate the content of the spam without making it unintelligible. SA is getting more and more clever at taking care of 1: above. Which leaves 2:
Even without legislation, the pressure being put on ISPs to do something positive about refusing spammers bandwidth for their sites is increasing significantly (witness the recent BBC/Spamhaus report on Cyberangels.nl and the Spanish telecom company that was gently forced to chuck out Martijn Beveland.) Reading up on the different RBL offerings, one can see that they are collectively contributing with ever-increasing effect, so that also 2: above is being taken care of.
And even the non-cooperative ISPs (too many to mention) are being forced out by the pressure put upon them by a: opinion and b. technology. The amazing (to me) thing about all of this, is that it's non-commercial.
My pity goes to those using non-open source machines. My own machine (used for sending this) is an el cheapo modem-based Compaq notebook - but running full Internet services - firewall, BIND DNS server, Postfix 2.0.12/SA 2.60, Courier Imap etc. I never paid one penny for any of this, apart from the hardware. I have the necessary knowledge to be able to use all of these. But my Norwegian daughter, running Win 98 and getting her mail with Outlook Express, finds that most of her mail is spam and she has to pay her Norwegian ISP extra for filtering her mail, or pay for a commercial spam filter.
The technology for forcing spammers to quit is available now. Legislation against individual spammers will never get the larger ones. More pressure should and must be put on all ISPs to provide an all-in solution. Legislation against ISPs providing succor to spammers could well be made to work.
Tony
-- Tony Earnshaw
Humor him and he'll go away
http://j-walk.com/blog/docs/conference.htm http://www.billy.demon.nl Mail: [EMAIL PROTECTED]
------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
