Using Electronic Mail on the local system

Controlling spam mail with STAMP

Author: L.S.Lowe. File: mailstamp. This update: 20071205. Part of Guide to the Local System.

Introduction

I've been receiving something like 50 to 70 spams a day, under my various mail ids and project mailing lists. You may have similar problems.

But with my new email setup, 98% of these spams are ending up in my new spam folder. I just check this occasionally for false positives, and clear it out from time to time. Just like I do on a hotmail/yahoo account.

Around 65% of these spams are identified as such by the campus STAMP spam filter/flagger. About 40% of them are identified as such by the CERN SPAM flagger*. There is not surprisingly some overlap and 80% of the total are picked up by one or both of these methods. Around 20% of them are identified by neither of them but are picked up by my local extra spam rules.

Clearly then

  • the campus STAMP system is an important tool in recognising spam.
  • For those who are on CERN mailing lists, their SPAM flagging is important too.
  • And the third important element is some extra local reactive rules to pick up as much of the remainder as possible.
If you want to achieve something similar, read on ....

* Note: of course this does not imply that the CERN spam flagger is less successful than STAMP, because only a proportion of my email comes from CERN!

Note too: a small number of spams, around 30 per day for the whole group, are rejected via a sendmail ruleset before being received, because they have an envelope sender domain which is not DNS-registered and is therefore fake.

Background

It would be quite difficult for a research group such as ourselves to control incoming spam alone. A large organisation like hotmail and yahoo mail or even the university gets a better view of when incoming mails follow a particular pattern and are relayed to a large proportion of the users, and so could be spam. Also a large organisation receives the email directly from the spammer, making it easier to check the sending IP address against black-lists, whereas our mail server receives email via the central mailer, one step removed.

The STAMP spam filter/flagger

The campus STAMP spam system can be called a filter/flagger because it rejects highly-likely spam at the initial delivery stage, and so is a filter, and it flags other spam so it is delivered but can be identified as probable-spam.

There is no need to register to use the STAMP system, as it is an intrinsic part of the campus incoming mail system.

There is a further local document which tells you how you can set up the system to deal with your spam when it arrives.

L.S.Lowe