"Robert11" <> wrote in message
news:Qr2dnZop2J54d1rfRVn-...
> Hello:
>
> Not too sharp with this stuff.
>
> re Spam.
>
> a. I see that a lot of the e-mail spam I get does not have my true
> e-mail address on it.
> Has the @comcast.net O.K., but not my real prefix.
> How does it make it, therefore, to me ?
The headers are NOT used to route e-mail. The commands that the e-mail
client sends to the SMTP server are used to determine who gets a copy of
the e-mail. Although users tend to separate the headers from the body,
those are just different portions of the same message (i.e., the top
portion seperated by a blank line from the bottom portion). Mail
servers can prepend onto the headers (i.e., add to the message). Where
the message gets sent depends on the RCPT-TO command the e-mail client
sends to the SMTP server, and that information is never contained within
the message. All the headers and the body of the message are contained
within the DATA command the e-mail client uses to send the content of
the message; i.e., it is all data which means the e-mail client can put
anything it wants in the headers, since that is data, too, and then send
it anywhere independently of those headers according to the recipient(s)
listed in the RCPT-TO command. If you want to know more, read RFC 2821,
Simple Mail Transfer Protocol (SMTP).
> b. Anyone using the Comcast spam blocker ?
> Work well, etc. ?
I do. Leave it enabled. It will put spam into the Screened Mail
folder. Although they recommend that you occasionally use their webmail
interface to check this folder in your mailbox, I don't bother. Their
filter has to been "loose" to avoid or reduce false positives (to
eliminate complaints from their customers) and why some spam still leaks
past.
> c. Would like to find a free, or inexpensive, blocker.
> Can anyone suggest any good, and hopefully, simple ones, please ?
SpamPal (
www.spampal.org). Completely free (not adware, bannerware,
crippleware, demoware, or any of that crapware), although the author
will accept optional donations. It primarily detects spam using DNSBLs
(DNS blacklists) of known spam sources but each blacklist behaves
differently so you need to decide which ones to use. SPEWS does not
identify spammers but instead rates the trustworthiness (or spamminess)
of ISPs and e-mail providers, so they cut across a large swath of IP
addresses, if not all of them, for an ISP or e-mail service. They don't
identify spammers but instead identify spam-friendly or spam-lazy
providers and rely on coercion to get the non-spamming victims at those
domains to bitch to their provider to get rid of the spammers there. I
use SpamHaus SBL+XBL, ORDB, SpamCop, NJABL, and SORBS along with several
plugins that add other methods of detecting spam than using blacklists.
The Bayesian plug-in detects spam based on word weighting in a database
and is affected by your history of e-mails (so it helps to have a set of
good and bad e-mails to pre-train the filter; otherwise, it can be
several days or a couple weeks before it gets enough e-mails to learn
which ones are spam and which are okay). SpamPal's Bayesian filter can
also learn from SpamPal and the other plug-ins. The MXblocking plug-in
eliminates spam that originates from infected PCs running trojan mailers
(because they have dynamic IP addresses because they are dial-up or
cable/DSL users). The RegEX plug-in gives you regular expressions that
go far beyond what you could define for rules in your e-mail client. I
haven't needed to use the RegEX plug-in because SpamPal and the other
plug-ins work superbly. The HTML-modify plug-in not only detects HTML
spammy mails but can neuter them (although it may duplicate some
features already available in your e-mail client).
SpamPal runs as a proxy. Previously you had to reconfigure your e-mail
client's accounts to go through the proxy but they have a wizard now to
do that (but I prefer editing the account properties myself). SpamPal
works with any POP3/SMTP compliant e-mail program. However, it does not
support SSL which, for example, is required by Gmail and some ISPs also
provide secured login ports for their SMTP and POP3 servers. SSL
connects only secure your login credentials (username and password) and
NOT the content of your inbound and outbound messages. You'll need to
use encryption within your e-mail client to secure the content of your
messages. You can use sTunnel to provide SSL login connects for SpamPal
(or SSL for other applications) but it isn't easy to setup (well, ease
depends on your expertise).
> d. If possible, would like to be able to denote what is to be
> blocked, rather than all the ones I do want to get thru.
> Is this possible, or do the idiots who do this continually change
> their From addresses ?
Filtering on the From header is worthless. Spammers always change that
value and it is bogus or points at someone else. That's why users
sometimes ask how big the blocked senders list can get because they have
been fruitless attempting to block spam on an ever-changing header
value.
SpamPal has a whitelist where you can specify recipients that you always
want to receive their e-mails. There is also the trick of adding a
passcode or magic string to the Subject or to your name (in the To/Cc
headers) which a rule will allow to pass or keep in the Inbox. SpamPal
tags which e-mails are spam and it is up to you by defining rules in
your e-mail client to decide what to do with them. So, besides the
whitelisting in SpamPal, you could define a rule that keeps e-mails from
known senders in your Inbox (or move them to a "trusted" folder).
Outlook can define a rule based on an entire contact folder (i.e.,
address book) of known senders but Outlook Express doesn't so you end up
having to create a rule which is effectively a whitelist that you could
just as easily put in SpamPal. Nope, unfortunately SpamPal doesn't have
an address book import feature, but you could export your contacts and
edit that list so it can be used as a whitelist by SpamPal.
There are other anti-spam products available. SpamPal is free and
supported by its author and has a help forum for the community.
SpamBayes operates as a plug-in to Outlook (so it is only functional
within Outlook) and only provides Bayesian filtering; however, I believe
it can be ran as a local proxy similar to SpamPal to alllow its use by
other POP3/SMTP e-mail clients. Mailwasher is another choice (but NEVER
enable its bounceback function) which also uses blacklists. It used to
be free but I haven't checked in awhile, plus they never route any
donations to the blacklists (which are free) to support the service on
which they rely for their *commercial* product (they don't participate
but instead are just greedy).
A better group to ask about getting rid of spam is alt.spam. Or ask in
a group related to whatever e-mail client you use.
Similar Threads
