• How to detect spam in "high privacy" mode? [IMAP/personal mailbox]

    From Andrzej Adam Filip@21:1/5 to All on Sun Apr 25 17:01:23 2021
    I personally use
    bogofilter first and spamassassin in network mode for "more likely spam".

    I want to avoid DNS-BL and bulk detector queries for "more likely ham".
    I treat them as privacy threat.

    1. Are there any tools operating in such mode?
    2. How to make spamassassin operate in similar mode?

    --
    A. Filip

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From David Ritz@21:1/5 to Andrzej Adam Filip on Tue Apr 27 16:13:51 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    On Sunday, 25 April 2021 17:01 -0000,
    in article <anfi+8lvbnhhn0f-l4p0@wp.eu>,
    Andrzej Adam Filip <anfi@onet.eu> wrote:

    I personally use
    bogofilter first and spamassassin in network mode for "more likely spam".

    I want to avoid DNS-BL and bulk detector queries for "more likely
    ham". I treat them as privacy threat.

    How does a reputation check, through a second party service, affect
    privacy? Do any and all DNS query do the same? What about WHOIS?

    1. Are there any tools operating in such mode?
    2. How to make spamassassin operate in similar mode?

    SpamAssassin is designed specifically to benefit from DNSbl and URIbl
    checks.

    - --
    David Ritz <dritz@mindspring.com>
    Be kind to animals; kiss a shark.

    -----BEGIN PGP SIGNATURE-----

    iF0EARECAB0WIQSc0FU3XAVGYDjSGUhSvCmZGhLe6wUCYIh+jwAKCRBSvCmZGhLe 63ShAJ93h5DcB8guw4jA1O0Riau/rUxzUQCeOhtGSugnHf5ULXahxwOOQ+HPEqo=
    =7ev5
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Andrzej Adam Filip@21:1/5 to David Ritz on Thu Apr 29 18:27:40 2021
    David Ritz <dritz@mindspring.com> wrote:
    On Sunday, 25 April 2021 17:01 -0000,
    in article <anfi+8lvbnhhn0f-l4p0@wp.eu>,
    Andrzej Adam Filip <anfi@onet.eu> wrote:

    I personally use
    bogofilter first and spamassassin in network mode for "more likely spam".

    I want to avoid DNS-BL and bulk detector queries for "more likely
    ham". I treat them as privacy threat.

    How does a reputation check, through a second party service, affect
    privacy? Do any and all DNS query do the same? What about WHOIS?

    I consider sending DNS(BL) queries about every email/ham received
    needless exposure of email/ham source and fetch time.

    1. Are there any tools operating in such mode?
    2. How to make spamassassin operate in similar mode?

    SpamAssassin is designed specifically to benefit from DNSbl and URIbl
    checks.

    Spamassassin can be use in "local test only" mode (--local).

    --
    A. Filip

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From David Ritz@21:1/5 to Andrzej Adam Filip on Sat May 1 12:56:34 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    On Thursday, 29 April 2021 18:27 -0000,
    in article <anfi+5vocj9q4pf-l4t4@wp.eu>,
    Andrzej Adam Filip <anfi@onet.eu> wrote:

    David Ritz <dritz@mindspring.com> wrote:

    On Sunday, 25 April 2021 17:01 -0000,
    in article <anfi+8lvbnhhn0f-l4p0@wp.eu>,
    Andrzej Adam Filip <anfi@onet.eu> wrote:

    I personally use
    bogofilter first and spamassassin in network mode for "more likely spam".

    I want to avoid DNS-BL and bulk detector queries for "more likely
    ham". I treat them as privacy threat.

    How does a reputation check, through a second party service, affect
    privacy? Do any and all DNS query do the same? What about WHOIS?

    I consider sending DNS(BL) queries about every email/ham received
    needless exposure of email/ham source and fetch time.

    As most ham comes from known and/or trusted sources, I whitelist prior
    to feeding my mail through SpamAssassin. This precludes the need the
    need for network checks, ie. DNSBL, URIBL or HashBL. As such, there
    is only a small chance expected and legitimate mail will be subjected
    to such checks, exposing exactly nothing.

    1. Are there any tools operating in such mode?
    2. How to make spamassassin operate in similar mode?

    SpamAssassin is designed specifically to benefit from DNSbl and
    URIbl checks.

    Spamassassin can be use in "local test only" mode (--local).

    Yes, it can be. I, for one, find network checks invaluable, for my
    personal mail stream.

    Subject: [spam: 139.6] Payment of US$5,550,000.00 to your account
    Subject: [spam: 105.5] Urgent
    Subject: [spam: 100.3] LUCKY WINNER
    Subject: [spam: 108.0] I AM SORRY TO ENCROACH IN TO YOUR PRIVACY!!
    Subject: [spam: 103.9] Get back to me !!!
    Subject: [spam: 124.2] PRIVATE AND CONFIDENTIAL
    Subject: [spam: 101.2] Investment Of Bearer Bonds ( Very Urgent Needed.)
    Subject: [spam: 111.1] Get back to me !!!
    Subject: [spam: 106.5] Get back to me !!!
    Subject: [spam: 100.5] YOUR URGENT ATTENTION IS HIGHLY NEDED

    Of course, if you are checking against a large number of mail boxes,
    the problem becomes one of volume, for the service against whose
    database the checks are being made. At a high enough volume, such
    queries become abusive for the data provider. Some services offer
    subscription services, such as the Spamhaus Data Query Service.

    https://www.spamhaus.org/datafeed/

    In this instance, database entries are synchronized to local, using
    rsync, obviating the need for individual DNS queries per host.

    - --
    David Ritz <dritz@mindspring.com>
    Be kind to animals; kiss a shark.

    -----BEGIN PGP SIGNATURE-----

    iF0EARECAB0WIQSc0FU3XAVGYDjSGUhSvCmZGhLe6wUCYI2WUgAKCRBSvCmZGhLe 62+kAKDDNc0wyvSiQLoqW/4doYIgj0axjgCgykQ9oEC2NHQEIDnJNjyOwzpPif8=
    =Bfaw
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)