How do I refuse mail?

[xfoxuk]

I always clear out my held but it's growing day by day.

Is it possible to refuse to accept certain types of mail?

Ideally any mail that is blacklisted by an RBL I want to return to sender.

I don't use webmail because it's quite slow, I just use spamcop as a filter and read everything by collecting email via Eudora.

[DavidT]

Is it possible to refuse to accept certain types of mail?

Ideally any mail that is blacklisted by an RBL I want to return to sender.

No. All of the blacklisted and SpamAssassinated messages wind up in your Held Mail. You wouldn't want to literally "return to sender" because the "sender" is always bogus. The SpamCop mail servers only reject connections outright from a few historically bad senders, such as 263.net and hongkong.com, but it's a mystery at any given time as to what domains are in that category (do an "all forums" search on "badmailfrom" for a little info).

I don't use webmail because it's quite slow, I just use spamcop as a filter and read everything by collecting email via Eudora.

14367[/snapback]

But how do you check your Held Mail to see if there are any "false positives" there? If you've done enough personal whitelisting, and are confident that there will never be a false positive, then you have several choices.

You could simply ignore your Held Mail, and theoretically, it is supposed to "expire" out of the folder in 14 days (but I contend that there's currently a bug with that feature). If you choose this route, you won't be reporting any spam and won't be helping to maintain the blacklist.

Or, you could log into http://mailsc.spamcop.net/ and click on the "Held Email" link to manage your Held Mail. I sometimes do that, and I use the "Quick - report immediately and trash" option.

Or you could log in to the webmail page, and instead of actually opening your Held Mail folder, you could click on the Folders icon at the top, select (checkmark) both your Held Mail and your Trash and then use the "Emply Folder(s) option." Again, you wouldn't be doing any reporting, but this has the added benefit of making sure that both your Held Mail and your Trash are empty.

There are other choices, but that's all I have time for at the moment.

dt

[dbiel]

SpamCop mail servers only reject connections outright from a few historically bad senders, such as 263.net and hongkong.com, but it's a mystery at any given time as to what domains are in that category

This seems to be contrary to other statements regarding how mail is handled.

Can some one validate or refute this statement?

The following come from the search of badmailfrom

JT responded with this information:

QUOTE

For historical reasons, there are a small number of domain which are rejected outright. These are all old and have been there a couple of years and are, as far as I know, 100% spam.

The above statement also seems a bit strange in that SpamCop blocking lists are IP based and here the statement is domain based rejections.

It there is such a list, where would one find it?

I found the following interesting

War on spam Mail - page 1

February 5th 2002, updated February 12th 2002

Victoria Chan

UCE (Unsolicited Commercial Email). Everyone gets them, and it is very difficult to be rid of them. It is just like "middle age spread". We play a Cat & Mouse game, tightening up mail servers by disallowing known Open Relaying Mail Servers from transferring their Junk Mail Payload onto our mail servers.

Likewise, we get tonnes of spam Mail from nameless individuals through their ISP. We cannot block the ISP's domain, but the now defunct [at]home network has approached the brink of Denial of Service, as it is a spammer's haven. There is no one minding the store [at]home. Spammers often exploit free email services provided by Yahoo, Excite, MSN and many more, by signing up new accounts to operate their spam Mail game. To trap these individuals, we need to compile an updated list of known spammers. After a few weeks or months, these individuals will move on, opening up yet another new account. We need to stay one step ahead of them (or is it behind).

Stopping spam is best done at the Mail Server level, rather than at the mail client. Our mail server is qmail and uses tools such as ORBZ and SPAMCOP, to weed out the majority of spam. ORBZ keeps track of Open Relays, and SPAMCOP keeps track of known Spammers' Email server. This is not complete by any stretch. To trap out the remainder of spam Mail, we use "badmailfrom" to trap known Spammers, by "spammer[at]domain.com" or the whole domain "[at]domain.com". I have compiled 34,176 records in badmailfrom to date, and counting. The bulk of the records comes from http://basic.wirehub.nl/spamlist.txt, which is updated live, by those nice folks in Netherlands. This is grabbed by my mail server, over a fairly slow link, using lynx and parsed through a tiny perl scri_pt, which strips out comments and illegal characters. These illegal characters could halt all SMTP traffic. This Perl scri_pt puts the [at] in front of the domains; the way badmailform likes it, done in the wee hours of the morning. This parsed list is merged with a fairly static list from http://mail.ls.net/sender.php, and then merged with our own list. Our internal list is compiled from our "MAILER-DAEMON bounce-bounced" logs. We are also accepting submissions at spamcontrol[at]kendryl.net. Do not forward your spam. Just put spamcontrol in the Subject and put in either [at]domain.com or spammer[at]domain.com in the message body. You can send spamcontrol multiple entries, one entry per line, nothing else.

Now we are lurching towards 99.95%. We are posting our badmailfrom list to public domain, for anyone who wants to use our badmailfrom list. Just use the following Shell scri_pt, called badmailfrom.cron:

#!/bin/sh

cp /var/qmail/control/badmailfrom /var/qmail/control/badmailfrom.yesterday

/usr/local/bin/lynx -source http://www.kendryl.net/badmailfrom > /var/qmail/control/badmailfrom.tmp

mv /var/qmail/control/badmailfrom.tmp /var/qmail/control/badmailfrom

chmod a+rw /var/qmail/control/badmailfrom*

Use it at your own risk. There are no guarantees with it. Do not forget to chmod 744 the above scri_pt. You need lynx installed in your system, of course. No further formatting is needed, as this is our running copy. If you already have your own badmailfrom list, the above scri_pt will walk all over yours. I suggest making a backup of your old badmailfrom, and send it to spamcontrol[at]kendryl.net using the format above. Please do not send attachments

You will also need to cron a recurring job everyday between the hours of 0215hrs and 0600hrs PDT/PST. This will ensure that you get the freshest copy. I have seen potential problems with badmailfrom. All SMTP traffic will halt if there is a comment or a singular [at] burried within it. If this happens, try editing badmailfrom (if you can find it). If you cannot, try deleting it and go back to the previous days. This has happened to us a few time over the last few days, when we were tweaking our perl scri_pt. It is poetic justice when web-bots harvest all those emails in our badmailfrom. Many thanks to Johan's qmail page for giving me this idea.

Die spam Die! spam Mail that is.

[DavidT]

This seems to be contrary to other statements regarding how mail is handled.

Can some one validate or refute this statement?

Hopefully, someone will step forward and let us both know.

The above statement also seems a bit strange in that SpamCop blocking lists are IP based and here the statement is domain based rejections.

The "badmailfrom" is not IP-based, it's based on the "envelope-from" and is done before the email is checked against the BLs.

It there is such a list, where would one find it?

It's a system-level file only accessible to the system administrator...that's why I wrote this..."it's a mystery at any given time as to what domains are in that category"... in my previous message.

I found the following interesting

14372[/snapback]

Yes, that's simply another unrelated site that's using the "badmailfrom" technique, and they've published their own list.

dt

[doctorj]

No. All of the blacklisted and SpamAssassinated messages wind up in your Held Mail. You wouldn't want to literally "return to sender" because the "sender" is always bogus. The SpamCop mail servers only reject connections outright from a few historically bad senders, such as 263.net and hongkong.com, but it's a mystery at any given time as to what domains are in that category (do an "all forums" search on "badmailfrom" for a little info).

...

There are other choices, but that's all I have time for at the moment.

dt

14370[/snapback]

Why can't spamcop reject connections from all servers listed in the spamcop db, at least on a selected per account basis? We have been using a filter on our server which checks against spamcops db and it shows listed servers by IP address, i.e.

http://www.spamcop.net/bl.shtml?216.52.234.108

This ip address is not currently listed but was at one time. Out of thousands (or more?) emails tagged by spamcop only a few were legitimate for me. I would rather those few, maybe only one company, have to address their problem to be able to send to me than for me to have to process the thousands of spam messages.

Stephen

[StevenUnderwood]

Why can't spamcop reject connections from all servers listed in the spamcop db, at least on a selected per account basis?

Because that is not the stated mission of the spamcop email service. With enough programming time and resources, it COULD be done, but that does not mean that the administration WANTS it done that way.

For one thing, a large percentage of the users of spamcop email are also reporters, so they would want the messages coming through to the held mail folder for that purpose. Addresses will not stay on the BL unless they continue to be reported.

Another is the complexity and resources. You would need to know not only what bl's were being used by each user before accepting each message but also whether the message should be accepted or rejected based on those settings.

Then you will have the person who does not understand what their settings really mean coming here complaining that they did not get their message from X.

Basically, I don't think it is within the scope of spamcop's email service. It might be something you would want to setup for yourself and start selling the service to others, however. It would be easier to configure a whole service to simply reject bl'ed IP's than to have mixed settings.

[dbiel]

Why can't spamcop reject connections from all servers listed in the spamcop db, at least on a selected per account basis? We have been using a filter on our server which checks against spamcops db and it shows listed servers by IP address, i.e.

http://www.spamcop.net/bl.shtml?216.52.234.108

This ip address is not currently listed but was at one time. Out of thousands (or more?) emails tagged by spamcop only a few were legitimate for me. I would rather those few, maybe only one company, have to address their problem to be able to send to me than for me to have to process the thousands of spam messages.

Stephen

18094[/snapback]

You failed to mention how you access your mail. If you are using the webmail interface, simply set up your filters to pull out the listed items and send them to the trash.

Also check out the link How I use spam Cop, A detailed example you may find some useful information there.

[StevenUnderwood]

dbiel:

If he does that then the sender gets no notification that the message was not received and

I would rather those few, maybe only one company, have to address their problem to be able to send to me than for me to have to process the thousands of spam messages.

could not happen.