Friday, November 18, 2005

Nuclear Elephant writes "After six months of development, DSPAM v3.6 has been released. The most notable change is the series of new features added to make an anti-spam gateway appliance possible (Knoppix anyone?). Version 3.6 also includes a highly accurate alternative to Bayesian filtering known as Markovian discrimination, based on Bill Yerazunis' research. Other significant enhancements include trusted sender whitelisting, integrated Clam Antivirus and LDAP support, a centralized spam training alias, and a new dependency-free storage driver. Much of the documentation has also been rewritten to make installation easier. A change log and release notes are also available. Slashdot has recently featured a review of the author's book, Ending Spam and an interview as well." DSPAM v3.6 Released Log in/Create an Account | Top | 94 comments | Search Discussion Display Options Threshold: -1: 94 comments 0: 88 comments 1: 81 comments 2: 50 comments 3: 13 comments 4: 7 comments 5: 3 comments Flat Nested No Comments Threaded Oldest First Newest First Highest Scores First Oldest First (Ignore Threads) Newest First (Ignore Threads) The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way. Comparison to other tools (Score:2, Insightful) by Puramoca (703835) on Monday October 17, @08:07AM (#13808304) It would be interesting to compare this version to other spam filters and see how it measures. [ Reply to ThisRe:Comparison to other tools by gvc (Score:3) Monday October 17, @08:52AMRe:Comparison to other tools by pushf popf (Score:2) Monday October 17, @11:09AM finally (Score:1) by antivoid (751399) on Monday October 17, @08:14AM (#13808333) (http://www.antivoid.za.net/) Finally a decent anti-spamming utility. There's been a lot of hype around this product and it is not out of place. I like the way its (at least partially) integrated to clam(win?). I still feel it wont be long for spammers to find ways around this tool... but for now, great, im definately using it. [ Reply to This Windows and Exchange. (Score:5, Interesting) by Jaruzel (804522) on Monday October 17, @08:15AM (#13808337) (http://www.mattowen.com/) I know I'm going to get mauled over this quesiton... but has anyone compiled it on Windows 2003 server ?For practical reasons I don't have linux in my test lab, and I'd like to have DSpam on my Webserver which is running IIS6 and Windows 2003 Server.I can see I need to run it in SMTP mode with a relay to my Exchange box, but I don't want to waste my time trying to compile it (using Visual Studio), if someone already knows it wont work.-Jar. [ Reply to ThisMost likely need cygwin. by khasim (Score:2) Monday October 17, @08:26AM Re:Windows and Exchange. (Score:5, Informative) by myspys (204685) on Monday October 17, @08:40AM (#13808400) (http://septum.org/) from the FAQ (http://dspam.nuclearelephant.com/faq.shtml#1.15 [nuclearelephant.com])Q. Does it work with Windows?A. v3.2 is the first to include a Windows build supplement, which includes the necessary Visual C++ project files and portage to compile the agent and tools under Windows. Check out the win32/ directory in the source tree for more information. Win32 support is still unofficial, but seems to work well. Of course getting it compiled is one thing, getting it integrated is another. It's probably best to build it under Cygwin using the general distribution. [ Reply to This | ParentRe:Windows and Exchange. by wwwillem (Score:2) Monday October 17, @10:09AM Linux Router (Score:4, Interesting) by Stavr0 (35032) on Monday October 17, @08:46AM (#13808421) (http://slashdot.org/~Stavr0/journal/ | Last Journal: Friday May 20, @01:10PM) I know I'm going to get mauled over this quesiton... but has anyone compiled it on Windows 2003 server ?(Release the hounds!)How about getting it compiled into a Linksys WRT54G router firmware i.e Sveasoft firmware? [ Reply to This | Parent Re:Linux Router (Score:4, Informative) by op00to (219949) on Monday October 17, @08:57AM (#13808474) DSPAM, as it's running in my cluster, is using way more ram than the WRT54G physically has. Probably not a good idea to run it on that little box. [ Reply to This | ParentRe:Linux Router by maggard (Score:2) Monday October 17, @12:05PMRe:Windows and Exchange. by Nuclear Elephant (Score:1) Monday October 17, @10:11AMRe:Windows and Exchange. by Jaruzel (Score:2) Monday October 17, @12:18PM SPAM (TM) (Score:1) by Uukrul (835197) on Monday October 17, @08:21AM (#13808350) There isn't any trademark problems with DSPAM?SPAM [spam.com] is a registered trademark of Hormel Foods Corporation, and DSPAM aren't the Monty Python [montypythonsspamalot.com]. [ Reply to This Still getting on Hormel's nerves, I suppose (Score:1, Informative) by Anonymous Coward on Monday October 17, @08:30AM (#13808377) DSPAM is also noted for their trademark spat with Hormel, who tend to be nice about "spam" as a term until it's spelled in all-caps. (Previous Slashdot coverage.) [slashdot.org] [ Reply to This Too late (Score:3, Funny) by mordors9 (665662) on Monday October 17, @08:30AM (#13808381) But the great news is this product is no longer needed. After all the FBI has put a stop to all of that: http://www.detnews.com/2005/technology/0510/16/B01 -349738.htm [detnews.com](For those that are easily confused, the comment was tongue in cheek) [ Reply to This1 reply beneath your current threshold. Try DSPAM (Score:4, Informative) by ajs (35943) <ajs@ajsELIOT.com minus poet> on Monday October 17, @08:41AM (#13808407) (http://www.ajs.com/~ajs/) I'm a long-time proponent of and rare contributor to SpamAssassin, and I'll continue to be, but fighting spam is much like fighting disease: you have to diversify your defenses. DSPAM is a nice package, and is very well designed. I've spoken to the author in the past, and he has an excellent understanding of the complexities of the issue (as opposed to the legions of people who seem to think that spam filtering should be easy, given the right algorithm).As far as I'm concerned there are two tools for spam filtering: DSPAM and SpamAssassin. Try them both. See what fits your needs. My impression is that SpamAssassin provides more knobs and buttons and is more easily extended by the casual user, but DSPAM can be lighter weight. Both are highly accurate, with very low false positive rates. [ Reply to ThisRe:Try DSPAM by gvc (Score:2) Monday October 17, @09:05AMRe:Try DSPAM by imroy (Score:2) Monday October 17, @10:11AMRe:Try DSPAM by gvc (Score:3) Monday October 17, @10:29AMRe:Try DSPAM by ajs (Score:2) Monday October 17, @10:15PMRe:Try DSPAM by gvc (Score:2) Monday October 17, @10:25PMRe:Try DSPAM by jaseuk (Score:1) Monday October 17, @09:30AMRe:Try DSPAM by gvc (Score:3) Monday October 17, @10:41AMRe:social effects by ToyKeeper (Score:1) Monday October 17, @01:56PMRe:social effects by gvc (Score:2) Monday October 17, @02:04PMRe:social effects by jaseuk (Score:1) Monday October 17, @06:47PMSolution by lorcha (Score:2) Monday October 17, @12:20PMRe:Try DSPAM by ToyKeeper (Score:1) Monday October 17, @02:31PMRe:Try DSPAM by cloudmaster (Score:2) Monday October 17, @03:33PMRe:Try DSPAM by ToyKeeper (Score:1) Monday October 17, @05:48PMRe:Try DSPAM by cloudmaster (Score:2) Monday October 17, @06:30PM Thanks, but... (Score:1) by Kagura (843695) on Monday October 17, @08:43AM (#13808410) I use Gmail. :) [ Reply to ThisRe:Thanks, but... by Slashcrap (Score:1) Monday October 17, @09:22AMRe:Thanks, but... by Talinth (Score:1) Monday October 17, @09:36AMRe:Thanks, but... by Slashcrap (Score:1) Monday October 17, @09:43AMRe:Thanks, but... by shaitand (Score:2) Monday October 17, @09:46AMSo do I... and it could so easily be improved! by hobbit (Score:2) Monday October 17, @02:27PM A 'chicken-and-egg' random thought (Score:2) by TVmisGuided (151197) <`moc.liamtnirps' `ta' `pmujwa'> on Monday October 17, @08:43AM (#13808411) This is one of those things that makes me wonder...which "side" is pushing the technological envelope further and faster, the {spammers | malware slimers | virus breeders} or those who develop to defeat them?Since it's generally agreed that history is written by the winners of a given conflict, I guess we won't have an answer to that until the war's over.This comment generously brought to you by a severe lack of caffeine. [ Reply to ThisRe:A 'chicken-and-egg' random thought by EpsCylonB (Score:2) Monday October 17, @09:15AM curious about MD (Score:1) by jkind (922585) on Monday October 17, @09:09AM (#13808518) (http://www.milliondollarsweethearts.com/) How well does "Markovian discrimination" work in practice? It sounds fascinating, but what is the false-positive rate that can be expected on average?? Geez from dealing with spammers to working with the crap DiamondTouch, Yerazunis is a real glutton for punishment :) [ Reply to ThisRe:curious about MD by junics (Score:1) Monday October 17, @09:30AMRe:curious about MD by Antique Geekmeister (Score:2) Monday October 17, @09:30AMRe:curious about MD by jkind (Score:1) Monday October 17, @09:41AMRe:curious about MD by Nuclear Elephant (Score:2) Monday October 17, @10:05AMRe:curious about MD by jshaped (Score:1) Monday October 17, @11:07AMRe:curious about MD by Nuclear Elephant (Score:2) Monday October 17, @12:10PMRe:curious about MD by markhb (Score:2) Monday October 17, @11:15AM1 reply beneath your current threshold. OpenBSD port (Score:3, Informative) by chrysalis (50680) on Monday October 17, @09:43AM (#13808727) (http://www.manucure-pro.com/) The OpenBSD port can be downloaded from ftp://ftp.00f.net/misc/port-dspam-3.6.0.tar.gz [00f.net] [ Reply to This Enhancement? (Score:1) by hazzey (679052) on Monday October 17, @10:48AM (#13809129) (http://www.hobowarstips.com/) ...significant enhancements include trusted sender whitelisting...I thought that whitelisting had been a feature of every email reader/server since spam filtering began. [ Reply to ThisRe:Enhancement? by Nuclear Elephant (Score:1) Monday October 17, @02:37PM Not an advertisement... (Score:3, Interesting) by pabl0 (228298) on Monday October 17, @01:34PM (#13810333) ... but it'll sound like one: I recently converted from a rather involved anti-spam defense utilizing SpamAssassin with Razor, Pyzor, and several RBL checks. I spent a fair amount of time selecting RBLs that worked the best and tweaking SA test scores whenever I got false positive/negative messages. I even had all sorts of validity checks turned on in the MTA to block out badly formed messages and the like.I replaced all those defenses with: DSPAM. And I'm seeing better results out of the box than I ever did with a multi-layered SA-based solution, even after a lot of time tweaking.A quick anecdote: When I converted, I opened up a bunch of previously blocked spamtrap addresses, just to get some good training material for the filter. I've long since passed my initial training threshhold but haven't even bothered to block the spamtraps again because I never see the spam. At the risk of sounding like I'm bragging, I literally don't have a spam problem anymore, and DSPAM is entirely responsible for that.Now, I'm not necessarily advocating that you give up all your custom defenses and switch to DSPAM. (I've turned off all my other filters, but I haven't removed them completely.) There's always a chance that an ingenious spammer will find a weakness in DSPAM setups, but I can testify to the fact that DSPAM is "scary good" as of right now. Training the filter is a simple matter of dropping misclassified messages (and there aren't many) into an IMAP folder.If what you have is working for you, stick with it. But if you're looking for a low-maintenance, high accuracy filter, you should definitely give DSPAM a shot. [ Reply to This What is wrong with DSPAM? (Score:1) by frn123 (242374) <spam&imelaps,ee> on Monday October 17, @02:29PM (#13810827) Why is it not included in Debian?Spamassassin is.Bogofilter is.Popfile is.I thought it was the license, but seems that DSPAM is GPL.So, can anyone comment? I'm not installing itfor my server if i can not apt-get it and have debiansecurity support for it. [ Reply to ThisRe:What is wrong with DSPAM? by Nuclear Elephant (Score:1) Monday October 17, @03:01PM Re:hiding your address (Score:5, Insightful) by Bogtha (906264) on Monday October 17, @08:51AM (#13808440) Though this is only possibly with PHP, ideally running on a Debian system, it's the most important language to learn in the universe. What kind of fuckwittery is this? No, plenty of languages can code a simple contact form handler, the platform you run it on is pretty irrelevant, and PHP is by no means "the most important language to learn in the universe". It's a pretty typical scripting language, not the magic you make it out to be. [ Reply to This | ParentRe:hiding your address by shaitand (Score:2) Monday October 17, @09:42AMRe:hiding your address by imroy (Score:2) Monday October 17, @10:02AMRe:hiding your address by shaitand (Score:2) Monday October 17, @12:02PMRe:hiding your address by hobbit (Score:1) Monday October 17, @02:32PMRe:hiding your address by cloudmaster (Score:2) Monday October 17, @03:23PMRe:hiding your address by imroy (Score:2) Monday October 17, @05:42PMRe:hiding your address by cloudmaster (Score:2) Monday October 17, @06:33PMRe:hiding your address by dvaldenaire (Score:1) Monday October 17, @09:49AMRe:php problems -- too specialized by ToyKeeper (Score:1) Monday October 17, @01:43PM1 reply beneath your current threshold. Re:hiding your address (Score:2) by kimba (12893) on Monday October 17, @08:52AM (#13808445) The best defense against spam is never to type your personal address anywhere on the internet. You have to do more than that. You also have to not email anyone, and also not have an easy to guess username.The problem is, you can never publish your email address anywhere - and someone else will gladly do it for you. All it takes is one person you have emailed to come down with an email virus, which then propogates your address all over the net.Email address synthesis will also guarantee unless you have the most obtuse email address, it will end up getting spam too. [ Reply to This | Parent Re:hiding your address (Score:4, Interesting) by BigJim.fr (40893) <jim@liotier.org> on Monday October 17, @08:53AM (#13808457) (http://jim.liotier.org/) > The best defense against spam is never to type your> personal address anywhere on the internet.Hiding your address does not work because some viruses collect addresses from your correspondents addressbook. Your address will percolate to spam lists, it is only a matter of time. If like me you have kept your adress for many years, you absolutely need some form of spam defense. [ Reply to This | ParentRe:hiding your address by Antique Geekmeister (Score:2) Monday October 17, @09:47AMRe:hiding your address by Monkier (Score:1) Monday October 17, @11:38AMRe:hiding your address by Nethead (Score:2) Monday October 17, @03:26PM Re:hiding your address (Score:2) by MichaelSmith (789609) on Monday October 17, @08:53AM (#13808458) (http://www.zeropoint.com.au/) The best defense against spam is never to type your personal address anywhere on the internet.You still have to communicate with people, and many of them will have windows boxes which will get rooted at one time or another. It is made worse by people who innocently spam whole lists of people with documents or joke emails. Your address can get spread around that way. [ Reply to This | Parent Re:hiding your address (Score:2) by liquidpele (663430) on Monday October 17, @08:55AM (#13808463) (Last Journal: Friday October 24, @11:59AM) or you can always just put the words inside an image.or you can always do stuff like: foo AT gmail DOT comor you can always use the html encoding for the characters in the emailor you can always use a real email for friends, and a spam email for everything else. Really though, even giving your email out to your friends is going to get you spam eventually, since you know one of them will get infected with an email harvesting virus at some point. [ Reply to This | ParentRe:hiding your address by Damer Face (Score:1) Monday October 17, @09:26AM Re:hiding your address (Score:1) by Damer Face (910606) on Monday October 17, @09:00AM (#13808486) And make damn sure that your code isn't vulnerbale to "e-mail injection" exploits; these will result in spammers using your simple form to spam others AND you getting your hosting revoked.See, eg, here: http://www.nyphp.org/phundamentals/email_header_in jection.php [nyphp.org] [ Reply to This | Parent Re:hiding your address (Score:2) by ozbird (127571) on Monday October 17, @09:01AM (#13808492) The best defense against spam is never to type your personal address anywhere on the internet. It's at least ten years too late for that for me, and I'll be damned if I'm going to give up my email address now just because of a few pesky spammers. Besides, the worst of the spam flood seems to be over. A year ago, I was getting hundreds of spam messages a day; now I might get ten, occasionally twenty a day. SpamAssassin + ClamAV identify the vast majority of those. [ Reply to This | ParentRe:hiding your address by samkass (Score:1) Monday October 17, @11:31AM Re:not "bulletproofly" reliable (Score:1) by NutMan (614868) on Monday October 17, @09:14AM (#13808534) This isn't "bulletproofly" reliable either. My brothers and I run a small local ISP. Years ago I created an address for my youngest daughter. She never used it, it was never posted anywhere, and it wasn't an easy to guess address since it was a combination of her name and her nickname. However spammers are constantly trying to discover email addresses on our domain, we get about 2,000 invalid recipient attempts every hour of the day. So eventually they discovered her address and she now gets a small amount of spam. (6 to 12 a day)If you want something 100% effective, then cancel all of your email accounts. A more reasonable course of action is to use an excellent solution like DSPAM. [ Reply to This | Parent Re:hiding your address (Score:1) by edesio (93726) on Monday October 17, @09:21AM (#13808560) (http://www.softaplic.com.br/~edesio/) You can also use a "short-term" e-mail like the ones provided at SpamGourmet.com. [ Reply to This | Parent Re:hiding your address (Score:2) by HermanAB (661181) on Monday October 17, @09:21AM (#13808561) Never heard of dictionary attacks on domains have you? [ Reply to This | Parent Re:hiding your address (Score:2) by horza (87255) on Monday October 17, @10:09AM (#13808887) (http://www.medinheaven.co.uk/) just set up a simple form and use simple php to make it convenient for them to reach you while keeping your email address safely tucked awayAll you've done is swapped vigilence in maintaining anti-spam on your inbox to vigilence in protecting your contact form against spammers abusing your email form as a spam gateway. My contact form page gets an attempted hit every couple of days (usually a combination of MIME attachments in the comments field and injecting a BCC field to forward to the recipient) and this is a low volume site. Anyway, your email only has to leak once for it to propagate and it may not necessarily be you that does it. You'll find the spam blocker built into Thunderbird does a good job if you don't want to bother installing Spamassissin/DSPAM on your mail server (at the expense of extra bandwidth and download times).Phillip. [ Reply to This | Parent Re:hiding your address (Score:2, Funny) by MasTRE (588396) on Monday October 17, @10:38AM (#13809060) > Other than annoying whitelists, there is no anti spam warez that is bulletproofly reliable. Yeah yo, no bulletproofly reliable warez yo! > ...just set up a simple form and use simple php to make it convenient for them to... Make it convinient to root your server, yo! Yeah, yo! Bulletproofly warez, yo! > Though this is only possibly with PHP... Yeeeeaaaah, buddy! Warez, yo! NOT! Whatever TF this guy is smoking, you lemmings shouldn't mod it +4/Informative. It's a crap post. [ Reply to This | Parent Mod parent into oblivion! (Score:1) by Thalagyrt (851883) on Monday October 17, @11:41AM (#13809525) Nice troll. PHP has nothing to do with spam, if anything it was your blatant stupidity that got you on a spam list. [ Reply to This | Parent7 replies beneath your current threshold.

0 Comments:

Post a Comment

<< Home