I received a rude awakening when I did some work for an old client- more spam than I ever dreamed existed in the whole world. On my private domains I have a good working SpamAssassin setup, though I can't lock it down too tightly because I get email from strangers all over the world. I could spend my days fiddling with fine-tuning SpamAssassin, but letting a few spams slip through to avoid false negatives, and still having a life is OK with me.
But this poor man has a small business and no idea how to erect spam shields. He's doing all the right things that a Windows user is supposed to do-
- purchase PCs powerful enough to run Google so that all the anti-malware software doesn't bog the system down too badly, keep it updated, and pay through the nose to keep his subscriptions current. He is wise to phishing and email-borne malware, and long ago jettisoned Aiee and Lookout in favor of Firefox and Thunderbird. He uses OpenOffice instead of MS Office. In fact he is a prime candidate for migrating away from Redmondware entirely, which we are planning even now. There is one key piece of Windows-only software that he needs to run his business, so he'll need only a single PC for that, or perhaps we'll cage it in a virtual machine on Linux.
But none of that does a bit of good to stem the tide of spam hitting his mailserver. In fact there is little we can do other than build bigger umbrellas and waders. In this case that means moving his email services to an outside host and letting them deal with it. Sure, I could set him up with some nice tools for filtering at the server, but it's more cost-effective and less hassle to go with the hosting service. Cutting it off at the source would be ideal, and I am always sad and disappointed that it's SpamAssassin, rather than SpammerAssassin.
I've been flamed before for saying that, but think about it- what sort of crime really deserves capital punishment? Most murders are one-shot events. The costs of spam are:
- Literally billions of dollars per year for wasted bandwidth, wasted server capacity, abuse desks, fraud, and malware infections
- Loss of functionality and simple freedoms, like posting contact email addresses on Web pages, or using a single account with multiple aliases
- Wasted time for end users, and rendering a very useful resource nearly unusable
But even if it were possible to criminally prosecute spammers and make it a capital offense, it's nearly impossible due to its international reach.
Even so, I'm back to devoting a few minutes a day to sending reports to Spam Cop and various DNSRBLs. DNSRBLs are a big club to swing, but what else is there? Other than becoming Dog the Spammer Hunter and spending the rest of my life roaming the planet, hunting down and, er, persuading spammers to mend their sociopathic ways.
Comment and Contribute
