Anti-Spam Wrap-up

Some spam is still getting through, but it’s taking less of my computer’s time to filter, less of my time to scrutinize, and less storage space on my computer, my mail server, and GMail’s servers. I still have to check my spam folders for misclassified emails, but there’s much less of it to look at, and I’m probably finding more of the good ones now.

What are the costs? Let’s start with time. I have to spend some time checking senders in my SpamJadoo control panel and reclassifying some of them, but I think I spend less time doing that than I used to spend reclassifying spam. I also find occasionally that I can’t get to the SpamJadoo control panel, probably because it’s hosted halfway around the world from me and subject to Internet blockages. Overall, I have gained time, even counting the pain I went through getting this set up.

What about money? SpamJadoo costs $1/user/month as a hosted pre-filtering service, payable in advance yearly after a trial subscription. SpamJadoo is also available as part of a hosted filtered e-mail service, for $2/user/month, and as Enterprise server software licensed at $5K/physical CPU plus $1K/year maintenance and support after the first year. I can see that being less than the cost of the bandwidth saved.

SpamJadoo’s magic is primarily in the grey-listing mechanism, which returns a 450 error when it sees a new sender, and watches the retry time to tell if the mail is coming from a real mail server or a bot. This mechanism was proposed several years ago in a white paper by Ronald K. (who doesn’t want me to use his full name, and has an implementation running on Linux for his personal domain), and has also been used by a few other vendors besides SpamJadoo, including FSL, which uses it in its BarricadeMX product. FSL has a nice whitepaper about their experience here.

A number of organizations are fighting spammers and phishers proactively, including KnujOn and  Castle Cops. I suspect that I’ll write about some of them in future postings.