Incoming Mail is 90 percent spam!
Anatomy of a Mail Server
Categories:
Miscellaneous
So, I run my own mail server, hosting mail for a variety of domains for myself, my friends, and some customers.
I was looking at the log files the other day and here's what I found:
In the last 7-8 days, my server accepted connections approximately 41,000 times. Each is an instance of someone trying to send mail to one or more addresses on my server.
I use something called RBL lists to block connections from known spammers. These RBL lists helped me immediately rejected 32,000 of those incoming connections.
I also use something called CHKUSER that checks to see if the recipient is valid before accepting the message. Approximately 3,000 of these incoming connections were messages for invalid users. For example, nearly 800 of them were mail for ric@arborsites.com, an email address I haven't used in 5-6 years.
Next, I use something called simscan, which looks at the content of each message and tries to determine if it is spam. Although I set the threshhold fairly high, about 1000 of the messages were rejected because they were either spam or contained a virus. And only 76 of them were viruses.
That means, of the 41,000 incoming connections, 36,000 were outright rejected because they were probably spam.
Of course, spam still gets through. I use Mozilla Thunderbird as my email client, and it tags a fair amount of incoming mail as spam too using Bayesian filtering. I train it to know what spam is and what's not, and it's pretty good about separating the spam from the non-spam.
Bottom line, maybe 10% of the email coming into my server is legitimate email.
That just sucks.
Posted by rickroot at 1:04 PM | Link | 2 comments