I've found that the RBLs, DNSBLs, and conventional SpamAssassin rules are actually quite effective. For the most part, the spam that was getting through was from these newly-born domains. The winning strategy, at least for now, seems to be blocking those with the `infanticide` module; after a couple of days, the domains and/or sending IP addresses have long since made it onto RBL and/or DNSBL.
Citadel Server can handle RBLs directly, and the more aggressive configuration is to reject listed sending IP addresses immediately at connection time, in the very first banner before the sender can even send a EHLO. Beyond that, SpamAssassin does its thing after the email has been transmitted.
It needs to be easy. Filtering spam should be at least as easy as running the mail server. Citadel raised the bar on the latter.
most part I can get away with just manually deleting it.
One of my friends had an alternative approach to dealing with spam and it's quite ingenious actually.
Instead of having a single mail account, he creates unique mail accounts for any websites or services he registeres at. This makes it really easy to single out those services which sell your data to third parties or have security breaches.
I think he also set up honey pot addresses because he was really into setting up honey pots, just to see what people or automated scripts attempt to do on insecure servers. He set up entire virtual environments just for that.
So for the last couple of weeks i have been bombarded by "we love our customer, here is free stuff if you take our survey" spam/scam emails, using random company names.
Today as i deleted some i noticed one said "harbor freight, free Milwaukee drill set" lol.. they dont even sell that product line.. at least do your homework people...
2023-05-31 19:11 from Nurb432 <nurb432@uncensored.citadel.org>
So for the last couple of weeks i have been bombarded by "we love our
customer, here is free stuff if you take our survey" spam/scam
emails, using random company names.
Today as i deleted some i noticed one said "harbor freight, free
Milwaukee drill set" lol.. they dont even sell that product
line.. at least do your homework people...
They did! They're not selling it, they're giving them away.
i have never seen a HF sell Milwaukee.. only Chicago ( their competing "city brand" )
When was this?
2023-05-31 23:05 from Nurb432 <nurb432@uncensored.citadel.org>
i have never seen a HF sell Milwaukee.. only Chicago ( their
competing "city brand" )
When was this?
"harbor freight, free Milwaukee drill set"
2023-06-01 11:51 from Nurb432 <nurb432@uncensored.citadel.org>
Ah i thought you meant in reality .. i sometimes miss humor, its a
struggle for me. sorry
You never have to apologize for my bad jokes. I know they're bad :)
2023-05-30 09:39 from Nurb432
Might consider 2 dogs. Keep each other company with their own kind.
But dont get 2 puppies at same time, you risk 'hyper bonding'
between the 2.
I have had full litters hyper bond and it is not that bad.
Horse hyper bonding is were trouble lies. Lots of horses get into a panic if you take their best buddy away. They will crush any fence, burst any gate and stomp on any vehicle that stays between them and their best buddy.
Oh and I think you should release it if it doesn't require considerable
work to do so. It seems like the whois servers should be fine if you
add caching, because as far as I'm aware whois is decentralized.
The project is at [ https://code.citadel.org/citadel/infanticide ] and includes the spamassassin module, installation instructions, and a bit of my usual iconoclastic sarcasm.
Honestly, it's working an absolute treat on my mail system so far. I really hope the spammers don't adapt around it any time soon.
If anyone knows a bit of Perl and would like to help improve it, feel free to create an account on code.citadel.org (requires a @citadel.org or @uncensored.citadel.org address to sign up to our GitLab instance -- I did this to keep random assholes from wandering in from out of town -- but you can change to a different address once you're validated).
A couple of easy ideas for improvements:
1. If a sender domain is more than two parts, and the whois lookup does not succeed, strip the first part off and try again, repeat until it's down to two parts and then give up. For example, if the spammer is "mail1.us.example.com" and whois fails, try "us.example.com" and then "example.com".
2. Cache all whois lookups in memory so that it doesn't have to keep performing lookups for senders who are delivering a lot of mail to the same site. For example, we should only have to look up "gmail.com" and "yahoo.com" and other biggies only once a day at most. If for whatever reason spamassassin is restarted, that's fine; we can burn the cache and start over.
Or just install it and move on :)
Not sure its bottom feeder level yet.. but ...
Musk is now imposing reading limits. Even to verified accounts ( they just get more ). Laying the foundation to a walled garden. Once people get used to this, reduce the counts for guests.. Reduce counts for verified.. Then remove guests totally.. then later 'only get to view if you pay '....
Wait..i'm wrong. Guest access is gone already.
Sun Jul 02 2023 07:28:41 AM EDT from Nurb432Not sure its bottom feeder level yet.. but ...
Musk is now imposing reading limits. Even to verified accounts ( they just get more ). Laying the foundation to a walled garden. Once people get used to this, reduce the counts for guests.. Reduce counts for verified.. Then remove guests totally.. then later 'only get to view if you pay '....
Unfortunately, Facebook has been doing the same thing for years and it hasn't put an end to them. However, Twitter provides far less value that can't be found elsewhere. And as long as ytp-dl works, Youtube ads mean nothing to me. When it stops working, I'll go elsewhere without even bothering to shrug.
To me they are different platforms with a different purpose. Not sure a walled garden will work for twitter. Not sure if yt-dlp can login to twitter to grab things like it can YT. I have not tried. There was ONE thing i was getting ( Tucker's 'broadcast' ), but just did a google each week, got the link and grabbed the video. Now i cant.
I have ad block on YT. While i do still DL what i like and want to keep, i can still browse directly and not deal with ads. YT still has tech videos and such. So its of value to me, for now.
Sun Jul 02 2023 09:34:10 AM EDT from nonservatorUnfortunately, Facebook has been doing the same thing for years and it hasn't put an end to them. However, Twitter provides far less value that can't be found elsewhere. And as long as ytp-dl works, Youtube ads mean nothing to me. When it stops working, I'll go elsewhere without even bothering to shrug.
Specific channel there or just search?
Sun Jul 02 2023 06:21:36 PM EDT from nonservatorI've been grabbing mirrors of Tucker from Rumble. I'm sure they're popping up all over.
Youtube ads mean nothing to me. When it stops working, I'll go
elsewhere without even bothering to shrug.
I heard about that too, and then sure enough, Louis Rossman dropped a video on that topic today.
Google really wants to screw creators and turn YouTube into regular crappy old television. YouTube apparently has never really made any money. I'd be happy to let it die and let the video creator diaspora happen.