This video is extremely well done and can help change the email mindset which seems to overwhelm most people.

E-mail Marketing is fast becoming an essential channel for all website owners, and the tool that powers this channel can make or break your efforts. Choosing a reliable autoresponder software that has all features such as sequential autoresponse, timed mailings, bounced management, etc. is usually found in subscription-based service or expensive software.

The Omnistar Mailer email mailing list manager is a serious contender that meets (and exceeds) all of that for a very good price. Based on the popular PHP and MySQL combo, this web-based mailing list software is flexible and customizable. Follow me as I take you step by step to install and test it.

The Omnistar Mailer can be purchased online at www.omnistarmailer.com and can downloaded instantly. It comes with a 30-day money back guarantee and free installation. Being the propeller head that I am, I decided to get my hands dirty.

The download, unzipping and uploading was fairly fast and simple, and soon, I'm greeted with the install screen. Here's where you might benefit from using their install service. Theres' some file permissions which needed to be sorted out before you can proceed with the install. After filling in all the necessary details (don't worry if you don't know some of them, just give the nice support people there your hosting signup details) and the installation took care of itself. Note: Omnistar is careful here to warn you to use a NEW MySQL database.

I liked this article so much I felt compelled to acknowledge once again just how ignorant people actually are about spam. Let's first divide the posts into groups. For the referenced article "Click Here"

1. The Questioned:  The person who thinks they should have a free email address and filtering should be Enterprise level and they should behave any way they want. Love the post from the person who said I get 1000’s of emails a day.  Personally if this is true your activity on the web is certainly questionable.

2. The Silly: “Is it legal, if I write an anti spam eraser that goes back to the source and simply removes the spam from their hard drive(s)?”

3. The Lost: “I have gone so far as to chase down the owners of blocks of addresses and emailed them about spammers and the email was returned.” Ever hear of spoofing? One can spoof a email address, IP address and even a MAC address. Ever hear of a zombie?

4. The Confused:  “I use a bounce program. Every spam email gets sent back ten times. It’s reduced my spam by at least 50% which is a real relief. The big problem now is bogus addresses. About 20% of my spam now comes from non-existent addresses.” You are as much the problem as the solution. You have assumed you have the target in the first place. You only aggravate the situation by thinking you are fighting back. If it were a real source on the bounce then they are now certain they have a good email address. After all you have made sure they know. Also a good read of the RFC’s concerning backscatter specifically will point out the error in your ways.

5. The Knowledgeable: “I’m an IT Director at a small hospital with a mature domain name (12 years old). SPAM accounts for over 99% of all e-mail handled by my system - and that’s a calculation, NOT an estimate. I spend about $12,000 per year managing SPAM.”  What can you say the person who wrote this has a firm grip of the magnitude of the problem, and the costs associated to good spam filtering.

6. The Diluted: People who believe something on their desktop is the solution. Please it is over! The best this can do is decide whether to keep it or trash it. The transaction is over when it reached the server. The point where you want to stop it is deciding whether to accept or delete it on the server. 

Any install of MailScanner on a server configured correctly can get the top 90% of spam. It is that number between 90% and 99.9% which is hard to reach. What is so amazing is some novice on a desktop seems to think they have the solution to a problem which is so complex there is simply no single answer to. There are millions of professionals fighting this problem every single day, yet they have the solution. Also they do not seem to understand that the person they are defending against are as good at their job.

Has anyone complained once to your postman that it should be their job to filter your mail? Have you stopped those stupid phone sales calls when you are at home trying to relax? With everything on the web even things that are free, people think it is a right to be protected in a world that is honestly quite dangerous. Your protection ended when you connected that cable directly to the web really. If you want to be really secure just unplug it.

Google on Tuesday began marketing new online tools for protecting email from spam and other problems as it continued to encroach on the terrain of software king Microsoft.

Google unveiled email security services built with technology from Postini, a start-up the California Internet titan bought last year for 625 million dollars. The software protects, filters, encrypts and archives email, and is compatible with Microsoft Exchange, Lotus Notes, and Novell Groupwise.

Google said subscription pricing for email security starts at three dollars a year per user to "accommodate the budget of any business." Premium online services that include virus protection and saving messages is priced at 25 dollars annually per user.

"As threats rise in volume and complexity, and compliance requirements pile up, IT is struggling to find the resources to keep up," said Google director of product management Scott Petry. "Now, Google can take care of this for you."

We were somewhat confused with smartermail forum on the topic of ClamAV updating in SmarterMail. Here are my observations. This solution is only based on my personal observation, which cured 4 different smartmail servers with the problem of not showing the ClamAv updates correctly. One could see they were being downloaded to the server.

They are located in the default install path: C:\Program Files\SmarterTools\SmarterMail\Service\Clam\share\clamav the date in the admin interface was the same date as the file 'daily.cvd'. I renamed the file to daily.cvd.bak and restarted smartermail service and a new file was created and the interface reflected the new date.

Part 2 Spam E-Mail Fitering:

At this point to show the magnitude of spam we are eliminating. The screen shot is at the last step in the MTA, it is a fair sampling of how much is being eliminated even at this last step in the process after going through three levels above this. So while the numbers indicate a fair amount of spam before delivery to the mail domain. The screen shot is only one of our end point mail servers and is only a 46 hour sampling.

What is becoming hard to comprehend is the vast number of viruses. We have three different companies anti-virus scanners ahead of the end point mail server and you can see that the number still being eliminated at this the fourth level.  We have found that no single bit of anti-virus software on its own is acceptable. We use Avast, Symantec, Nod32, and Clam-D and find similar numbers at each level of the process. For the experts these scanners are not on the same machines in the MTA hub they are all passing through separate layers of the mail processing. 

At the bottom of the graph you can see how well grey-listing works with 956,710 senders being blocked in a 46 hour period. While 40,710 valid senders were approved.

At this layer we are very confident that spam high is garbage and is directed to the bit bucket. Spam Medium is simply stamped in the subject so the end user is assured not to lose anything even remotely questionable. The domain admin can change our default settings and chose to leave this in a junk folder on the server if they want another layer of filtering.

However our MTA MX hub already allow quarantine for 14 days for questionable emails so this layer is really the last or shake out layer before mail delivery. We are using the best technologies on available to protect our enterprise clients email and offer the best possible service level available at any cost. Yet we include this with every account hosted with us. If you are looking for $3.95 month hosting you will not find it. However, if you want serious enterprise level mail filtering you will certainly find we are committed to preventing spam from reaching your in-box. 

The war on spam wears on and a question from one of our users sparked this blog post. "What makes your spam filtering so dam great"?

Many hosts install spam assassin perhaps a bit of clam-av virus filtering and call it done. Maybe they enable grey-listing and then brag about the service level.

Now comes, the end user who understands almost nothing about any of this. They accept the market hype and take it as the gospel. They want to know nothing, they just do not want the spam filling up their in boxes. They feel this is something which should just happen. Which is why many hosts & ISP's just install spam assassin and say you have e-mail filtering. 

Yet other hosts & ISP's have this idea that just buying a Barracuda Firewall is the answer. After all someone told them Barracuda makes the best mail filtering device available. So booyah they are an instant expert. The success of the Barracuda firewall product, and the continual increase in spam are probably the reasons for an increase in email backscatter. Sadly, too many Barracuda Spam Firewall customers still enable auto-replies for spams that get blocked. This is not necessarily the fault of Barracuda firewall, but more of the administrators do not understand the impact of their actions. 

Most people send a limited number of messages to people who they have a relationship with. Spammers however send millions of messages to people who they have no relationship with. A real email message will keep retrying if the server isn't ready and will generally play by they rules. Spammers will try to circumvent the rules to try to deliver as many messages to as many people as possible. They try the back door before they try the front door and if the back door rejects them they move on. This is why grey-listing is important and blocks much of this behavior since most spam is not sent out using RFC compliant MTAs; the spamming software will not try again later.

While grey-listing is important, it like spam assassin can only answer part of the mail filtering scheme. Understand that the war on spam is waged against people who make their living off making it to your in-box. This typically makes no standard canned code or device on its own merit enough to prevent the well armed spammer from be successful.

To make matters worse many desktops around the world are nothing more than the instruments of spammers with mal-ware being inserted turning their machines into zombies, Sophos estimates half a million zombie PCs are operating worldwide. Given this conservative estimate of the volume of these zombie machines, it only seems logical that a desktop user cannot continue to assume that these things are all on the administrators who handle their mail.

The point of the article is why our mail filtering is better than other providers. Our intent is to offer a truly flexible efficient package, which supports features like MailScanner Spam Assassin, Razor, DCC, Pyzor, Grey-listing and Dynamic Bayesian indexing from our pool. We believe that putting as many features as possible directly in the hands of the domain email administrator is the right approach to take and we stand by that.

While we are focused on the windows platform for our mail servers due to the fact that SmarterMail is one of the best email server packages available. We also understand that Linux servers are currently better suited to the tools available for mail filtering. We work day and night to provide the best mix, while capitalizing on the strengths of each and ignoring any weakness each platform might have. Our email filtering is performed by collection of clustered servers with a single purpose, filtering the unwanted email while still allowing the valid email to quickly transit the MTA.

Email and Alias Forwarding!

Why is it being blocked to AOL and ComCast Accounts?

The Problem defined below is the same for Comcast and AOL!

1. You setup an auto forwarder from your domain to your AOL email account (you@yourdomain.com -> you@aol.com).
2. Your customers send emails to you@yourdomain.com and the emails gets forwarded to you@aol.com
3. One day you receive some spam at you@yourdomain.com, which was auto forwarded directly to you@aol.com.
4. You open your you@aol.com mail box and see the spam, so click to Mark it as SPAM and add it to your AOL spam filter .
5. AOL's spam filter does not register the originator of the email as the spammer - instead, it registers the last place the email came from as the spammer. And in this case and the last place the email came from is our email server which hosts you@yourdomain.com.
6. AOL will then blacklist the entire mail server, so that no one can send email to any AOL email accounts.

You need to login to your email admin and go through your email accounts and take off any forwarding that forwards email to AOL or Comcast account. Also check to make sure your email Alias is not forwarding to AOL or ComCast email account.

It is stated to be an inconvenience by many users. The fact that this means you only need to add another account in your mail client (i.e.) Outlook, Outlook Express, or whatever client you use. If your mail client does not support checking multiple accounts you should have quit using it long ago.

Our blocking is necessary in order to protect all of our valuable customers from being blacklisted by AOL by the action of one or two users who think that blocking spam using Comcast or AOL filtering is the right approach. Though the concept is unproductive by using that mark as spam button, they are only shooting off their own foot, and any legitimate mail that server may be sending.

AOL & ComCast certainly does nothing to investigate the source of the spam and would rather shut down a server than take a minute to check it out. It's unfortunate but is in everyone's best interests.

Greylisting is a new weapon to use against spam in this great war being waged upon it. With this new shielding method, by which you may block out huge amounts of spam, you are sure to please your email clients!

In name, as well as operation, greylisting is related to whitelisting and blacklisting. What happen is that each time a given mailbox receives an email from an unknown contact (ip), that mail is rejected with a "try again later"-message (This happens at the SMTP layer and is transparent to the end user). This, in the short run, means that all mail gets delayed at least until the sender tries again - but this is where spam loses out! Most spam is not sent out using RFC compliant MTAs; the spamming software will not try again later. {More}

Evan Harris
Greylisting FAQ (Texas A&M University)
Greycasting: a distributed heavy duty greylisting implementation
The Next Step in the Spam Control War: Greylisting

The term "backscatter" is also used to describe a side-effect of email spam, viruses and worms. In this context, an alternate, more distinguishing term ("outscatter") is also used, since the traffic isn't directed to the original destination, but to a third party instead. Since a 2002 Klez variant, a large proportion of malignant email is sent with a forged sender address, but some mail servers do not take this into account. They generate bounce messages for spam or viruses - which of course go to an innocent party.

Since these messages were not solicited by the recipients, are substantially similar to each other, and are delivered in bulk quantities, they themselves can qualify as unsolicited bulk email or spam. As such, systems that generate e-mail backscatter can end up being listed on various DNSBLs and be in violation of ISPs Terms-of-Service for being abusive.

Due to controversial aspects of its design, the stock (unpatched) qmail mailserver is more likely than most to produce such bounces. For instance, qmail's "wildcard" delivery mechanism and security design prevents it from rejecting messages during SMTP transactions. When email addressed to nonexistent recipients can't be rejected at the SMTP connection, the only alternative is to auto-reply to the sender address, which causes email backscatter if the sender address is valid and forged.

• Postfix - backscatter page
• SpamLinks - Backscatter
• RFC 3834: Recommendations for Automatic Responses to Electronic Mail.
• Moronic Mail Autoresponders (A FAQ From Hell)
• Why are auto responders bad?
• A DNSBL of Backscatter sources.
• Dontbouncespam.org Why you shouldn't bounce spam

IT'S ABOUT TIME!!!

Appeal court quashes earlier e360 compensation ruling.

Anti-spam operation Spamhaus, previously ordered to pay $11 million to mass-mailing firm e360 Insight after refusing to contest a case accusing it of falsely labelling those behind e360 as spammers, has had the fine thrown out in an appeal court.

The case was first brought last autumn, and after initially challenging the charges Spamhaus withdrew from the case, as the US court in which it was brought had no jurisdiction over the organisation's UK-based operation. e360 was thus granted a default ruling in its favour, with the $11.7 million fine called for based on its own uncontested evaluation of the damage caused by Spamhaus filtering out its mails. The spam fighting organisation was also ordered to apologise publicly and to remove e360 from its 'ROKSO' list of known spammers in perpetuity - another ruling whose legality has been questioned by the appeal court.

The appeal court ruling still grants 360 the case, due to Spamhaus' refusal to contest it, but has passed the settlement award back to the lower court to be analysed more closely. Spamhaus continues to include e360 on its list of spammers, and has suggested e360 brings the case to a UK court, where its activities would fall under stricter anti-spam laws. Attempts by e360 to have Spamhaus's domain registration revoked have been ignored by US courts.

A Wired.com blogger looks into the case in more detail here, and carries a full copy of the latest ruling (in PDF format) here.

France is hoping to shut down spammers more quickly through a system that makes it easier for users to notify ISPs (Internet service providers) when unsolicited e-mails are coming from their network.

The French government funded the development of an open-source toolbar for Microsoft Corp.'s Outlook and Mozilla Corp.'s Thunderbird e-mail programs that people can use to report suspected spam, said John Graham-Cumming, an Englishman who built the software for the project, called Signal Spam. See article.

While it is a novel idea it as other solutions lacks understanding of two of the root problems. One of the biggest problems with this approach is it assumes that end users have any idea at all what they are doing. We are a web host and commonly see our users forward all the mail from their domain to their ISP email account. When they mark something as spam using an approach like this they typically end up reporting their own email server.

The last issue is with regard to spoofing the source email address. Until someone comes up with a viable solution to truly determine a source to determine if it is valid all these approaches are flawed from the start.

If you forward your mail and click the Report as Spam button you are blocking your own mail server.

Instead of blaming your provider for the problem perhaps just do a search. You will find out that now Comcast has gone right to the top with lame email servers they are only matched by AOL.

Due to strict spam policies with Comcast and AOL and blacklisting our mail servers as a result of clients forwarding their email, we have been forced to change our policy with regard to email.

We have been left with no other course of action than to block forwarding to these domains server wide. Mail will no longer be allowed to be forwarded to any ISP that will easily blacklist a server with no way for the end user to whitelist an email address or domain name. This is to prevent issues with companies like AOL or ComCast blacklisting our servers without cause.

We have been being listed at ComCast for spamming without any method to determine why. It appears many users forward their mail to ComCast then use the ComCast interface to view their mail. This in itself seems odd but whatever. 

Then they use their ComCast Mail interface to try to report spam. Guess what you are really reporting as spam? Think about it, if you have forwarded your mail? Thats right you are reporting the server that forwarded the mail to you. Think about it the next time that you are not recieving your mail.

Since ComCast is amoung the list of providers who do not allow whitelisting per user you are blocking the your own mail server for all ComCast subscribers.

Is it possible to restore email deleted by a client from a backup?

Yes, you can move the grp files back into the folder, delete the mailbox.cfg file and then stop and restart the SmarterMail service. One thing that will happen is that for all the times on the emails will be lost and reset to midnight.  However, the dates of the emails will still be correct.

An anti-spam organization filed a federal lawsuit Thursday targeting so-called spam harvesters, who facilitate the mass distribution of junk e-mail by trolling the Internet and collecting millions of e-mail addresses.

The lawsuit was filed in U.S. District Court in Alexandria by a Utah company called Unspam Technologies Inc. The company runs a Web site called Project Honey Pot dedicated to tracking spam harvesters worldwide.

Project Honey Pot has collected thousands of Internet addresses that it has linked to spam harvesters, but it so far has been unable to link those addresses to an actual person.

The lawsuit names a variety of John Does as defendants, and the plaintiffs hope that the legal process will allow them to track the actual people who are harvesting the e-mail addresses, said lead attorney Jon Praed with the Arlington-based Internet Law Group.

Collecting e-mail addresses is not by itself illegal, but Praed said the plaintiffs will be able to link the harvesting to spam e-mails, which are illegal under federal and state laws. Those laws allow individuals who receive unwanted spam to seek civil damages.

Praed said legitimate businesses are afraid to post e-mail addresses on their Web sites for fear that automated Web crawlers will find the addresses, record them and sell them to spammers who will inundate them with junk e-mail.

Praed said the lawsuit will "focus on the worst of the worst," using information that Project Honey Pot has already collected and analyzed.

We recently spent quite a long time before deciding on our filtering solution. We required a number of things that it appears the big boys do not seem to understand.  Like the biggest and simpliest we have stated time and time again. If your email solution does not offer you a method of white-listing just leave!  We have stated this many times with AOL! Comcast and now even ATT have joined the list of "LAME" ISP's who simply do not understand the importance of this simple requirement for their users.

Anyone who seeks a new provider should ask! Do you use BrightMail or GoodMail? You should ask if they can offer another alternative? These propreitary applications have some issues which ComCast has reported as a glitch, give me a break, this is simply not the problem.

Server response to MAIL FROM:

550-64.4.207.8 blocked by ldap:ou=rblmx,dc=comcast,dc=net 550 Blocked for abuse. Please send blacklist removal requests to blacklist_comcastnet@cable.comcast.com - Be sure to include your mail server IP ADDRESS.

Great Article and Frustating ISP comments about ComCast.

Have some Fun here.

The point here is simple when big companies throw large dollars at a solution without alternative methods of adjustment for their clients, they are making a serious blunder.

Almost 70 percent of all electronic mail from Asia is "spam", or unsolicited advertisements, an anti-virus firm said Friday.

The Philippines had the worst record with spam making up 88 percent of all emails, Symantec Corp. said in excerpts of its Internet Threat Security Report released here.

The average percentage of emails sent from the Asia-Pacific region that were spam was 69 percent, the report added.

Although the Philippines had the highest proportion of spam, China was the largest source of spam by sheer volume, the report said.

Thirty-seven percent of all spam detected from Asia-Pacific originated from China.

Symantec said in a statement that it could not provide the total number of e-mails monitored but that the results was based on data from over two million "decoy accounts" attracting email from 20 different countries.

The SEC is serious in its effort to combat stock spam -- bulk e-mail messages pushing unknown stocks in get-rich-quick schemes. On Thursday, the federal agency suspended trading for 10 days in 35 stocks highlighted in spam campaigns.

By most accounts, spam now represents roughly 90 percent of all e-mail sent or received on the Internet, with stock-pushing spam accounting for as much as a third of all unsolicited commercial e-mail -- as many as 100 million e-mails each week, according to the SEC.

The kinds of e-mail that the SEC is pursuing usually push a company that has only a relatively small number of shares available to the public. The e-mails are readily recognizable with subject lines such as "Ready to Explode," "Ride the Bull," and the unsubtle "Fast Money."

Those spam victims who do buy the stock often find the value dropping quickly after the spammers have seen a spike in prices and sold their shares. The SEC said this could account for hundreds of millions of dollars in losses.

As one of several examples, the SEC cited Apparel Manufacturing Associates, Inc., which trades as APPM. It closed on a Friday in December of 2006 at $0.06 a share, with 3,500 shares traded.

After a weekend spam campaign, touting "huge news expected out of APPM," it spiked to $0.19 a share on Monday, with nearly 500,000 shares trading, before collapsing back down to $0.10 about a week later.

Google Inc.'s free e-mail service will shed the final remnants of its invitation-only restrictions Wednesday, extending the reach of an increasingly popular product that has emerged as a vital cog in the online search leader's expansion efforts.

Invitations will no longer be required to join the nearly 3-year-old "Gmail" service in the United States, Canada, Mexico and a swath of Asian and South American countries where the Mountain View-based company previously limited the number of users.

With those restrictions now lifted, Gmail will be open to all comers worldwide for the first time since Google unveiled the service on April Fool's Day in 2004.

The decision to lift all invitation requirements on Gmail signals Google finally believes it has adequate computing capacity to accommodate the generous amount of free storage provided by the e-mail service after investing heavily in additional data centers. Gmail offers each account at least 2.8 gigabytes of storage — enough to fill about 1.4 million pages.

The RFC's do define the first three digits of error codes but the software or mail server itself can define anything after the first three digits for their own use. Perhaps the time is coming that people can be given some uniform codes they can understand. Though the problems are bigger than they may appear at first glance. We have put together some basic codes as a guideline to help everyone have some idea as to what the error might mean.

500: Syntax error, command unrecognized
This may include errors such as command line too long.
 

501: Syntax error in parameters or arguments - Indicates possible poor (noisy dialup) or an intermittent drop in network line connection that caused your mail client to send erroneous command to the mail server.
 

502: Command not implemented - Indicates that your ISP mail server did not recognized a command sent.
 

503: Server encountered bad sequence of commands - Indicates (probable) that your ISP mail server did not recognized a command sent that is erroneous. Some temporary event prevents the successful sending of the message or an intermittent drop in network line connection that caused your mail client to send erroneous command and sending in the future may be successful.
 

504: Command parameter not implemented - Indicates that your ISP mail server did not recognized a command sent.

521: The domain does not accept mail or closing transmission channel You must be pop-authenticated before you can use this SMTP server and you must use your mail address for the Sender/From field.
 

530: Access denied (???a Sendmailism)

550: Requested actions not taken, mailbox unavailable - Indicates that your recipient's email address was not recognized by your ISP mail server or (mailbox not found or cannot access it).
 

550: Relaying prohibited or Not local host… not a gateway or Unable to relay for, or user’s mailbox unavailable - Sending an email to recipients outside of your domain are not allowed or your mail server does not know that you have access to use it for relaying messages and authentication is required. Or to prevent the sending of SPAM some mail servers will not allow (relay) send mail to any e-mail using another company’s network and computer resources.

550: This address is not allowed or Requested action not taken: mailbox unavailable - Seems like the setting of the “From Address” are incorrect and/or an attempted was made to deliver but there was a non fatal error and it will be retried and/or some change to the message destination must be made for successful delivery.
 

551: User not local, please try <forward-path> or Invalid Address: Relay request denied - Indicates that the recipient's email address have changed and your ISP mail server is forwarding it back to you and/or your ISP SMTP mail server does not accept email when neither the sender nor the recipient is a local user--this feature was implemented to protect the mail server from being used by spammers to relay their messages by using another company’s network and computer resources.
 

552: Requested mail actions aborted: exceeded storage allocation - ISP mail server indicates, probable overloading from too many messages.
 

553: Denied. Requested action not taken: mailbox name not allowed or bad command format - (E.g., mailbox syntax incorrect)  Some mail servers have the option to reduce the number of concurrent connection and also the number of messages sent per connection. If you have a lot of messages queued up (being sent) for a domain, it could go over the maximum number of messages per connection and/or some change to the message and/or destination must be made for successful delivery.
 

554: Transaction failed or Permanent Failure - A permanent failure is one which is not likely to be resolved by resending the message in its current form and some change to the message and/or destination must be made for successful delivery.

554: Transaction failed or Permanent Failure - The server sending your mail server does not have a reverse DNS entry.
      1. Helo command rejected: Access denied;
      2. Recipent user is "Over Quota"
      3. You do not have permission to send to this recipient.

557: Too many duplicate messages: Resource temporarily unavailable - Indicates (probable) that there is some kind of anti-spam system on the mail server.

Many people still believe that anti-spam and anti-virus is best handled client side. We have used our share of client tools too. There simply is no reason to question whether or not server side filtering is the right approach. There are many reasons why sever side is better including the sampling base size. The task can be daunting even for a savvy mail administrator.

Spammers have become sharper, there is money at stake. Providers have alot invested with proper firewalls that remove viruses on the fly and check for spoof and prevent the mail server from coming under any number of attacks. Certain mail servers specifically Merak Mail do a great job and have many levels of filtering mail yet still manage to perform at lightning speed. The newest in v 8.9.1 is the addition of realtime baysian indexing. The sampling of mail to index on a server in itself should be enough even for a novice to understand this method is something they simply cannot acheive client side.

While it is true many 3rd party mail servers claim to have all the features for filtering mail. A good example is smartermail. As a mail server it is a fantasic product but their filtering leaves alot to be desired. There are a couple of solutions which can fix the problems of smartermail and though the product by declude claims to fix those weaknesses. The issue I have observed is making the server misbehave. It seriously cuts the number of users the system has the resources to support. The best way for anyone to really filter mail correctly besides the Merak Mail is to use a MX or Gateway server.

Placing MX servers in front of your mail servers and filtering before it even makes it to the mail server. This has become the preferred method for enterprise mail. There is no magic pill with some client side software bit, which will kill all spam. 

The point here is that desktop software really cannot compete when it comes to filtering mail. Understand and appreciate all that your spam goes through to get to your desktop in the first place. It does not hurt to have some desktop anti-spam, anti-virus software. However it simply is never going to compare to all your emails already go through.

I am constantly presented with some issue, how I do block this or that? It seems that not many people know how to experiment so I will take a couple of examples for Merak Mail server as to how to stop the dynamically generated images and sources that seem to make it past some filters.

Ok so you can see we are using "regular expression" in the "body".

If you view the source of the email you will find a string that will put an end to these annoying emails one by one. Since they are the most offensive emails on the web and costing everyone in time and money.

While bulk e-mailers have, in the past, sent unwanted messages from a single server, increasingly the spam emanates from networks of compromised PCs, known as bot nets. The level of junk e-mail has increased almost in lock step with the number of compromised systems used for spam.

What is most alarming is that new clients--Internet addresses that we have never seen before and which could be new infections--have tripled since June," said Hart, who posted a chart tracking the growth on his Web site this week.

Bots and bot nets have rapidly emerged as one of the major threats on the Internet. Tens of thousands of compromised PCs are frequently counted among a single bot net's unwilling members, with some bot nets boasting as many as a million systems. Traditionally, the networks have been used to install adware on victims' machines or level denial-of-service attacks at online companies as part of an extortion scheme.

Now, spammers are frequently counted among the operators or the clients of bot nets. Last May, a spammer only identified as "PharmaMaster" used a bot net to target anti-spam provider Blue Security and its Internet service providers with a massive denial-of-service attack that blocked access to the companies for hours and, in the case of Blue Security, days. Because of the attack, the company exited the anti-spam business.

Many bot herders--as the criminals that infect computers with bot software are named--sell or rent bot nets to others to use, and spammers increasingly seem to be among their customers.

Some Internet users have noticed an indirect effect of the surge in bulk e-mail. Spammers usually put another person's e-mail address in sender's field of the message. Because many spam and antivirus filters send back a rejection message to the sender, the actual owner of the e-mail address will be inundated with replies.

Security researchers that use honey pots--heavily monitored computers that are allowed to be infected by malicious software to spy on the attackers--have also confirmed the connection between bot nets and spam, said Thorsten Holz, a graduate student and the founder of the German Honeynet Project.

The Internet Corporation for Assigned Names and Numbers (ICANN) said in a statement 10.11.2006 that it does not have the ability or authority to comply with a proposed court order that it suspend the Internet service of The Spamhaus Project Ltd. Spamhaus is a volunteer-run antispam service.

In a proposed order last Friday, Judge Charles Kocoras of the U.S. District Court for the Northern District of Illinois called on the organizations responsible for registering the Spamhaus.org Internet address to suspend the organization's Internet service. Both ICANN -- the nonprofit organization set up to manage the domain name system of the Internet -- and Toronto-based Tucows Inc., the Spamhaus.org registrar, are named in the order.

The court threatened to shut down Spamhaus for ignoring an $11.7 million judgment against it. The proposed order followed a Sept. 13 ruling in which Spamhaus was required to pay damages and stop listing an e-mail marketing company called E360Insight LLC in its database of known spammers.

ICANN said that in most cases, only the Internet registrar with whom the registrant has a contractual relationship can suspend an individual domain name.

"Even if ICANN were properly brought before the court in this matter, which ICANN has not been, ICANN cannot comply with any order requiring it to suspend or place a client hold on Spamhaus.org or any specific domain name because ICANN does not have either the ability or the authority to do so," the organization said.

The U.S. District Court for the Northern District of Illinois ordered Wednesday that Spamhaus must pay $11,715,000 in damages to e360insight and its chief, David Linhardt, who sued the U.K.-based organization earlier this year over blacklisting.

The court also barred Spamhaus from causing any e-mail sent by e360insight or Linhardt to be "blocked, delayed, altered, or interrupted in anyway" and ordered Spamhaus to publish an apology stating that Linhardt and his company are not spammers, according to a copy of the order.

"This ruling confirms e360insight's position that Spamhaus.org is a fanatical, vigilante organization that operates in the United States with blatant disregard for U.S. law," Linhardt wrote in an e-mail to CNET News.com on Thursday. One would hardly think that a ruling by the state of Illionis, which was a default judgment hardly proves anything at all. So please Linhardt give the world a break.

Spamhaus appears unfazed by the ruling. In a statement on its Web site, Spamhaus dismissed the judgment as invalid and charges that the court was "bamboozled by spammers." Spamhaus didn't mount a defense in the case; the ruling was a default judgment in absence of counterarguments.

Default judgments obtained in U.S. county, state or federal courts have no validity in the U.K. and cannot be enforced under the British legal system," Spamhaus said on its Web site. "As spamming is illegal in the U.K., an Illinois court ordering a British organization to stop blocking incoming Illinois spam in Britain goes contrary to U.K. law which orders all spammers to cease sending spam in the first place."

Linhardt and his company are indeed spammers and remain on the Spamhaus blocklist, Spamhaus said. Posting a note that e360insignt was inaccurately labeled as a spammer would be a lie, Spamhaus said. If Linhardt wants a ruling that counts, he needs to refile his case in the U.K., according to Spamhaus.  ROKSO  e360insight is the preferred service provider for Brian Haberstroh

If the US had any lawmakers with the brains and the heart to make proper laws. People who spam should be running from the law, rather than twisting it in the name of what they refer to as legitmate business practice. SpamHaus lists are quite legitmate from my personal experience and other companies who depend on these lists also believe so.

McAfee has rolled out a Spam Aptitude Test, which may not get college-bound seniors into the university of their choice, but rather make them and the public at large more aware of how to avoid an inbox full of spam.

For those who enjoy a challenge, the security software maker has created a spam test. As part of the test, users scroll through eight questions, with each asking the user to determine which of two Web sites would be the most likely to resell or redistribute their email information and other personal details.

The test allows users to access the privacy policy pages of each site, rather than rely solely on the Web site's design. Users who miss all eight questions in the test face the dire warning: "You're at Risk!" "Watch out!" "Your inbox might explode!" On the flip side, those who ace the test are "Safety Gurus." And "spammy e-mails don't even stand a chance of penetrating (their) inbox."  My score was 7 out of 8 correct. Be sure to read the fine print remember they are experts.

Last month, Blue Frog, the anti-spam service offered by Blue Security, was forced to roll over and accept defeat after suffering a retaliatory attack from a spammer.

Blue Security championed a DIY-style anti-spam campaign in which the company's half a million customers were encouraged to send replies to the spam they received. The idea was that the resulting traffic would overload the spammers' servers and hamper their email-sending activity severely. Indeed, some spam companies did agree to stop mailing Blue Security's customers.

Last month, however, the company's website, along with those of many of its partners, was hit by a denial-of-service attack, which is believed to have originated from a particular Russian spammer. In addition to the DoS attack the company was threatened with a second attack that the attacker claimed would include a computer virus unless the company ceased its activity. The company felt that it had no choice than to close its anti-spam operations.

Now, however, two software developers are attempting to recreate a more robust, open source version of Blue Security's anti-spam service. The developers announced their intentions in a CastleCops forum, and are searching for interested parties to participate in the project and lend support.

The project is named the Okopipi Project, Okopipi being the Amazon Indian name for the blue poison dart frog found in Suriname, South America.

According to the project's founders, 'The rules of engagement would be the same as Blue Frog. One spam equals one opt-out request. No DDoS. We [will] use bandwidth throttling [that is] sufficiently low to not overwhelm the site. It proved effective before. We see no need to change this. All actions will be approved by a steering committee.'

Comments and suggestions have been invited on the fledgling project - for full details, or to sign up to development and general discussion mailing lists, see http://www.okopipi.org/.

Eran Reshef had an idea in the battle against spam e-mail that seemed to be working: he fought spam with spam. Today, he'll give up the fight.

Reshef's Silicon Valley company, Blue Security Inc., simply asked the spammers to stop sending junk e-mail to his clients. But because those sort of requests tend to be ignored, Blue Security took them to a new level: it bombarded the spammers with requests from all 522,000 of its customers at the same time.

That led to a flood of Internet traffic so heavy that it disrupted the spammers' ability to send e-mails to other victims -- a crippling effect that caused a handful of known spammers to comply with the requests.

Then, earlier this month, a Russia-based spammer counterattacked, Reshef said. Using tens of thousands of hijacked computers, the spammer flooded Blue Security with so much Internet traffic that it blocked legitimate visitors from going to Bluesecurity.com, as well as to other Web sites. The spammer also sent another message: Cease operations or Blue Security customers will soon find themselves targeted with virus-filled attacks.

"It's clear to us that [quitting] would be the only thing to prevent a full-scale cyber-war that we just don't have the authority to start," Reshef said. "Our users never signed up for this kind of thing."  Full article

The event comes on the heels of national uproar over what seemed to be AOL's plan to phase out their free EnhancedWhitelist in favor of Goodmail's fee-based authentication service. AOL was quick to make a subsequent announcement that the EnhancedWhitelist would remain.

But MoveOn.org, among others, doesn't buy that it's not still on the agenda. Calling the proposed system anything from "email tax" to "extortion," the traditionally left-wing organization united the most unlikely of opponents from Gun Owners of America to Cleanpeace.org, from RightMarch.com to the Democratic National Committee.

It's like looking out the window to see Charlton Heston holding hands with Alec Baldwin. MoveOn.org has collected over 350,000 individual signatures to its DearAOL petition, and garnered support from over 600 businesses and organizations. In total, says MoveOn's Adam Green, the list of petitioners counts 15 million people.

That type of opposition was enough to land AOL and Goodmail in front of the California legislature earlier this week to explain the situation. After the hearing, MoveOn and a host of other opponents lambasted Goodmail CEO Richard Gingras for reversing what had been the chief selling point for the partnership for the past couple of months.

On Wednesday, MoveOn sent out notices to those on its email list pointing out the seeming contradictions and using them as evidence of AOL's loss of trustworthiness. But AOL members were not receiving those messages. Anyone who tried to forward the message on to AOL accounts had their messages bounced back with notice of permanent failure of delivery. MoveOn, who has accused AOL of lying throughout the ordeal, was quick to send out notice:

"AOL was caught red-handed censoring email, and now the public knows their credibility is gone," said Adam Green, a spokesperson for MoveOn.org Civic Action.

"Think about it. AOL's first reaction was to tell reporters that the DearAOL.com Coalition were spammers, and their second reaction was to unblock our emails. They can't both be true - why would AOL unblock the email of spammers? AOL was caught censoring email, then they were caught lying about our coalition, and in the end AOL proved they cannot be trusted to preserve the free and open Internet."  "Full Article"

The SMTP (Simple Mail Transfer Protocol) email protocol is fundamentally flawed because it was never designed to be secure in the first place and lacks any authentication of the source of an email.  Simply put, SMTP is based on the honor system, with no way to confirm the authenticity of the sender let alone track the sender.  What this means is that anyone can send email as any assumed identity from anywhere in the world.  I can say I'm the CEO of your company or I can say I'm the Pope when I send you an email and there is no way to confirm or deny it's legitimacy. 

The only way to level the playing field against spam is to upgrade the SMTP protocol beyond the honor system and make spoofing & Forging headers nearly impossible. We will call the new protocol as SMTP v2 and the existing SMTP protocol as SMTP v1.  Unlike some who are suggesting a new SMTP protocol all together which could never be implemented easily, SMTP v2 should be backward compatible to the existing protocol to facilitate a seamless migration. George Ou "Written 2003"

AOL, Yahoo and Goodmail again are the primary targets here! Since they offer no new way of determining spoofed or forged headers which is a fact they will have to admit. If you offer nothing new except charging money, how then have you realistically changed anything? The fact is without changing the protocol or adding something people would be willing to pay for, what is the point? Since they are charging the sender for an express lane for spam this does not seem like a valid approach to anti-spam.

Microsoft Corp. is releasing new versions of its software packages for safeguarding and archiving e-mails and other corporate messages.

Microsoft Exchange Hosted Services, which was known as FrontBridge Technologies before Microsoft acquired that company, comprise of four products that can help companies do things like minimize spam and viruses and archive messages for legal and regulatory requirements.

The revamped product line will be available April 1 in most countries.

The products are offered as a service over the Internet, rather than as software that companies have to install. Web-based offerings are growing in popularity because they can be cheaper and easier for customers to deploy and less cumbersome for software makers to update. Microsoft, which makes most of its money from desktop-bound software like Windows and Office, is trying to make inroads into that field.

Redmond-based Microsoft says the products, which will be sold directly to businesses, are meant to complement other security safeguards that companies have on their premises.

On Tuesday, an unlikely coalition of more than 50 groups, representing some 15 million people, launched a campaign to fight AOL's new pay-to-send email scheme.

In addition to Free Press and Electronic Frontier Foundation, coalition members include Craigslist founder Craig Newmark, MoveOn.org, Gun Owners of America, the Association of Cancer Online Resources, the Humane Society, the AFL-CIO, RightMarch and others.

Cumulatively, these groups count more than 3 million AOL subscribers as members, or in excess of 15 percent of AOL's customer base.

While the organizations occupy almost every corner of the political landscape, we're united in opposition to AOL's plan to make large group e-mailers pay to bypass the email company's Swiss cheese spam filters and get guaranteed delivery to the inboxes of AOL customers.

AOL's Spam on Spam

AOL's pay-to-send plan is the latest media snake-oil scheme, designed to give users the impression of improved service while serving no one but the company’s bottom line.

In fact, the AOL pay-to-send plan could make spam worse. As AOL turns its attention to revenue generating email it has a cash inducement to let its free-to-send service grow increasingly unreliable.

AOL spokesman Nicholas Graham presents his company's new regime as a boon to end-users, stating -- misleadingly -- that a certification system will protect user inboxes from spam. This isn't true. AOL subscribers will receive certified email in addition to the regular traffic that clutters most inboxes.

"We continue to provide exceptional service to all email senders who conform to our antispam guidelines," Graham writes in a rebuttal to our campaign. "In fact, CertifiedEmail serves as a valuable, new standard and threshold for the delivery of legitimate email that will serve as a guidepost for other email senders to follow and adhere to."

Nice try, Nicholas. AOL hasn't solved the spam problem at all; they've merely created a second tier for delivery, one favoring those who can afford to pay AOL's express rate. The other tier -- which has been increasingly compromised by AOL's inability to distinguish honest email from spam -- will remain in place. It may get worse, even, as AOL tries to "incentivise" more users to move from the free lane to their toll road.