As per discussion at the meeting tonight, here's all you need to have sendmail have a "catchall" email account so you can, on a whim, create unique email addresses for places you give your email address out to.

#cat /etc/mail/virtusertable ... trevor@tecnopolis.ca trevor ... @tecnopolis.ca trevor

So you must list all your normal local users manually as per the trevor@ line (not sure if there's an easier way to do this), and the last line says match any user I didn't already specify.

You'll also need in your sendmail.mc: FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl

No other work required. No work required each time you give out a new address. Everything just goes into the normal inbox (trevor).

Now when you start seeing 100 emails a month going into your spam inbox to hydrowhyareyouspammingme@tecnopolis.ca when you only ever gave that email out to hydro, you'll know something is fishy, and you know who to blame.

As we said at the meeting, you almost certainly want to use with these ideas: greylisting bayesian filtering

Using the above techniques I get less than 3 spams a week showing up in my inbox, even though I get at least 5k spams a week. I get roughly 3 non-spams a week "false positive" into my "low probability spam" box. I get maybe 3 non-spams a *year* into my "high probability spam" box. Unlike some people, my main goal isn't to never see spam, it's to never have a false positive dropped irretrievably by something outside (or even inside) of my control.

Of course, my ~10 year strong .hammiedb spambayes "learned" ruleset file (binary, berkley db) is up to 326MB. A significant chunk of that has to page in on every email reception.

I don't use them, but it might also help some people to use: spamassassin RBL's