[RndTbl] email catchalls for spam tracking

Trevor Cordes trevor at tecnopolis.ca
Wed May 13 00:58:12 CDT 2015


As per discussion at the meeting tonight, here's all you need to have
sendmail have a "catchall" email account so you can, on a whim, create
unique email addresses for places you give your email address out to.

#cat /etc/mail/virtusertable
...
trevor at tecnopolis.ca	trevor
...
@tecnopolis.ca		trevor

So you must list all your normal local users manually as per the
trevor@ line (not sure if there's an easier way to do this), and the
last line says match any user I didn't already specify.

You'll also need in your sendmail.mc:
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl

No other work required.  No work required each time you give out a new
address.  Everything just goes into the normal inbox (trevor).

Now when you start seeing 100 emails a month going into your spam inbox
to hydrowhyareyouspammingme at tecnopolis.ca when you only ever gave that
email out to hydro, you'll know something is fishy, and you know who to
blame.

As we said at the meeting, you almost certainly want to use with these
ideas:
greylisting
bayesian filtering

Using the above techniques I get less than 3 spams a week showing up in
my inbox, even though I get at least 5k spams a week.  I get roughly 3
non-spams a week "false positive" into my "low probability spam" box.
I get maybe 3 non-spams a *year* into my "high probability spam" box.
Unlike some people, my main goal isn't to never see spam, it's to never
have a false positive dropped irretrievably by something outside (or
even inside) of my control.

Of course, my ~10 year strong .hammiedb spambayes "learned" ruleset file
(binary, berkley db) is up to 326MB.  A significant chunk of that has to
page in on every email reception.

I don't use them, but it might also help some people to use:
spamassassin
RBL's


More information about the Roundtable mailing list