Ever had the feeling you are drowning in spam? Over recent weeks the problem has been growing almost exponentially on some of my accounts. So over the Easter weekend I decided to do something about it. Inspired by some of the comments to Russell Beattie’s recent rant, I have installed Active Spam Killer (ASK) on my server, with very gratifying results. So far no spam has got through after three days’ running, and no real messages have been rejected. Now the bouncing mulberry in my dock no longer fills me with dread.
ASK supplements filtering with a challenge-response authentication approach. In brief, your smtp server passes incoming mail over to ASK, which looks to see if the sender is known (by checking a user-maintained ‘whitelist’ and ‘blacklist’), in which case it either delivers or rejects the message as appropriate. If the sender is not known, a message is sent to the sender asking them to simply hit the reply button and send the message back by way of confirmation. When the confirmation reply is received, the original message is delivered.
I have Exim running as my MTA. ASK sits alongside this very happily: there was no need to tinker with Exim’s configuration or ACLs. All that was needed to have them work together was a pipe call to ASK in my .forward file. This is neat: you can have Exim do all kinds of straightforward filtering through the .forward file before calling ASK. It could even invoke SpamAssassin to mark messages and then have ASK modify its response according toe the ‘spam level’.
Installation was a breeze. ASK is a suite of Python scripts which you can install wherever you like (we are talking *nix here). It put it into my (personal) home directory. There is a simple, well-commented configuration file you need to edit. Setting up an initial whitelist was helped by a provided script which extracts sender email addresses from any mailbox: my INBOX had over 1000 pukka messages—a good start!
I ignored the Mac OS X-specific advice in the documentation, as it didn’t make sense for my installation. What I did have to do was set up a symlink in /usr/bin from Python2.2 (which ASK expects) to Python2.3 (which OS X 10.3.3 provides). Don’t ask me why—I don’t do Python.
So, does it work? In short, yes: very well. Easter weekend was a good time to set it up: I had some time to monitor the Exim and ASK logs in real time. There was plenty of spam coming in but not much real mail, so little chance of missing anything important. All the same, there were a few regular mailshot senders I needed to add to the whitelist, but I think I have them all now.
Is it better than simple filtering? Yes, it certainly seems more effective. My University account gets rather more spam than my other accounts (over 1000 messages a week). The University uses Exim plus a filter (probably SpamAssassin or similar) which passes about 95% of spam into a junk mail folder, but that still leaves a fair amount to pollute my inbox.
I have commented previously on spam as an invasion of privacy. As such, I believe active measures such as ASK’s challenge-response approach are wholly justified and worth the effort.
