Foreward
California.com encourages ethical advertising
and business practices. To that extent, if you're going to advertise
your business on the internet, either using, or hosted by California.com,
you should read RFC 3098 and adhere to
its guidelines. This will ensure you step on as few toes as possible,
and most importantly, that you don't spam, which can cause you to
loose your account with California.com. You
should read our TOA as well, as California.com has an active
policy prohibiting spam.
RFC 3098 has several good reasons why
you shouldn't spam, and I'll give you another, we impose a hefty
"clean up cost" on customers of ours who do spam. This
is the cost of the time the administrators of California.com have
to spend to resolve complaints, delete your accounts, cleanup your
mailbox, and deal with possible blacklisting that needs to be resolved.
If you don't understand the cost of spam before you send it, I guarentee
you'll understand the costs when we terminate your account.
Now that it's been established that we do not support spam, we
do try to filter it from our customers mailboxes, so without further
ado...
Topics
How
we filter
| California.com's Mail Server employs
several spam blocking methods outlined below to prevent incoming
spam from reaching the server, and reaching users of California.com.
I'll first outline the filters, then what necessitated them. |
 |
- Internal Blacklists
- The first line of defence against spammers is a blacklist
maintained on the mail server itself. This list is not queryable
by the public, and is maintained solely by the staff of
California.com. Nominations to this list are made either
by persistent abuse of the mail server (which trips a script
monitoring the mail logs) or abuse of the staff or customers
of California.com. This list consists solely of mail servers,
and not individual addresses. If you were blocked based
on the internal list, it's not personal. We don't block
individual addresses, only servers seen to be a major spam
problem.
- DSBL.org
- We use DSBL's confirmed list (list.dsbl.org) as a supplement
to our internal blacklists. This contains a variety of different
kinds of spam hosts, open proxies, and open relays, but
all hosts are listed based on test results. IE: it's nothing
personal if you're listed, you're just (probably accidentally)
aiding spammers.
|
 |
- Spamhaus
Block Lists
- To keep out as much spam as possible, outside lists identifying
known spam sources are a necessity. Minimizing false positives
is however a high priority that fits well with the goals
of the SBL.
|
 |
- Clam Antivirus
- Clam Antivirus is a GPL virus scanner that guards against email borne viruses by scanning all mail for virus signatures at delivery time. There is a delay between when a virus is released, and when a signature can be created, so this scanner won't catch everything, and emails that are virus infected that make it into your inbox won't be automatically removed when the definition is created.
|
Why
we filter
These layers of protection should come as no suprise to most people,
but some clarification is needed as to exactly why we chose to implement
these filters in this order and in the way we implemented them.
- 1. Time
- Think about the amount of time you spend sorting through your
mailbox each day, throwing out the spam messages, searching for
genuine business leads, or other emails useful to your business.
We do this too of course, and frankly, it's a drag on business.
How many times have you spent more time sorting spam out of your
mailbox than you have actually reading the messages you received?
- 2. Money
- All Internet Connected companies pay for bandwidth in some way.
Some sites pay by the gigabyte per month, some pay for the capacity
of their lines. In either case, the cost is directly associated
with the amount of traffic that is passing (or can pass) over
the connection. Spam increases the load on these connections without
the consent of the receiver, effectively increasing the bill for
internet connectivity, while providing NO BENEFIT to the company
paying the increased bill.
- Also, think about the Time you spent from #1, sorting your email,
and potentially reading spam because it wasn't so easy to figure
out that it was spam... that time has a value to your company.
Time is money right?
- 3. Customer Input
- I've heard several complaints from businesses claiming not to
be spamming, and asking why we blacklisted them. The answer is
really quite simple in most cases, I asked our customers, or received
complaints from our customers. You see, this isn't a one way street.
Spamming to advertise your business will definately get name recognition
of your business out there, it just may not be the kind of recognition
you want.
- 4. Societal Input
- Take a look at the Spam in the Media section
of this page. Notice a trend? The news reports on spam are coming
faster and faster these days as more action is being taken against
spammers. Spamming is decreasing the usability of banner ads,
popups, and legitimate newsletters on the internet, as many are
being filtered, blocked, or ignored thanks to the scammers who
have taken advantage of the medium. Spam costs aren't just money,
it's also trust that's being lost, and very quickly.
The problem is that spammers themselves never bear the real costs
of spamming. The costs are borne exclusively by the recipient, and
hence the term "cost shifting," which you may hear a lot
when referring to spam. Spammers themselves are only sending out
traffic which they see as beneficial to them, and hence the costs
we as members of the internet community bear as unwilling recipients
of that traffic aren't taken into account.
How
can I filter my California.com mailbox?
If you want to enable the content filtering (which is off by default)
you can enable it on the server, or a client side mail program.
If you're going to use this type of filtering, we recommend doing
it on the server, as it saves disk space, and makes the process
transparent to you once it's setup. The changes will also survive
you changing mail programs, using the webmail
interface while on the road, etc.
Server Side Filtering
California.com's server side filtering uses a feature of our mail
server known as "Rulesets" which are extremely flexible
mail processing rules. To make things easier, we have created a
script which automatically adds the appropriate rules to your account
for you. As an improvement over our earlier version, you can now change these settings directly from your webmail account. Log into webmail to take advantate of these new anti-spam features.
The technology that makes these filters possible is a feature of
CommuniGate Pro called Rulesets. These rulesets are very powerful,
and care must be taken to ensure you don't inadvertently tell the
ruleset processor to do something you really don't intend. Since our script creates the anti-spam rules you need, it is not nessisary for you to use these rules directly, however, we have created a primer on using rulesets, in case you want to write your own.
For a primer on
using rulesets, click here.
Client Side filtering
Some mail programs have equivalent features that allow you to filter
email on the client side. We don't really recommend this option,
as it can be technically complex, but as with Server Side filtering,
basically you're looking for a header in the email that says how
likely that email is to be spam.
| X-Spam-Flag: YES |
SpamAssassin has marked this email as spam |
| X-Spam-Status: Yes, hits=xx.x required=5.0 tests=xxxxxxx |
This email has been marked as spam, hits=xx.x is the score,
a score of 5 is required, and here are the tests that were matched
against this spam. |
| X-Spam-Level: ======= |
This is a bar indicator of the "hits=xx.x" field
in the previous header. It's convinient to filter on this header
because you can easily set the sensitivity. |
Spam
in the Media
(Articles in red are no longer availible)
Found a news article we should feature
here?
Email chales+spamnews@california.com
with the story!
Non-Media
Viewpoints
|
