Forget what I wrote yesterday. I was going to post the stuff I wrote in Ohio when I realized it isn’t all that good, it’s definitely not useful, and the people who annoy me the most are the people who can’t get over themselves. No one cares what I ate for breakfast, and the only people who care what went on in Ohio already know.
So here’s something useful instead. It’s the coolest thing I’ve found all year. Maybe all decade, for that matter.
Spam begone. I hate spam. It wastes my time and my bandwidth and, ultimately, my money. I’ve seen some estimates that spam costs ISPs as much as $5 per month per account. You’d better believe they’re passing those losses on to you.
There are tons and tons of anti-spam solutions out there, but most of them run on the mailserver side, so for an end-user to use them, they have to set up a mail server and either use it for mail or run fetchmail to pull the mail in from ISP’s mail servers. I’ve done that, but it’s convoluted. But that’s trivial compared to setting up the anti-spam kits.
I was crusing along, vaguely happy, when my local mailserver developed bad sectors on the hard drive, so one day when I went to read my mail, I heard clunking noises. I turned around, flipped on the power switch to the server’s attached monitor, and saw read errors. Hmm. I hope that mail wasn’t important…
Eventually I shut down my mail server and put up with the spam, hoping I’d come up with a better idea.
I found it in a Perl script called disspam.pl, written by Mina Naguib.
It took a little doing to get it running in Debian. Theoretically it’ll run on any OS that has Perl installed. Here’s what I did in Debian:
su (to become root)
apt-get install libnet-perl (Perl couldn’t see the network without this, so the next command in this sequence was failing. This hopefully isn’t necessary on other distros, as I have no idea what the equivalent would be.)
perl -MCPAN -e shell (as per readme–I accepted the defaults, then when it asked for CPAN servers, I told it my continent and country. Then it gave me 48 choices. I picked a handful at random, since none were any more obviously close to me than others.)
install Net::POP3 (as per readme)
quit
cp sample.conf disspam.conf
chmod 755 disspam.pl
Next, I loaded up disspam.conf into a text editor. It looks just like a Windows-ish INI file.
The second line gives me an exclude list. It’ll take names and e-mail addresses. So I put in a few important names that could possibly be blocked (friends with AOL and Hotmail addresses). That way if their ISPs ever misbehave and get blacklisted, their mail will still get to me. Then I popped down to the end of the file and configured my POP3 mailbox. I had an account I hadn’t read in a week, so I figured I’d get a good test. Just drop in your username, password, and POP3 server like you would for your e-mail client. If you have more than one account, copy and paste the section.
Bada bing, bada boom. You’re set. Run disspam.pl and watch. In my case, it flagged and deleted about a dozen messages, typical of what I usually get, like mail offering me Viagra or access to horny cheerleaders or how to find out anything about anyone (which I already know–I have a journalism degree). The only questionable thing it flagged was mail from MLB.com. I can’t get off their mailing list ever since I voted online for the All-Star game. No importa, I never read that mail anyway. I could have always added MLB.com to my exclude list if what they had to say mattered to me.
But if you’re like me and get lots of mail–that was my less-busy account–and about half of it is spam, that stuff’s going to scroll by really fast. So here’s what I recommend doing: when you execute disspam.pl, use the following command line:
~/disspam/disspam.pl ~/disspam/disspam.conf >> ~/disspam/disspam.log
Then you can examine disspam.log. If disspam ever deletes something it shouldn’t have, you can add the person to your exclude list and e-mail them to ask what they wanted. It looks to be less work than deleting all that spam. Probably less embarrassing too. Have you ever accidentally opened one of those horny cheerleader e-mail messages when there were people around? Yikes!
I fired up Ximian Evolution, pulled down my mail, and had 15 new messages. No spam. None. Sweet bliss.
It’s just version 0.05 and the author considers it beta, but I love it already.
Unix’s power allows you to string simple tools together to make powerful ones. Here are some suggestions.
You can e-mail the log to yourself with these commands:
mail -s disspam [your_address]
rm ~/disspam/disspam.log
If you want the computer to do all the work for you, here’s the command sequence:
cronttab
Then add these entries:
0 0 * * * mail -s disspam [your_address]
* 0 * * * ~/disspam/disspam.pl ~/disspam/disspam.conf >> ~/disspam/disspam.log
If you read your mail on the same machine that runs disspam, you can substitute your user account name for your e-mail address and save your ISP a little traffic.
You’ll have to provide explicit paths for disspam.pl and disspam.conf.
The first entry causes it to mail the log at midnight, then delete the original. The second entry filters your inbox(es) on the hour, every hour. To filter more frequently you can add more lines:
* 10 * * * ~/disspam/disspam.pl ~/disspam/disspam.conf >> ~/disspam/disspam.log
* 20 * * * ~/disspam/disspam.pl ~/disspam/disspam.conf >> ~/disspam/disspam.log
* 30 * * * ~/disspam/disspam.pl ~/disspam/disspam.conf >> ~/disspam/disspam.log
* 40 * * * ~/disspam/disspam.pl ~/disspam/disspam.conf >> ~/disspam/disspam.log
* 50 * * * ~/disspam/disspam.pl ~/disspam/disspam.conf >> ~/disspam/disspam.log
This program shouldn’t be necessary for very long. It’s short and simple (4.5K worth of Perl) so there’s no reason why mail clients shouldn’t start incorporating similar code. Until they do, you run the risk of disspam and your mail client getting out of sync and some spam coming through. If you read your mail on a Linux box with an mbox-compliant client like Sylpheed or Balsa or Kmail, you can bring fetchmail into the equation. Then create a .fetchmailrc file in your home directory (name it ~/.fetchmailrc to ensure it goes to the right place). Here’s the format of .fetchmailrc:
poll SERVERNAME protocol PROTOCOL username NAME password PASSWORD
So here’s an example that would work for me:
poll mail.swbell.net protocol pop3 username dfarq password censored
Next, set your mail client to no longer check for mail automatically, then type crontab and edit your disspam lines so they read like this:
* 20 * * * disspam.pl disspam.conf >> ~/disspam.log ; fetchmail (your server name)
In case you’re interested, the semicolon tells Unix not to execute the second command until the first one is complete. If you have more than one mail account, add another fetchmail line.
As an aside, Evolution seems to use the mbox file format but it doesn’t store its file where fetchmail will find it. I think you could symlink /var/spool/mail/yourusername to ~/evolution/local/Inbox/mbox and it would work. I haven’t tried that little trick yet.
But even if you’re not ambitious enough to make it run automatically and integrate with all that other stuff, it’s still a killer utility you can run manually. And for that matter, if you can get Perl running on NT or even on a Mac, this ought to run on them as well.
Check it out. It’ll save you time and aggravation. And since it only reads the headers to decide what’s spam and what’s not, it’ll save bandwidth and, ultimately, it’ll save your ISP a little cash. Not tons, but every little bit can help. You can’t expect them to pass their savings on to you, but they’ll certainly pass their increased expenses on to you. So you might as well do a little something to lower those expenses if you can. Sometimes goodwill comes back around.
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.
