você está aqui: Home  → Arquivo de Mensagens

Antispamming

Colaboração: Rubens Queiroz de Almeida

Data de Publicação: 07 de Novembro de 1997

Spamming, ou a prática de se enviar numerosas mensagens anunciando produtos comerciais, é a atual praga da Internet. É raro o dia em que não recebo mensagens de alguém anunciando algo ou tentando ensinar como ganhar dinheiro rápido.

O autor do servidor de listas, petidomo, escreveu um pacote chamado mapSoN, que provê mecanismos para filtrar possíveis mensagens deste tipo.

Em anexo, segue o documento descritivo do programa. O pacote e toda a documentação podem ser encontrados em http://www.petidomo.com/mapson/.


mapSoN: How does it work?

Unfortunately, the times when you could read your mail without any filtering mechanisms seems to be over. Over the years, the number of unsolicted commercial e-mails I receive per day has increased dramatically. Today the average for me personally is something like 15(!) spam mails per day. What means, that I can hardly afford not to read my mail for several consequetive days, or I'll have to wade through a hundred of them, trying to find any <em>real mail</em> that someone might have sent me.

So I decided that the time was ripe to change that. Unfortunately, the filter mechanisms in existance today are not too sophisticated. Most spam filtering tools I've seen so far are based on procmail, or a similar tool, and use a list of keywords or addresses to drop unwanted junk mail. While this might be nice to filter mail from known spam domains like "cyberpromo.com", or "bulkmail.com", it won't catch most of the spam one receives, because the addresses are faked, the headers are manipulated and the contents of the mail itself is not predictable.

That's why I wrote mapSoN, which combines the keyword-filtering mechanism with an, in my humble opinion, pretty good algorithm to keep unwanted mail out of your folder.

mapSoN must be installed as filter program for your incoming mail, usually by adding an appropriate entry to your $HOME/.forward file. This means that mapSoN will get all your incoming mail and it will decide whether or not to actually deliver it to your mailbox.

To do that, it uses three criteria. First of all, an user defined ruleset is checked against the mail. If any keywords or patterns match, the mail will be dealt with according to your wishes. This is useful to drop some sender's mail completely, or to sort mail into different mail folders.

If no rule matches the mail, mapSoN will check whether the mail is a reply to an e-mail you sent, or whether it is a reply to a USENET posting of yours. If it is, the mail will always be delivered.

If no signs of a reply-mail can be found, mapSoN will check whether the sender stated in the <code>From:</code> header has sent you mail before. If he has, the mail will pass. If this is the first time you receive an e-mail from this address, though, mapSoN will delay the delivery of the mail and spool it in your home directory. Then it will send a short notice to the address the mail comes from, which may look like this:

  From: Peter Simons &lt;simons@petidomo.com&gt;<br>
  To: never_mailed@me.before<br>
  Subject: [mapSoN] Request for Confirmation
  
  Hi,
  
  a few seconds ago I have received your electronic mail. I notice that
  this is the first time you're trying to contact me via e-mail, and I
  have a little procedure set up that protects me from unwanted junk
  mail. This is why the mapSoN tool has delayed the delivery until it
  receives a confirmation from you, by which you certify that you're NOT
  sending me any unsolicted commercial stuff.
  
  To confirm this, simply reply to this automatic e-mail and make sure
  you include the following line in your reply:
  
  mapSoN-Confirm-Cookie: <some_weird_cryptographic_cookie>

You may quote the line, if that's more comfortable for you, the mapSoN tool will recognize the confirmation anyway.

I am sorry for the extra effort, but unfortunately the amount of junk mail I receive has made this preparative necessary. My tool keeps track of who has sent me e-mail before and you won't see this notice again.

You can customize the mail text according to your wishes, preferred language or personal taste of spelling, this is just the default text.

The person who tried to contact you will then reply to this "request for confirmation", citing the cookie stated in the mail. When your mapSoN receives this confirmation mail, it will deliver the spooled mail into your folder. Furthermore, the address will be added to the database, so that mail from this person will pass directly in future.

If no confirmation mail arrives within a certain time, mapSoN can either delete the spooled mails, or send them to a special folder, or whatever you prefer.

The mechanism is simple but efficient: Somebody who replies to an e-mail or an USENET posting of your, will have his e-mail delivered to you immediately. Somebody who knows you already and has exchanged e-mail with you before, will also not notice any delays.

Somebody who sends you an e-mail for the first time, will have the slight inconvenience of having to reply the request for confirmation once, what can be automated, by the way, using procmail or a similar filter. Spammers won't be able to confirm the request mail, though, because they almost always use a faked, non-existant address, so the request for confirmation won't reach them.

That's how it works.



 

 

Veja a relação completa dos artigos de Rubens Queiroz de Almeida

Opinião dos Leitores

Seja o primeiro a comentar este artigo
*Nome:
Email:
Me notifique sobre novos comentários nessa página
Oculte meu email
*Texto:
 
  Para publicar seu comentário, digite o código contido na imagem acima
 


Powered by Scriptsmill Comments Script