Blah, so I get a large amount of spam comments and trackbacks to my blog and I go over them and mark them as spam regularly. They don’t appear on the site, they just end up in my attention queue and I need to deal with them and take care of the occasional “true” comment as well.
When I do this I press the Awaiting Moderation (15) link (assuming I have fifteen comments awaiting), select them all and then press Mark As Spam and I’m fine.
Right now I managed to error. I didn’t press the awaiting link and then I had the list of all comments shown and since there were many comments I got to see the last 20 comments or so. I selected them all (all comments on that page) and marked them as spam. Whaaaaaa. Pain! That was not very clever! Several legitimate comments now went down the drain and…
There’s no way to restore them, there’s no undo the deletion, there’s no “oh wait these aren’t spam really” way.
Grrrr. So guys, if I removed one of your comments you should know that I’m sorry. I really am. I’ll try to improve…
I get a fair share of spam. I have something like 10 working private email addresses, I’m listed as recipient in numerous email aliases and they all end up in the same physical mailbox where I read them. I’ve also had my existing emails for many years and I’ve shown and used them publicly on the internet all the time. I’m a major spam email target now. A good day I get just 2000 spams, but bad days I’ve been well over 13000 spam emails.
I’ll describe how I have things setup, not as much as to inspire others but more to be able to get feedback from you on how I can or perhaps should improve my setup to get an even better email life.
I consider all mails with spam points >= 3 to be spam. I’ve also tweaked my spamassassin user_prefs to be harsher on (pure) HTML mail and a few other rules, and I’ve added a couple of my own rules to catch spams that previously did slip through a little too easy.
First, I filter out mail from trusted mailing lists that have their own antispam measures.
I catch what appears to be bounces (I have a huge regex) and if it looks like a bounce to an address I don’t send email from I nuke it immediately (and those could be a true bounce are saved in a dedicated mbox)
I have a white-list system that marks all incoming mails from previously marked friends as coming from a friend.
Mails from non-friends are passed through spamassassin. Those with spam points higher than N are put in the ‘hispam’ folder – of course with the intention that these are very very very unlikely to every have any false positives and can almost surely be deleted without check. N is currently 10 but I ponder on lowering it somewhat. Spams with less points than N are put in the ‘spam’ folder, and I need to check that before I kill it because it happens that I get occasional false positives that end up there.
So, mails that aren’t from friends (or from a trusted mailing list) and aren’t marked as spam are then stored in the ‘suspicious’ mailbox
Mails from friends or from trusted lists go directly into my mailbox, or into a dedicated mailbox (for lists with somewhat high traffic volumes).
Oh, a little additional detail: I “mark” my own outgoing mails with an additional custom header with no point whatsoever but to be able to detect when someone/something sends me mail using my own address…
My weakest point in all this right now is the fact that I don’t spam-check white-listed mails at all, so spams that are sent to me using my friends’ email addresses go through and annoy me.
BTW, I did use bogofilter in the past and for a while I actually ran both in parallel (both trained with rougly the same spam/ham boxes for the Bayes stuff) but quite heavily testing I performed at that time (a few years ago) showed that spamassissin caught a lot more spams than bogofilter, while bogofilter only caught a few extra so I dropped it then.
