I'm happier ignoring the world of spam and anti-spam

November 23, 2014

As I've mentioned a couple of times, I'm currently running a sinkhole SMTP server to collect spam samples. Doing this has let me learn or relearn a valuable lesson about anti-spam work.

My sinkhole SMTP server has several sorts of logging and monitoring, including a log of SMTP commands, and of course I can run it or turn it off as I feel like. When I first set it up, I configured it to be auto-started on system reboot and I watched the SMTP command log a lot of the time with 'tail -f'. The moment a new spam sample showed up I'd go read it.

The problem with this wasn't the time it took. Instead the problem is simpler; actively monitoring my sinkhole SMTP server all the time made me think about spam a lot, and it turns out that having spam on my mind wasn't really a great experience. In theory, well, I told myself that watching all of the spam attempts was somewhere between interesting (to see their behavior) and amusing (when they failed in various ways). In practice it was quietly wearying. Not in any obvious way that I really noticed much; instead it was a quiet drag that got me a little bit down.

Fortunately I did notice it a bit, so at a couple of points I decided to just turn things off (once this was prompted by a persistent, unblockable run of uninteresting spam that was getting on my nerves). What I found is that I was happier when I wasn't keeping an eye on the sinkhole SMTP server all the time, or even checking in on it very much. Pretty much the less I looked at the sinkhole server, the better or at least more relaxed I felt.

So what I (re)learned from all of this is that not thinking very much about the cat and mouse game played between spammers and everyone else makes me happier. If I can ignore the existence of spammers entirely, that's surprisingly fine.

As a result of this my current approach with my sinkhole SMTP server is to ignore it as much as possible. Currently I'm mostly managing to only check new samples once every few days and not to do too much with them.

(I probably wouldn't have really learned this without my sinkhole SMTP server because it has the important property that I can vary the attention I pay to it without any bad consequences for my real mail. Even running it at all is completely optional, so sometimes I don't.)

Written on 23 November 2014.
« The effects of a moderate Hacker News link to here
Using the SSH protocol as a secure transport protocol »

Page tools: View Source, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Sun Nov 23 02:26:43 2014
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.