Saying so long to the Dark Side

Published by elburro

At least for my business email. And it’s sad in a way; like an era has passed. Yeah, I know, everybody’s got problems, quit bitchin’. But when eras change, sometimes, somebody makes note of it; other times they just fade away. Yeah, take it Buddy:

“I’m gonna tell you how it’s a gonna be…,..
You’re gonna give your love to me……
Love can last more than one day……
Love a-real not fade away…….
Love a-real not fade away……”

It was 1994 when I procured my first 3-letter domain. I say “procured”, because back then domains were free. Email was text, email was crude, but email didn’t get spammed. At least back in the mid-nineties. And when it first started happening, or when there was just somebody whose email you didn’t want to read, there was a nifty application called procmail, a mail transport agent, an mta that was there to help. Enter a recipe in your .procmailrc and bingo, no more emails from idiots. Oh, the power of the Dark Side.

Everybody knows what happened next, so fast forward to the turn of the century. Hell, fast forward to current times, where entire multi-million dollar ISPs exist that do nothing but churn out spam. Millions of “messages” per hour. And the sad part is, (and I never really understood this part), but if a lot of people weren’t buying fake viagra and penis extenders, the multi-million dollar spam-ISPs wouldn’t exist.

But, knowing all that, we’ll linger around the turn-o-the-century for just a couple of lines or so.

Sometime after the year 2000 I became acquainted with Spamassassin, an open source application. Without getting into a whole long thing, calling the spamassassin app from your .procmailrc caused all incoming emails to be scanned and rated as to “spamminess”. Then a .procmailrc recipe could take certain very spammy emails and delete them, and store slightly spammy emails in a bin where you could check them out for the occasional false positive and pass good mail on to your basic legitimate user. By keeping good mail in one file and spammy mail in another, and running spamassassin’s learning feature on both files, spamassassin would get “smarter” and “smarter” in finding spam.

Hell, for smart people who could use the Dark Side and run procmail and spamassassin, spam was pretty much doomed, right?

Uh, yeah right. Long story short again, but either spammers were figuring out spamassassin, or I just wasn’t as smart as I thought I was, or a combination of the two.

As recently as a year ago, out of the thousands of spams per day which were hurled at my domain, barely one or two ever got past all my “stuff” and ended up in my box or one of my users. But over the past few months, no matter what I do, each user has been getting 20-30 spams per day. Still not bad considering the thousands headed our way, but a major consumer of time, nonetheless. Spamassassin didn’t seem to be working as well, so I was going back to filters involving IP blocks. Lately, in my slightly spammy file, two thirds of them were being “okayed” by spamassassin and were only stopped by manual IP blocks. And since spammers have so many blocks to use, I end up spending an hour or so a day just adding them to my filters. (But lest anyone think I no longer recommend spamassassin, hold your horses. I put the blame on my lack of keeping up.)

This started me thinking. For the last couple of years, I have sporadically had to maintain a webhosting setup for the mother of an acquintance after he unexpectedly died. He had email and scripting setups that were reasonably secure during the mid-nineties, but which lent themselves to being compromised in recent months. When I first went into his site to plug holes, it was a mess. So I started thinking, what if something “unexpected” happens to me? What happens to my business websites and email? Who’s gonna learn all this crap?

Sooooo, I took a little-used domain and tried an experiment. I signed up for “Google Apps Standard”:http://www.google.com/apps/intl/en/business/editions.html . You basically point the MX records of your domain to the gmail filtering and storage system and see what happens.

What happens is no more spam. And it’s pretty easy to set up.

After double checking everything, I decided to move my 3-letter business domain over and give it a try. I tried the free, standard version first (and that’s where I am now) to see how it went. There is another beefier version that you pay $50/year for, so I figured if I still get a lot of spam with Standard, I could upgrade. There’s even a 30 day trial to kick the tires before you make the leap. What makes the $50 Premier edition “beefier” is the ability to turn on Postini industrial strength filtering. You also get a bunch of apps, ability to watch videos on a company intranet, but I won’t get into that stuff. I’m doing this to kill spam. You can also leave your email storage wherever it’s stored now, at your ISP, webhost, etc., and pay $3/year per email address for just the Postini filtering. If for some reason my Standard version test doesn’t pan out, I’ll check out the others. I had looked at Postini before, and I found the interface a little confusing, but basically, it’s giving you similar power to procmail recipes in creating filters, so yeah, it takes a while to learn, even in a GUI.

Anyway, tonight is the end of Day 1 using the free Google mail system for my very spam-infested domain and the results have been pretty startling. Out of several users, exactly one spam got through early on. There are hundreds of others in the various gmail spam bins for my users. Pre-e-e-tty impressive. But we’ll give it a few weeks and see how it goes.

Basically, after signing up, I followed the steps to prove I owned the domain and then put Google’s MX records in my domain. The verification process and the time it took to where the mail was running through Google took about an hour total. Once my mail was running through Google, I turned off the catch-all (actually I think that’s the default) so that all the madeupnames@mydomain.com spam would bounce into nowhere. Then I created a CNAME at my domain so that I could have http://webmail.mydomain.com/ point to the new gmail interfaces for myself and my 3 users.

After that, for the users who use Outlook Express, I downloaded the Google Email Uploader and sent all their messages, contacts and storage up to their gmail interface with its hefty 7 gigs of empty space. A word of caution to anyone who found this post from a search: You have to enable POP mail in the gmail interface before uploading, but *after* you upload it, go into Settings and set it to “Enable POP for anymail received after Now”. Otherwise, when they fire up their Outlook Express, it tries to download a couple hundred megs of their old messages and you have a lotta deletin’ to do. I know, I learned the hard way. Also, depending on how many years of email they want to upload, start it at night and let it run until the next morning. It is slow.

That’s about it. I’ll be checking out some of the other Google Apps. They looked kind of “enterprisy” at first glance, but you never know.

And as far as the Dark Side goes, yeah, I still use it for work, just not as much as when I had to try and outwit the spammers. Most likely I’ll go crazy and start exclusively using mutt & vi from my home computer, but that’s just my crap to sort out.

6 thoughts on “Saying so long to the Dark Side”

  1. Gmail is the sha-zizzle. I’ve simply been forwarding my domain(s) mail to my Gmail account since June of 2004, and as a spam solution, it’s great. I’ve been thinking about going the whole Google Apps route, but all that MX and CNAME stuff gives me butterflies.

    Maybe someday…

  2. Using the Google wizard, it’s all really trivial, but I’m not sure you’d gain anything over what you’re doing now. Google filtering is pretty much sha-zizzley, either way.

    But a scarier thought comes to mind. I’m thinking of upgrading our tivos to HD, with maybe some cable-cards thrown in. Knowing you to be fairly adept technically, I’m guessing that it’s the HD Tivo that is the nightmare I should be avoiding and probably not mention that it’s available around here?

  3. Actually, we did not have HD last Christmas when I bought the Tivo for The Wife, so it’s a basic Series 2. I imagine the problems with Series 3 are truly high definition.

    On the other hand, once I got the darn box to work that first week, it’s been pretty trouble free for nearly a year.

  4. A year? I feel lucky that I haven’t gotten a “how come I can’t see any shows?” call in six months.

    Well, the hd cable box they gave me that I have rigged up in tandem with the Series2 barely works at all. But it works well enough that I could see that Lou Dobbs doesn’t really look any better in high def. So a factory refurbished Series 3 is headed our way. By next weekend I can probably be hearing, “oh great, now the regular channels are scrambled too.” Or maybe I’ll get lucky and it will only break my LAN.

  5. Sounds like we have a similar setup. We use a splitter, and The Wife has the analog signal for her Tivo, while I use the digital signal on the HD cable box. I get a world of channels she doesn’t, plus a sharper picture.

    But she won’t give up her Tivo, nor is she interested in the crippled Comcast DVR. And after spending $900 on one last year ($200 Tivo + $700 TV that would work with it), I’ll be danged if I’ll spend another $500 this year.

    However, I need to get a new router than plays better with my iPhone … but then I’ll have to deal with Tivo’s insane DHCP problems again.

    Maybe I’ll dig out the old VCR

  6. Yeah, same setup with a splitter. When I went to pick up the Comcast hd box, all they had were the dvrs. And they do indeed suck. We basically haven’t been using it and just watch the Tivo, no hd.

    The reconditioned HD Tivo went much better than expected. It takes two cable cards (credit card shaped things that fit into the slots). They replace any cable boxes so I’m losing the rent on the useless Comcast DVR, as well as one of the regular boxes. Of course there’s always the question, “why haven’t I returned the useless Comcast DVR in 4 months.” Anyway, it works for basic cable without tanking my LAN. Comcast comes out on 12/9 to put in the cable cards, with hopefully, no further trauma

    Your router sounds familiar. I’m on my 4th. It ran a little more on the theory that throwing money at something is somehow better. The last three started developing dhcp problems that I couldn’t fix. I’ve had the Linksys WRT300N for 3 years now with no hiccups, even though the reviews were scary after I had already bought it. I’m betting it’s your router and not the Iphone or Tivo. I’m running 5 computers, 2 tivos, a Vonage phone and a Comcast phone off it. Then there’s off and on wireless stuff like palm pilots and laptops.

    Of course all that stuff could be paper weights a few months from now. All our January/February trade shows are approaching, and there’s no guarantee that there will be any buyers at any of them. We could find ourselves watching good old fashioned antenna tv with (maybe) dial-up internet if a depression is coming. I could find myself with a paper hat on saying “welcome to McDonald’s. May I take your order?”.

Comments are closed.