Making this the first test in the sorting application reduced the system load
enough that other work could be done while the system was discarding email.
2.5.1 Subtracting with logs
One trick that reduces spam-bot email is greylisting. This technique refuses
email from a new sender with a ”temporary mail failure” message. The greylist
milter waits a given length of time (usually about 1/2 hour) before the email
from a new site will be accepted.
The justification for this technique is that legitimate email processors will
accept a temporary failure for an email server and will retry. The spam-bots
will either give up after one attempt or the user may turn the machine off before
the retry interval elapses.
When I first installed the greylist milter on my mail server it reduced the
spam count to about 1/10’th the amount of spam I had been receiving.
The commonly used greylist milter provides an easy to read ASCII log that
includes the name of systems that have attempted to deliver email, the time of
It’s simple with Tcl to read that file and look for sites that have tried multiple
times to send email to many different addresses (legit and otherwise). These
sites (particularly ones trying to send to invalid addresses) are probably spam
bots.
It’s nice to not receive spam email, but it’s even nicer to not even have to
process it. Most Linux and Unix systems have firewall support that allows the
system to reject any connection from a host.
The Tcl exec command provides a simple way to add a firewall rule that
will drop any future connection from a given IP address. This reduces the load
on the email server (it doesn’t need to process data) and potentially crashes the
spam-bot.
After a couple hours the IPTables rules are removed. If a site is actually
legit, but being misused (for instance, an ISP that has had a number of cus-
tomer’s machines become infested), email will be received from that site again
(until the site goes rogue again).
3 Mr. MUA Check and see - is there some email,
some email for me?
These techniques work for reducing the amount of email that gets into the
system, but eventually a user would like to read the email that’s been sorted,
folded, spindled and mutilated.
The mail read/sort application puts the email into individual files using the
in Unix Mail format based on the sort criteria. All of the files go into the same
folder.
Since the only files in this folder are mailboxes, a data-driven GUI can be
built to provide a simple MUA to access the mail. The GUI learns what to put