D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Email security

 

On Wed, 21 Apr 2010, Julian Hall wrote:

On 21/04/2010 09:30, Gordon Henderson wrote:
If you don't have control of the mail server (and by that I really mean root access), then you're limited to filtering, but you also have to accept that you need to copy all the email off the remote server to your local systems, then filter out the spam as you go.
Not if you use Thunderbird's 'Delete from server' filter action as this deletes mail before it even gets to you.
You think so?

How does it know that the message on the server is spam? The only way it can know is if it downloads the message headers to see if there are any spam-flags set by the server, or downloads the entire message to see if it's "spammy" then it can flag it as deleted on the server without passing it on to you.
So while you may not see the message in the in-box maintained by 
Thunderbird, to do that it's had to download the message (thus using up 
part of your bandwidth allowance) to check for spam, then send the delete 
command to the server.
The net result is that you have paid for the bandwidth used to copy the 
email from the server to your PC running TB, for each message whether it's 
spam or not, and TB has used up your CPU cycles to check the message for 
spam.
I recently had a customer who was targeted by a spammer for some reason or 
other (never got to the bottom of it, but on their insistence, and despite 
my best efforts to persuade them otherwise, they had a wildcard mail-drop 
email address). They were seeing 15,000 emails a day and trying to 
download them all to their local PC which had anti-spam software on it. 
They gave-up after a while because their ADSL line couldn't cope.
So for myself, I've now successfully moved from email client-side 
filtering to server filtering for my own uses and wished I'd done it years 
ago. Now, I can use any email client I like (pine/alpine/webmail/mobile 
phone) and see my email and all my bulk incoming email (spam, automated 
messages, etc.) is filtered into mailboxes on the server. You can't do 
this as you need thunderbird to do the filtering for you, so when you 
access your email from a different system, you don't get the filtering 
benefit - you have a bulky GUI email client, bulked out more with 
filtering code and spam detection when that really ought to be on the 
server where it belongs.
(says the recently procmail converted evangelist ;-)

Gordon

--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html