I’ve run a small web and mail hosting business on the side for around a decade. The hosting platform I use (cPanel) comes with spamassassin and support for a couple of real-time blacklists (zen.spamhaus.org and bl.spamcop.net) built in. On top of that, I’ve compiled in Razor, DCC, and ClamAV.
But with spam control settings set to their highest levels, I’ve struggled over the years to keep fall-through spam from reaching the mailboxes of my power users – the spammers just move too fast, are too crafty. Spams that look the same from day to day actually have quite different signatures, and manage to evade my arsenal of tools. It’s been incredibly frustrating.
A few months ago, I came up with a set of techniques to let desktop mail clients train the server-side Bayes database about what’s spam and what’s ham. That worked well for a couple of months, but eventually the Bayes dbs became polluted with false hits (probably a result of users incorrectly marking / not marking messages). Is it even possible to operate as an organization smaller than Google and still guarantee low spam levels for users?
Real-time blacklists (RBLs) tap the hive mind – the collective judgement of thousands of human users spread around the world, marking ham and spam every minute of every day. When all of those judgements are collected into a single, continuously evolving database that any host can tap into, it should be possible to create an almost perfect blockade. We know that Akismet has made their RBL work amazingly for weblog comment spam (as I write this, Akismet claims to have blocked 54 million comment spam today alone).
RBLs always seemed like the smartest way to go, but spamhaus and spamcop sure weren’t getting the job done. Doing research in the cPanel forums a few days ago, I discovered that Barracuda Networks, who make a series of firewall appliances for enterprises, maintain their own RBL and provide free access to it for organizations like mine.
Decided to give it a whirl and was blown away. Within 24 hours, the amount of un-tagged spam getting through to my users had dropped to a trickle. I haven’t found an anti-spam tool this effective since… ever. It took almost no effort to set up, and will require almost no effort to maintain in the future. Super stoked.
To the great engineers at Barracuda: The internet thanks you.
Update: A couple of months later, I no longer feel quite so positive about Barracuda. Yes, it’s definitely a help, but not the silver bullet I called it above. I do keep Barracuda running, but overall, spam numbers are worse than ever, and there’s tons slipping through that neither SpamAssassin nor Barracuda are catching.