Hi! You may have noticed that we have some new spam filtering software running on mail.webwizardry.net! I'm still tweaking the settings a little, but here's generally how it works:
First, we are still using various DNSRBLs to block anything sent from known spam sources. In a typical week, over 1,500 connection attempts are blocked. Since the messages are rejected before even looking at them, there's no way to know for sure exactly what all of these are; most likely this is significantly higher than the number of messages that would actually be delivered if they weren't getting blocked here, but this should give you some idea what kind of volume we're dealing with.
Second, a custom script takes a second look at the IP address and hostname of the server that sent the message, and how that server identified itself. If these look suspicious, the message is rejected.
Third, software called MIMEDefang fixes any technical problems with the message encoding, to make it less likely that a malformed message will cause problems with your e-mail software. Some suspicious-looking messages may be deleted without notification, i.e. you won't see the message but it won't bounce back to the sender either. I am still adjusting the configuration for this.
Next, the message is scanned for viruses with ClamAV. ClamAV also detects some other malicious content, like phishing scams. Compressed archives (such as .zip files) will be scanned. Messages containing viruses will be quarantined in a folder only I have access to; you will not see them.
Then, MIMEDefang looks at message attachments, and blocks attachments that meet certain criteria. In particular, attachments named with certain extensions such as .exe or .scr will be blocked. These attachments could contain viruses, even if ClamAV didn't recognize them. You will still receive the e-mail, but in place of the attachment, you'll get a message saying the attachment was removed because it "constituted a security hazard". If you see this on legitimate messages, please let me know.
Finally, SpamAssassin analyzes the content of the message to see whether it looks like spam. SpamAssassin looks at various criteria, such as whether the message mentions "V1AGRA" or the subject line contains random numbers or the sender has sent legitimate messages in the past, and calculates a score indicating how likely it is that the message is spam. If the score totals 5.0 or higher, a report is attached that explains the technical reasons why the message was marked as spam, and the message is moved into a Quarantine folder for your review.
Write your Congressman. Spammers are creative, and no software can correctly identify all spam. The only effective solution is for Congress to earmark funding for the FBI to investigate and prosecute spammers. Some progress is being made here already, and there is international cooperation, but it's not enough yet.
Aside from that, just delete it. Or, use SpamCop to report it to the responsible ISP. I will work on adjusting the filtering later, but for now, this is the best you're going to get.
A new folder called Quarantine has been created for each user. E-mail messages that are identified as spam will be delivered here, instead of to your Inbox, and a report will be attached that lists the technical reasons why the message was identified as spam. Since it is possible for legitimate mail to be incorrectly marked as spam (this is called a "false positive"), you should check your Quarantine folder periodically. If you do find that legitimate mail has been quarantined, let me know.
If you are using IMAP or webmail, you've probably seen your Quarantine folder already. If not, look for a "Subscribe/Unsubscribe" option in your e-mail client; you may need to subscribe to the Quarantine folder.
If you are using POP3, you can use webmail at http://mail.webwizardry.net/ to access the Quarantine folder. You might want to consider switching to IMAP; ask me how.
If you are using pine, talk to me. If you're using some other weird UNIX e-mail thing that does not use IMAP, you're on your own - I'd suggest using webmail, but if you didn't hate webmail, you wouldn't be using some weird UNIX e-mail thing.
You can delete the spam in your Quarantine folder, and move messages between other folders. However, please do not delete the Quarantine folder itself.
If you tried to send mail to someone with a webwizardry.net account and your message bounced, it could be because of overzealous spam filtering. To fix it, we need to know the actual error message that your mail server got when it tried to deliver the message to mail.webwizardry.net, the date and time you tried to send the message, and if the error you received has a date and time on it anywhere, please include that too.
If you have a webwizardry.net account and tried to send mail to someone else, and your message was immediately refused (i.e. an error message popped up in your e-mail program saying you couldn't connect to the server to send the message - not an error message you received in your Inbox from MAILER-DAEMON), make sure your e-mail client is configured to use SSL/TLS encryption and password authentication for SMTP. If you know your IP address, look it up at RBLs.org to see if it's on any blacklists we might be using. If you're on a dialup connection, try disconnecting and reconnecting to get a different IP address, and if that fixes the problem, please let us know the IP address you were using that didn't work, as well as the date and time you tried to send the message (see below). If you don't know your IP address, or you are on an internal IP address (e.g. something that starts with 10 or 192.168), the exact date and time will do.
If your computer is set to synchronize its clock automatically over the Internet, please use the exact time (including seconds) on your computer's clock. If your computer does not synchronize its clock automatically, or if you're not sure, please check time.gov for the exact time. This is important because in order to fix the problem, we need to find information about why your message was rejected in the mail server log, and there are literally thousands of entries in the log every week. Without knowing the exact date and time the error occurred, it's impossible to find your specific error, and if we can't find it, we can't fix it.