What is being done about spam & spoofing?

Nope.

This is why we have multiple e-mail addresses: 1 for 'registering' everywhere, and whatever comes to it goes DIRECTLY to trash, and a couple others for the 'real' stuff.
I NEVER get any spam to my 'real' addresses.

Do you have a router with a built-in firewall ? I do.

If you can stomach it - if they can do it - have your ISP delete your e-mail account for a week, and everything will get bounced back as it does not exist, most places have software in place to see that and remove your address automatically from their databases, but that only lasts for so long.

 

A local radio news broadcaster swears by Mail Washer. The pro version automatically learns new spam for the trash.

http://www.mailwasher.net/

 

2000? for just you? or for you and others? do you control your own mail server? Or just download it daily from an ISP or hosting company? drop me a line if needed.

 

Not completely sure, but I think there's a way to "black hole" the email on a catch all account so it just gets dropped... so its not filling up an email account. Is there legit mail mixed in there??

FWIW, there are lawyers going after spammers. Its VERY difficult to set up shop spamming people any more. I know a few people that have gotten out of the (super) lucrative business because it was just getting too hard to find an isp that would host them/to evade the ever evolving spam filters.

 

I understand, but how much control do you have on your email server? If you want a small investment to really reduce your spam, look into a barracuda unit (www.barracudanetworks.com), but if it is only control of the email server non-physically, then ditch the catch-all's and make the inbound connection be associated with an account before going any further and accepting the inbound email.

The more specific, the better I, or we, can help.

 

Do you control what address the catchalls are forwarding to? If so, and if you don't want to just drop them completely, try forwarding them to a gmail account.

I have several personal domains that receive a ton of spam, and that's what I did. Google's spam filter is really good, and what does get through can be adjusted with filters. If you still want to receive that email in your normal client, they offer pop3 access to download it.

If you're hosting companies and need a more professional solution, check out the guys at Postini. Up here at work we were receiving several million spam emails a day, mostly to bogus accounts. While we could filter them easily enough, we kept having to buy a bigger pipe to keep working. We outsourced our edge filters to Postini and the difference is amazing. 95% of the email to one of our domains never even hits our servers anymore, and 80% of the other, and our people are very happy with the filtering. (no affiliation, just a happy customer)

re: legal -- sure, there's some folk being shut down, but a majority of this stuff comes from infected Windows machines on home internet connections or from people running spam factories offshore. Good luck getting someone served in Carjackistan.

 

I like iron mail for in house corp solutions and MX logic for outsource solutions.

Iron Mail is heavy to administer for the first couple of week with setting up values and get the white lists going but after that it's a breeze.

MX logic is good because all you and your end users need to deal with are the white list and unblocking accidental blocking of some domains.

 

You hit the nail on the head. The SMTP protocol is seriously flawed and full of GAPING security holes. Mail server software providers could do some VERY simple things to end spam once and for all. Such as, set up a mail server cert (like an SSL cert) whereby the identity of the server owner is authenticated. Then, allow the general public to accept or decline mail that is not signed with a valid cert. Then Microsoft turns it on by default in Outlook/OE and spam virtually disappears overnight. Thats just one approach - there are many many things that could be done to stop the problem. Why it has not been addressed is anyone's guess. Most mail servers run on *nix and are group development efforts. IMO, those small fractured groups do not have the clout to implement/design new standards, but someone like Microsoft does.

There is NO excuse why this problem was not taken care of YEARS ago. Same goes for Spyware - MS Windows is wide open and the fact we need anti-spam, anti-spyware, anti-virus, anti-popup, anti-trojan software is ridiculous!