Hack and / - Spam: the Ham Hack
I know plenty of people use whiz-bang graphical e-mail programs, and many of them also have fancy buttons and icons that flash when e-mail might be spam. Well, if you didn't already know from my prior columns, I'm a big fan of mutt, and I didn't want to be left out of all these fancy spam-managing techniques. Once again, mutt's powerful customization comes to the rescue.
Although I do have spam filters set up on my personal account, sometimes messages get through my defenses. It's always a delicate balancing act when you tweak your spam thresholds, so I not only wanted to see how close spam that made it through was to the threshold, but I also wanted to know if any of my legitimate e-mail was close.
I have SpamAssassin configured so that it adds the score to my e-mail headers via the custom X-Spam-Status header. Let's say that my spam threshold was a score of 6; I then set up two rules: one to color any messages with a score of 2 or 3 red and another to color messages with a score of 4 or 5 bright red. That way, both types of messages would stand out—especially the messages right on the tip of my threshold. Here are the folder-hook rules I added to my mutt config:
folder-hook . "color index red default '~h ↪\"X-Spam-Status:.*score=(2|3)\.\"'" folder-hook . "color index brightred default '~h ↪\"X-Spam-Status:.*score=(4|5)\.\"'"
Now, like many people, I have a special spam folder set aside so I can train SpamAssassin. I go in there from time to time to look for any false positives, so I also wanted to highlight any messages that were right above the threshold. The following rule colors any messages that have a score of 6, 7 or 8 magenta:
folder-hook . "color index magenta default '~h ↪\"X-Spam-Status:.*score=(6|7|8)\.\"'"
Now, whenever I go through my inbox and see a message with a suspicious Subject line, if I notice it's colored red or bright red, I might not even bother to open it. Because I know it's close to the threshold, I simply can move it to my spam folder. In mutt, you can do this with just a few keystrokes, but of course, that doesn't stop me from automating it a bit further. After all, why do a few keystrokes when I can bind the S key to save to my spam folder automatically? All I had to do was add the following to my mutt config:
# make S automatically save spam to the spam folder macro index S "simaps://mail.example.net/INBOX.spam" macro pager S "simaps://mail.example.net/INBOX.spam"
Of course, change imaps://mail.example.net/INBOX.spam so that it points to the spam folder on your IMAP server, but once you do, you either can press S to save an individual message to the spam folder or you can tag all of the spam in your inbox with the T key, and press ;S to save it all to the spam folder at once.
Sure, it would be great if we never had any spam to begin with, but although I can choose what canned food I buy at the grocery store, I may never fully get rid of spam in my inbox. After all, one man's hacked-up pork by-product is another man's tasty canned-ham substitute. If people didn't order those male-enhancement pills, they wouldn't advertise them. At least with a few extra steps, I can make managing spam take less time.
Kyle Rankin is a Senior Systems Administrator in the San Francisco Bay Area and the author of a number of books, including Knoppix Hacks and Ubuntu Hacks for O'Reilly Media. He is currently the president of the North Bay Linux Users' Group.
Kyle Rankin is a director of engineering operations in the San Francisco Bay Area, the author of a number of books including DevOps Troubleshooting and The Official Ubuntu Server Book, and is a columnist for Linux Journal.
|September 2015 Issue of Linux Journal: HOW-TOs||Sep 01, 2015|
|September 2015 Video Preview||Sep 01, 2015|
|Using tshark to Watch and Inspect Network Traffic||Aug 31, 2015|
|Where's That Pesky Hidden Word?||Aug 28, 2015|
|A Project to Guarantee Better Security for Open-Source Projects||Aug 27, 2015|
|Concerning Containers' Connections: on Docker Networking||Aug 26, 2015|
- Using tshark to Watch and Inspect Network Traffic
- September 2015 Issue of Linux Journal: HOW-TOs
- Concerning Containers' Connections: on Docker Networking
- Problems with Ubuntu's Software Center and How Canonical Plans to Fix Them
- Firefox Security Exploit Targets Linux Users and Web Developers
- Where's That Pesky Hidden Word?
- A Project to Guarantee Better Security for Open-Source Projects
- Build a “Virtual SuperComputer” with Process Virtualization
- My Network Go-Bag
- Doing Astronomy with Python