The new Exim mail server I recently had setup is holding up quite well and the amount of spam we were getting has been cut down by at least fifty percent. Though a number of techniques were used to achieve this, the most effective seem to be “sender verify” and checking for valid “HELO” headers. Greylisting wasn’t included since we still aren’t very familiar with it and it could potentially deluge us with support calls and complaints. I’m still testing it out and will include it in the near future. I’ll also try to post a more detailed article on this setup some other time, but for now, let’s talk about spam.
Despite rejecting close to 10,000 spams a day, lots of it is still getting through, most of it being image spam. Now there isn’t an easy way to deal with this. The image size and content isn’t constant so you can’t setup filters to check for those. Valid emails containing images are commonly sent by a large majority of users so you can’t block every message containing an image.
Stuart sent me a link to this article that suggests a way to deal with image spam, albeit not as simple to implement as some of the other popular methods. It suggests having a whitelist-like system for GIFs, though I’m a bit sceptical as to the accuracy and benefits of this method versus the effort required to implement it.
I think the biggest hurdle that we admins currently face while fighting spam is the inability of most users to accept change. They would rather continue to receive some spam than face a delayed delivery (if you use Greylisting) and would rather use a server that allows simple relaying than one that requires authentication. Such small things may irritate users, but they cause serious headaches for us admins and open up the services to ever-increasing amounts of spam in the future.
I seriously doubt that at the current rate, email will continue to be a feasible means of communication for very long. What we need is a more modern system of communication with the benefits of email, but without the drawbacks.