It began when I finally accepted that Google is a set of adaptive algorithms rather than a traditional corporation. That meant I could sit back and rethink things. Google was malfunctioning because I had redirected an unfiltered mailstream at Gmail, and Google seems to be effectively doing something I'd asked for years ago: selective filtering based on the managed reputation of an authenticated sending service. In this case Google was treating the 'sending service' as my redirector (which I don't think authenticates), rather than the distal source of the email. That meant faughnan.com acquired a reputation, from Google's perspective, as a really bad place.
Well, I can't be too mad if they're doing what I'd long urged everyone to do. It would have been nice if I'd known about it earlier, but them's the breaks. Don't do redirection to Gmail and expect it to like you for long.
So I turned off all the redirects, forwarded from Gmail to my ISP (VISI), flowed faughnan.com and spamcop.net to VISI's Postini service, and finally dropped all my email lists. Lists are very 20th century, this is the age of subscription/notification (Atom/RSS). Good-bye lists. The world calmed down.
With all the lists gone, and postini churning away, it was interesting to see what spam got through. Lots of political solicitations (Note to dems: you can get my money again when you stop spamming me) and various incredibly annoying newsletters. What they all had in common were that the domains were real. Yes, spam with persistent, verifiable, domains.
Some had unsubscribe links and some of those even worked -- though my experience with the political spam is that one's email gets back on their lists shortly after it's removed (recycled by the trading of addresses), just as in the world of physical junk mail. No matter, because with persistent and verifiable domains, personal blacklists work.
I've blacklisted 9 domains, all of whom have failed multiple unsubscribe attempts, and with postini and these few filters, my spam is gone. (Note Gmail filters will do this easily too).
The war, dare I say, is turning. Next step, once I've verified with spamcop, is going to be to redirect my mailstream through spamcop and back into Gmail, which will then be receiving a "purified" stream. I'm hoping Gmail will "learn" that the domain has been "rehabilitiated". Gmail can forward copies to my VISI account, so I'll be back to having a local store of my email as well. Updates to follow.
Update 9/22/06: Spamcop approved my plans and Gmail is back in the loop. This is the current setup:
- several less used email accounts, including an ancient mindspring account, all forward to faughnan.com
- my faughnan.com email forwards to my spamcop.net address where the heavy filtering occurs. I
- my spamcop address forwards to my gmail address, that's where I keep a set of blacklist filters as above
- my gmail account keeps a copy and forwards to my visi.com address
- I use POP and IMAP on various machines to view and collect email from visi.com
Update 10/4/06: Since my original post, a few updates:
- spamcop does a decent job, but not quite as good as VISI's postini. I may try moving their spamassassin settings up a notch (default is minimal, spamcop is very domain focused)
- I added a Gmail filter so that email sent directly to my Gmail address gets a unique tag. Since only spammers and Gmail use that address it helps me quickly identify spam. More importantly, it's safe to mark email sent directly to my Gmail account as spam. If spam gets redirected to my Gmail account I delete it, I don't mark it "as spam". I think if I mark redirected email as spam Gmail assigns a poor reputation to the redirector, which I don't want.
- I'm now getting about 3-4 spams in my Gmail inbox daily, of which 75% is spam that passed through the spamcop filters. I'll see if I can improve that a bit but it's tolerable.