Anti-Spam: A Simple Algorithm for Handling Email Spam

Yesterday I had more than 200 email messages from “System Administrator” – all sent within a minute.   They came through our university anti-spam filter.  This is getting too much…

Here is a simple anti-spam algorithm:

Create an email filter (say in Python) which checks every incoming email against a list of approved email addresses. If the sender address is NOT in the list of approved email addresses, it automatically sends back (something like) this:

Hi,

If you are a real human, please reply with the word “pass”.  (Simply hit Reply, type “pass” as your response, and hit Send.)

This is an automated response from Bill Manaris’s anti-spam filter.

Thank you.

This program can be placed within the .forward file on Unix systems (and eventually incorporated within email clients).  (The configuration is similar to the one used by the Unix vacation program.)

The program maintains a list approved email addresses. This list may be initialized with the user’s email contacts. This list gets updated with addresses of people who pass the test.

The program automatically places in the incoming mailbox (e.g., .mail) any messages that complete the password exchange. It strips the password exchange and leaves only the original message.

The password message is an external text file. Also, there may be an external list of passwords to pick from.

Special Cases

A special case is when a spammer uses a person’s own email address to send that person spam.  If necessary, this could be handled by expecting a special password in self-sent messages.

The above handles the majority of spam messages I have received.

Another possibility is that spammers may use emails from people already approved for a certain person.  However, since these lists are different for different people, it is highly unlikely that a general automatic technique be developed by spammers to counteract it.

Conclusion

The beauty of this algorithm is that it turns the table on spammers: Even if they catch on, the program can evolve its behavior (e.g., message, pass word (or pass phrase), etc.). Also different people will have different messages. So it’s hard to create an automatic anti-anti-spam mechanism.

In terms of usability, it puts some strain on email senders – but only on those who have not communicated with you before, and only once. This usability strain is similar to the image-based passwords required by services like Google.

In conclusion, this may not be 100% foolproof, but it may effectively complement existing (and sometimes ineffective) anti-spam techniques.

Reference

  1. Chris Samuel, Vacation Email Responder program, 20 Jan, 2007.

This entry was posted on Wednesday, August 6th, 2008 at 9:01 am and is filed under Design. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

4 Responses to “Anti-Spam: A Simple Algorithm for Handling Email Spam”

  1. kaveh Says:
    February 2, 2009 at 3:14 pm | Reply

    hi, thanks for sharing your information. can you send me the algorithm please. my yahoo id is sky600500 and you can email me too.

  2. Susi Ledermüller Says:
    June 1, 2009 at 3:46 am | Reply

    A very nice idea, but the description is too short. I miss how to handle with postfix.

  3. John Says:
    June 1, 2009 at 6:20 am | Reply

    Can you publish the algorithm at this weblog please?

  4. Jide Oguns Says:
    June 24, 2009 at 8:14 am | Reply

    Please, I’m interested in the algorithm. Can you email it to me?

Leave a Reply