In the last week or so, I’ve gone from getting 2-300 hundred pieces of spam a day to about 500 message a day. While I’m sure there are many other people out there who get 10 times as many messages as I do, I’m still not pleased at this development. Even worse, almost 20 of these messages are making it though my spam filtering combo of spamassassin (sa) and Mail.app. I used to only get one or two uncaught messages.
Fortunately, most of the messages that slip through aren’t spam per se. They’re not trying to sell me anything. Spamassassin does a great job at nabbing those. Instead, they’re virus e-mail trying to get me to click on a Windows file. Too bad I use a Mac, so they’re not only annoying, but useless.
Normally, when a big spamming virus starts flooding my account with messages, I write a custom sa rule to block it. However, I don’t really want to be in the business of writing spam filters. Partially, I just don’t have the time and partially because I’m always afraid I’ll accidentally filter out something important.
So, I’ve come up with a solution to my problem. What I want and would find really useful is a sa virus rules RSS feed. Then, whenever a nasty virus comes around, I’m automatically notified and presented with a rule I can cut and paste into my user_prefs file to filter it out of my life. (I don’t trust automated filter updates because I prefer not to be forced to dig out legitimate messages from my spam box if the filter is too loose.)
Does such a thing exist? I checked out the sa wiki, but they only have virus bounce rules. Does somebody want to start one? I can guarantee one customer.
How do you combat virus spam with spamassassin?