Blowback Spam Filter

Update: I've been using Blowback for several months now, and overall I'm very happy with it; in fact I don't know what I would do without it, since I would get about 30 spams a day. I do keep making small improvements and fixing minor bugs along the way. For example, I recently added a hack to deal with spam posted to mailing lists I'm legitimately subscribed to.

This is a new implementation of an e-mail filtering idea I got from Daniel Sleator. It's essentially a whitelist filter, that is, it allows only messages from "approved" senders to get through. However, it makes it easy for people to add themselves to the whitelist. All they have to do is reply to the automated message sent out by Blowback. In the case of Spammers, they won't even read the message, let alone reply to it. Presto! No more SPAM.

My implementation of Blowback is designed to work with maildelivery, so it should be easy for computer-savvy CMU people (and perhaps others) to install and use.

Using Blowback

Once Blowback is operational, the flow of spam to your inbox should halt abruptly. If you have edited your whitelist well, the flow of real e-mail should continue uninterrupted. Whenever a message arrives from an unrecognized source, the message will be saved in your ~/.blowback/queue directory and an automated reply will be sent to the sender. If the sender replies to the automated reply, they will be added to the whitelist and their message(s) will be delivered and deleted from the queue. You can of course check on your queue manually.

Occasionally a legitimate message will be queued, but the sender will not reply to your automated message, either because they are too busy, or they think it's spam, or their message was automated but you wanted it anyway. In the latter case, you should use a temporary address (see the section on temporary.txt below). If you find an address in your queue which you would like to add to your whitelist, you can do this by running the script local-approve.perl with the address to be approved as the command-line parameter. This will add the address to your whitelist and deliver any queued messages, while editing the whitelist directly will leave queued messages undelivered. Of course, if you want to dis-approve a previously approved address, just delete it from the whitelist.

Periodically you will want to clean out your queue, so the spam doesn't pile up to deep and use up your afs quota. While you could just delete everything in your queue directory, this runs the risk of losing incoming messages that are in the process of being approved. It is safer to use the purge.perl script, which lists those senders which have been sitting in the queue for a certain number of days or more. The follow command deletes any messages from senders who have been in the queue for 7 days or more:

rm -r `purge.perl 7`

Installation Instructions:

1. Download this tarball and unpack it from your home directory. It will create a subdirectory called .blowback. It's important that this be installed in a location accessible to the mail server that runs maildelivery on your incoming messages, so I recommend your afs home directory. If you're not in afs-land, then use your home directory on the mail server, and you'll probably need to tweak a few paths to get it to work.
2. If your home directory on the mail server that runs maildelivery is in afs (which is the case for CMU CS people using the ux*.sp.cs.cmu.edu mail servers) you need to create a maildelivery kerberos instance so that maildelivery can write to your ~/.blowback directory. If you use IMAP in a way that bypasses maildelivery altogether, you'll have to make sure you have a POP account and change your forwarding so that it uses maildelivery on its way to your IMAP inbox. In the following script, replace UUUU with your username, and XXXX with your user number from your /etc/passwd file.

   kinit UUUU
   telnet -x jeeves
   kerberos create UUUU.maildelivery
   quit
   kinit UUUU.maildelivery 
   telnet -x jeeves
   afs account define UUUU.maildelivery
   quit
   kinit UUUU 
   ksrvutil add -f /usr/adm/autoauth/XXXX
    Name: UUUU
    Instance: maildelivery
    Realm: CS.CMU.EDU
    Version: 1
   

3. Then you need to give your maildelivery instance access to your ~/.blowback directory and its queue subdirectory.

   fs sa /afs/cs/user/UUUU/.blowback UUUU.maildelivery rlidwk
   fs sa /afs/cs/user/UUUU/.blowback/queue UUUU.maildelivery rlidwk
   

4. I haven't made an install script yet, so you'll need to edit each of the perl scripts (local-approve.perl, process-message.perl, purge.perl, process-approval.perl, process-temporary.perl) and replace each occurrance UUUU with your username. This should do the trick:

   foreach f (*.perl)
    mv $f $f~
    sed s/UUUU/yourusername/g < $f~ > $f
   end
   

5. Now you will probably want to do some customization. Edit each of the *.txt files as you like. Here's what they mean:
   • whitelist.txt is the list of "approved" senders. You probably want to dump your address list into here. It should contain one e-mail address per line, with no extra stuff. By the way, anything ending in .edu is approved by default, so you don't need to include those.
   • temporary.txt allows you to define temporary addresses of the form UUUU+tempAAAA@cs.cmu.edu by adding the line AAAA to temporary.txt. Mail sent to the temporary address will always be delivered, without the sender having to be in the whitelist. This is especially useful for signing up on web sites or mailing lists where you want to get their mail but you don't know what address they'll send it from. If you start getting spammed at that address, just remove it from temporary.txt.
   • response-template.txt is a template for the messages the agent will be sending out to anyone who sends you e-mail from an unapproved addresss. It contains instructions for gaining "approved" status. It's nice to add your name to this file.
   • expired-template.txt This is a template for messages sent to a temporary addresses that is not listed in temporary.txt. In this file, the string (TO) will automatically be replaced at runtime with the address in question. Again, it's nice to add your name to this file.
6. Finally, you need to edit your .maildelivery file to activate e-mail filtering. Before you do this, make sure you are willing to test this software at your own risk! It's worked pretty well for me, but there is absolutely no guarantee, and there is a risk of losing incoming messages. You can use this .maildelivery file and replace each UUUU with your username. The moment the file arrives in your afs home directory, the system is active! Additional warning: don't try this if your afs quota is almost full! Spam messages will be saved temporarily and may fill it completely. A full quota may result in lost e-mail.
7. Please let me know if you try this out, and how well it works for you. I've been using it for a few months with virtually no spam, and only one or two (known) missed real messages. My address is pvenable at cs.cmu.edu.