[thelist] Qmail Log Analyzer Recommendation
David Kaufman
david at gigawatt.com
Tue Sep 9 14:04:36 CDT 2008
Hi Norman,
"Norman Bunn" <norman.bunn at craftedsolutions.com> wrote:
>
>I am fruitlessly trying to determine the source of some spam that is
> coming from or through my server. The hosting company has suggested I
> get a qmail log analyzer. Does anyone have a recommendation on one that
> works well for them?
I don't analyze my email logs, myself, but:
here are #1 thru 10 of about 914 that Google knows of...
<http://www.google.com/search?hl=en&q="qmail+log+analyzer">
I mean to say that there are lots of them, but I highly doubt that *any*
amount of email server log analysis will help you to "determine the source
of some spam". It is (as you've noted) a fruitless endeavor. Spammers are
very good at preventing you from determining the sources of their messages.
And these days, when you do track some spam to the IP address which sent
it, and identify who owns that computer, you learn that they don't really
control it. Most spam is sent by bots, usually broadband-connected and
virus-infected computers that are controlled by a "bot-net". The computers
themselves are owned and operated by unsuspecting users who have (among
millions of others) unwittingly become the tools of the owner of the
bot-net.
So while you *may* find the innocent and unwitting pawn of some spammers
bot-net, what's the point? Isn't it a far better use of your time and
effort to install, configure and maintain very good spam-filters and
block-lists to protect your servers and workstations from spam in the first
place, so that you don't have to care?
Working the other direction, if you want to track down the *advertiser* of
a spam you've received (rather than the bot-net of the professional spammer
he paid to *send* his offer) simply follow the money. Respond to the ad.
Offer to buy the product or service. See who you have to pay. Your credit
card company (and/or the police) should be able to help you identify who's
caching the checks, especially if the goods are stolen, the service
illegal, etc. Even then, the trail often leads all over the planet, making
any meaningful investigation, lawsuit or prosecution all but impossible. I
prefer to route as much spam as possible to the bit bucket, rather than
obsessing over who sent it, and pondering all the medieval punishments that
all spammers so dearly deserve.
-dave
More information about the thelist
mailing list