The work email server spam filter does not simply reject everything suspicious – this would risk us losing legitimate emails, something made worse by some companies choosing to send invoices and remittances as PDF attachments with no accompanying text whatsoever, something the mail server considers dodgy.

So (until I work out a better, foolproof automated process, or take the time to properly tweak the spam settings on the server) I manually look through some of the doubtful messages to pluck out those that are not actually spam.

The most common types of spam messages caught seem to be…

5. Your credit card is blocked (enter all your details into our dodgy web site)…

4. Work from home and earn $$$…

3. Marry a gorgeous Russian girl…

2. Cheap replica watches (Rolex etc)…

1. Cheap medicine to help gentlemen with, err, size-related personal problems.

…though it appears cheap Canadian pharmacies are also gaining in popularity, despite this being for a .com.au address.

Usually the GMail spam filter is very good. I wonder what happened this morning.

No, I don’t recognise the sender, nor do I recognise any of the other people on the To list. Odd.

(Okay, not an actual filter outage, but certainly the most obvious spam I’ve seen the filter miss recently.)

Beware of Horde’s IMP webmail client and its access/shortcut keys.

One that’s caught me is that if new email composition is set to be in a separate window, and access keys are on, then Alt-F4 (which in Windows is normally the equivalent of Close) is pressed, instead of saving the email to Drafts, or cancelling the email, it sends it.

I’m a common user of Alt-F4, which means several times I’ve thought I was cancelling the email, but instead it’s sent it.

Another is Alt-D for Delete (the current message). On many browsers this predates Ctrl-L to go to the address window, and while I know I should learn Ctrl-L, I still commonly press Alt-D. If Horde is configured to not even put the message into the Trash, carelessly pressing Alt-D will zap the message forever more, no trace left.

To prevent these happening again, I’ve now turned off Access keys: Options / Global options / Display Options / Should access keys be defined for most links?

Amusing comment spam left on my personal blog:

Spammers leave spam comments in the belief that they will gain better search engine rankings and traffic by building as many links to their websites as possible. Spammers often employ bots or other automated systems to look for mortgage blog and website and leave self serving promotional comments links..Spam is a numbers game so if spammers can send automated spam to large numbers of websites for very little money so even if they convert a small percentage of the sites they spam they can make a profit..Spammers will also leave links to their websites in an attempt to push link juice or Google Juice to their websites but most mortgage websites and blogs add a rel nofollow tag to prevent the passing of pagerank or link juice.

And this one, from a user apparently who signed him/herself “penis enlargement”.

It’s so hard to get backlinks these days, honestly i need a backlink by comments on your blog / forums or guestbook to make my website appear in search engine. I am getting desperate Now! I know you’ll laugh while reading this comment !!! Here is my website penis enlargement [url deleted] I know my comments do not relate to the topic, but PLEASE HELP ME!! APPROVING MY COMMENT!
Regards: PoormanBH2011

Yeah right. Like I’m going to approve that.

BTW, both were caught correctly by Akismet.

A quick timing test on my main home workhorse computer, which isn’t the fastest in the world, but isn’t the slowest either. (Windows 7, Athlon 64 X2 dual core 4400+ 2300 Mhz, 3 Gb RAM, on a fast ADSL2+ net connection.)

Having started Windows and logged onto a clean desktop:

• Start Chrome with GMail set as the home page: 8.5 seconds to ready
• Start Thunderbird: 11.6 seconds to ready

No wonder people are heading into the cloud.

Subsequent timings (without a reboot, so some things may be cached, eg later in a session when you’ve closed your email and you want to go back in):

• Chrome with GMail: 3.4 seconds
• Thunderbird: 3.1 seconds

Interesting.

On a couple of Yahoo Groups I’m on, we’ve noted spams coming through from long-time members in the last week or two.

The good news is there’s no need to panic. Most probably a spammer out there has worked out that person X posts to list Y, and is forging emails from them from a remote location. Which means it is unlikely that X’s computer has been compromised. (Though of course it’s good practice to have virus protection and regularly do scans.)

If you’re an Admin of a Yahoo Group, you might like to check the Posting settings (group management / Group Settings / Messages / Posting and archives). There is a Spam Filtering option which I believe is switched off by default (it might be a newly added setting).

On the groups I’m on, we had spam coming through, but setting the Filtering on seems to have prevented more of it.

So I was looking at the comments awaiting moderation. Two showed up on this post: Why Facebook sucks, a rollicking read about over-bearing security dialogues just to use Facebook’s video application.

Here’s the first comment — I’ve zapped the email address, but one was left:

Sam Hamilton 76.243.71.190
Submitted on 2009/05/29 at 9:37am

If you are tired of facebook but want a way to connect with artists and musicians
then you should check out http://www.putiton.com
If you are tired of facebook but still want to connect with your friends then pick up the phone…

Fair enough.

Here’s the second:

James Dee 75.85.9.225
Submitted on 2009/06/03 at 3:16pm

I’m an artist and I haven’t been satisfied using facebook or myspace to promote myself… too slow and too much junk. I’ll give putiton a try… it looks clean

The problem here is that the first comment is still awaiting moderation. (Yes, it’s several days old. I don’t check as often as I should.)

So why would “James” decide to try putiton, a social networking site which basically nobody has heard of (well at least I haven’t) if nobody else has suggested it (eg the first comment isn’t visible to anyone)?

Curiously, “Sam” and even “James” have left similar messages on other, similar posts on other blogs.

(Sam has a profile on the offending site.)

For an announcements list, you don’t want people replying to the list, which will reject their messages. I had to do some digging to find out where to set this in Mailman. It’s under the General Options:

Where are replies to list messages directed? Poster is strongly recommended for most mailing lists. — which lets the recipient replies go back to the list, to the poster (which is the old-fashioned way to do it on discussion lists) or you can set to go back to an explicit address — which for reasons I won’t go into right now, is the way I wanted it.

OK, so this setting probably should have been really obvious, but I only just found it. Call me slow if you like.

It’s time to stop using mailto: links.

I mean c’mon. You think I still read my email in a local client? That’s just so twentieth century.

I think my eyesight is okay. I know I’m a bit colourblind, but other than that and a lack of perspective, it’s okay.

These captchas, seen on the Oz-Astra web site forums though, these are too much. I know you have to fight spammers, but there comes a point where real humans are going to be defeated too, and eventually give up in frustration. Thankfully you can refresh the image and hope for something a bit more readable, but why not bring the difficulty level down from eleven so it’s not so hard?

(I’m not trying to single this site out; there are others that also frustrate. And I suspect this is down to an over-zealous implementation in vBulletin.)

See what happens if you don’t properly anticipate how your HTML email might be rendered?

Yep, the world’s thinnest and lightest 17″ notebook… featuring a really odd-looking askew display, apparently.

(GMail in Firefox 3.0.6 on Windows)

Spammers have discovered Twitter. That’s not really surprising; it had to happen sometime.

What is surprising is that, in this example, 45 people have blindly followed the spammer when they followed them. Do people not even look at who it is?

I mean really. “Jenny” of “online friend”, with such an obviously spammy bio?! Could it be any more obvious that this person intends wasting your time?