Every now and again, some shit-eyes of a spammer decides to send a million spams and forge my address as the sender. So I come back to my email and find four hundred messages, all of which say something along the lines of “your message was rejected because it was spam”, or “the user firstname.lastname@example.org does not exist”, or “I’m on holiday until Dec. 31st”. This is pretty annoying. What I want to know is: how can I not drown under the weight of this backscatter? I can’t go round to each mail server admin that does it and forcibly administer a fatal beating, much as I’d like to. I read my mail with Gmail, so I can’t use procmail to filter it all first (not to mention the fact that trying to use procmail has a very similar pain/productiveness ratio to trying to insert the Empire State Building down my urethra). I’m frightened to actually mark these backscattered bounces as spam in Gmail, because if I myself actually mail someone and get a message back saying “I’m on holiday for two weeks” then I don’t want that marked as spam — I want to see it. Part of the problem here is that everything at kryogenix.org goes to me, so when spam is forged from non-existent addresses at kryogenix.org, I get the bounces. I could avoid this by blackholing all addresses that aren’t specific ones that I use, but I really like the convenience of being able to subscribe to mailing lists with the address “name-of-your-mailing-list at kryogenix.org”, so i can tell if people sell their subscription list to spammers. Suggestions welcomed. I tried creating a Gmail filter that looked for mail that (a) wasn’t addressed to one of my main addresses (b) wasn’t a mailing list mail (c) contained words like “bounce”, “account”, “spam”, etc and then adding the label “probably-spam-bounce” to it, so that I could see if this technique would work. It doesn’t; on an average “get 400 bounces” day, it catches about 60% of them, which isn’t much good, and worse it occasionally matches real actual email I get, like Amazon “you have just purchased this item” emails. If anyone has suggestions for a better Gmail filter, or can confirm that I’m OK to tell Gmail to classify these messages as spam without much risk of many false positives, speak up. If your suggestion is “don’t use gmail” or “fetch all your email with POP and run it through procmail”, then I don’t want to do that; I understand that those methods might be better, and if deleting five hundred bounces every week is the price I pay, then I’ll pay that price.