Perhaps a crazy idea against AI spam.

Sébastien Riccio Replied

5/13/2026 at 1:07 AM

That's a bit what you do with bayes learning, but you have to feed it ham too.

Sébastien Riccio

System & Network Admin

https://swisscenter.com

Sabatino Replied

5/13/2026 at 1:41 AM

Yes and no

I have virtually no control over the Bayesian filter.

Here, I train the agent as I want.

I can create a program that gives me a report and, via API, inserts the patterns I choose, blocking recurring senders (or parts of senders). Links to content with recurring patterns that aren't in RBL.

With the content filter, I can act at the domain or user level.

And I want to take it even further: I can grant access to the domain admin so they can choose independently via a web app.

Sabatino Traini
Chief Information Officer

Genial s.r.l.
Martinsicuro - Italy

Brian Bjerring-Jensen - VonBjerring GmbH Replied

5/13/2026 at 5:16 AM

Much easier it would be to integrate it into EM Client or outlook and be able to block the domain from sending to the server.

And then Smartermail would gather all the reported domains into a list running at the server and blocking the EHLO so it wouldnt even reach the server afterwards.

D

Douglas Foster Replied

5/13/2026 at 8:18 AM

You have this now. Point your a.i. agent at messages sent to the training folder. For better control, copy messages out of that folder before they disappear, then use your A.I. to help you decide whether to block, unsubscribe, or ignore. It can also help decide what identifiers to block when blocking is chosen.

Sabatino Replied

5/15/2026 at 3:42 AM

I did a quick test.

I already have an event:

All messages classified as medium-level spam are also sent to a control inbox.

I checked a few messages in this inbox and fed them to Claude Cowork, asking him to identify those that were known to be spam/phishing.

Once identified, you need to look for recurring patterns:

sender IP, sender email, subject

or string in the body.

So that I can set up a content filter on the mail server to block them.

Here's the result.

Claude ha risposto: I analyzed 506 .

I analyzed 506 .eml files in D:\testspam\ and identified ~132 emails (26%) as confirmed phishing/scam — everything else is commercial bulk-mailing.

The 3 dominant campaigns:

Botnet 103.176.192.0/24 → 96 emails — US-brand phishing (CVS, Walmart, Lowe's, Harbor Freight, Ace, AAA, Omaha Steaks, Cheesecake Factory). Easily recognizable from the leetspeak in the Subject (TooI, 0maha, SampIer, 1OO, 5OO, K0BALT) and from the From-localpart with the brand in clear (cvspointsextra@…, harborfreighttoois@…) on throwaway .com domains (placesafety, logodays, dragonegypt, giftscale, …).
192.93.19.27 (compromised uha.fr) → 19 emails — always the same Subject "Donazione di 2.500.000 euro", Reply-To jflore1942@gmail.com.
161.71.34.73-75 → 6 emails — finance/crypto teaser ("Elon Warns", "Mark Cuban missed", "Silver at $309").

I think we can work on it.

My problem is precisely the spam mediums.

If I increase the precision, I'll block more of them.

Sabatino Traini
Chief Information Officer

Genial s.r.l.
Martinsicuro - Italy

J

J. LaDow Replied

5/15/2026 at 8:52 AM

Add 103.176.193.0/24 to your list -- they're both the same pile of garbage - they hit us this morning.

MailEnable survivor / convert --

Sabatino Replied

5/15/2026 at 9:19 AM

Yes, that wasn't the point of this post.

The point is

we can use an AI agent to catalog spam/phishing emails and find patterns.

Then we can also use APIs to add blocks.

Sabatino Traini
Chief Information Officer

Genial s.r.l.
Martinsicuro - Italy

J

J. LaDow Replied

5/15/2026 at 9:33 AM

I apologize -- I guess my reply was more in jest regarding the never ending chasing of IPs and spammers.

You're right in your theories of execution from what I read. I think I have an aversion to AI because it's nothing more than overgrown pattern recognition that burns down the planet at an unacceptable rate for what it's returns are. Yes, the threats are evolving and changing, and it can be a good weapon but the resources needed to effectively deploy it at scale are just not in line with returns.

In regards to the "brand spam", I've been working on something in .NET (I'm not the fastest / most experienced programmer in the world) that so far has been fairly effective in reducing those. More to come on that when we can get more "reproducible" results.

MailEnable survivor / convert --

Sabatino Replied

5/15/2026 at 10:10 AM

I understand your point.

But if we're attacked by AI with high spam volumes, we need to respond with AI.

What I'm proposing could be sustainable because:

1) The AI agent ingests only the messages I tell it to, in this case, all those that are medium-level spam.

It does this by accessing an IMAP/POP email inbox.

2) It provides me with a report with a classification of what it finds and can suggest (which will then be done via API) blocking a specific IP class, a sender, or increasing the spam score of a specific sender/pattern.

This could also work for a single domain, by granting the domain admin access to a control panel (webapp).

Sabatino Traini
Chief Information Officer

Genial s.r.l.
Martinsicuro - Italy

Brian Bjerring-Jensen - VonBjerring GmbH Replied

5/15/2026 at 10:29 AM

What about using the spamscore provided to pass it on to the AI agent and get the investigation done at that time instead?

Sabatino Replied

5/15/2026 at 10:34 AM

Too much delay here.

This is where the problem arises.

The approach I proposed on all medium-level spam emails in the last 12 hours (856)

produced this (Analysis time: 4 minutes, Limited token consumption)

# IPs to blacklist in the mail server (SmarterMail → Antispam → IP Block List)

# Generated from analysis of 856 .eml files in testspam/ (run 2 - 2026-05-15)

# US-brand phishing botnet (93 of 856 emails - HIGHLY RECOMMENDED)

# Extended to /23 to cover both .192 and .193

103.176.192.0/23

# Finance/crypto scam "Mark Cuban / Elon Warns / Silver at $309" (8 emails)

161.71.34.73

161.71.34.74

161.71.34.75

159.92.157.11

# Compromised uha.fr - 2,500,000 euro donation scam (44 emails - doubled!)

192.93.19.27

# Walmart scam (1 email)

92.113.148.155

# Parkside scam via onmicrosoft.com (1 email)

52.101.52.111

# Ridge International / Crust Leather scam (5 emails)

74.125.82.45

74.125.82.46

74.125.82.47

74.125.82.49

74.125.82.52

 Sender domains to blacklist (SmarterMail → Blocked Senders)

# Run 2 - 2026-05-15 - 856 .eml analyzed

# Throwaway domains used by botnet 103.176.192.0/23 (US-brand phishing - 93 emails)

airlinedrive.com

bankmeetings.com

bidsstream.com

booknovels.com

casemovies.com

cyclebytes.com

dragonegypt.com

expandnews.com

greathandle.com

insurearea.com

landtotal.com

laptopmind.com

lavishsport.com

letsbookmark.com

listcourse.com

logodays.com

loopcustom.com

marineleads.com

markethard.com

mattface.com

morecheaper.com

needylist.com

origamifun.com

partyteams.com

placesafety.com

playbudget.com

polkmusic.com

quotearmor.com

quotecapture.com

radiomine.com

ratebuilders.com

recipemore.com

researchbest.com

reviewhall.com

satbrowser.com

screamnews.com

sellingclick.com

soccerjacket.com

stagepreview.com

studiosilt.com

tocashback.com

webpagezone.com

webstudying.com

# Other phishing campaigns (Walmart / Elon / Mark Cuban / Silver finance teaser)

loveromantic.com

news.finfuturemedia.com

news.mizunoreport.com

news.raditentailnews.com

news.getthefinnewsnow.com

news.budgetsolutionspro.com

radicaltechreveal.com

unicornbulletin.com

# Fake-reply business scams

eventattendlink2.shop

cldstylehouse.com

# Facebook verification badge scam

notifyfacebook-noreply.com

# Reply-To to blacklist

# jflore1942@gmail.com         (uha.fr donation scam - 44 emails)

# infopolice.etatlu@aol.com    (Luxembourg police scam)

Sabatino Traini
Chief Information Officer

Genial s.r.l.
Martinsicuro - Italy

Sabatino Replied

5/15/2026 at 10:39 AM

Better to have an agent that works in the background.

If I work on it a bit, I can automate many operations and then create a nice report in a web app where the admin can make decisions on questionable cases.

REPORT_spam_patterns_EN.pdf

Sabatino Traini
Chief Information Officer

Genial s.r.l.
Martinsicuro - Italy

kevind Replied

5/15/2026 at 12:16 PM

When done, give your AI agent to SmarterTools and they can build it into SmarterMail. :-)

SmarterTools could use an AI agent to process messages in Junk folders. So if a few users get some spam or phishing emails and click Move to Junk, then SmarterMail uses that intelligence to automatically filter incoming messages for all users.

D

Douglas Foster Replied

5/15/2026 at 12:31 PM

We are in the middle of what pundits like to call a "paradigm shift" or "tipping point".

All of the old ways of blocking spam have been obsoleted by the attacker(s) who change their domain frequently, change their IP address frequently, and change their content frequently, and are perfectly authenticated. So blocking on known-bad identifiers does not work, because these identifiers are unknown. Blocking on known-bad content does not work because the content does not match yesterday's attack patterns.

That leaves only two techniques, both of which are new:

Sabatino's approach of using A.I., because it can do content analysis on the whole document, presumably with similar effectiveness as a human auditor. He has proven that it is effective; the only limitation is investing in the compute capacity.
My approach of blocking unknown senders, which is also effective.

If there is a third approach, I don't know what it is. Everybody needs one or the other.

My results since enabling the Unknown Sender test:

794 messages were flagged for Unknown Sender
345 blocked or quarantined for higher-priority reasons, such as blacklist
451 were actually quarantined with Unknown Sender as the primary reason
63 of those would have been quarantined anyway, based on Spam Score, which is the lowest priority test
388 quarantined exclusively because of Unknown Sender
44 of those messages were released from quarantine as false positivies
Net of 344 messages which were quarantined correctly

That is an error rate of 11%, but one that I can accept, to gain the benefit of blocking so much bad stuff. My goal is zero spam, and to reach that goal, I have to be willing to delay a few messages. Of course, this test increases the frequency of false positives slightly, but the problem was already there. You cannot block bad stuff without causing some false positives. The first phase is only blocking messages with matching Return-Path and From address domains. But based on this success, I am planning rollout to capture more attacks.

This approach has also been a time saver, because I don't have to blacklist anything. The domains that are quarantined today, and not released from quarantine, will still be quarantined tomorrow. Most of those domains will be discarded and never seen again. Of course, it will be useful to pull statistics to identify identifiers to be blacklisted, but that can be done after-the-fact.

Sabatino Replied

5/15/2026 at 12:34 PM

I don't think it can be that simple and automated.

We need an admin who makes the decisions.

The fact that it marked me as a botnet at 103.176.192.0/23

should always be considered. I then did my own checks and blacklisted it.

But an AI agent could really provide me with a very meaningful report on which to base my decisions.

Sabatino Traini
Chief Information Officer

Genial s.r.l.
Martinsicuro - Italy

Sabatino Replied

5/15/2026 at 12:37 PM

Anyway, as soon as I can, I'll dedicate some time to it and create the web app. Maybe I can integrate it with the log analysis project, which unfortunately has been inactive for a while. https://portal.smartertools.com/community/a97682/logs-analisys.aspx

I'm still using it, and it still gives me a lot of information.

Sabatino Traini
Chief Information Officer

Genial s.r.l.
Martinsicuro - Italy

Robert G. Replied

5/27/2026 at 10:29 AM

This needs to be a community objective in my opinion. Some type of community driven filtering probably using rspamd.

We pay for Message Sniffer and Cyren and both are quickly becoming useless.

GearHost.com

D

Douglas Foster Replied

5/27/2026 at 11:51 AM

Robert:

SmarterTools or community helpers may be able to help you build the hooks between SmarterMail and an A.I. engine, but you will still need to buy or rent the A.I. infrastructure.

Assuming that your A.I. cost will be proportionate to the workload that you send to it, you will need to minimize its workload. That requires separating low risk (existing senders) from high risk (new senders) messages. My experience is that if you make that separation, and are willing to invest time in quarantine review, you may not need A.I. at all.

How it works for me:

All of our filtering occurs on an inbound gateway, where unknown senders are quarantined. Anything that arrives at the main SmarterMail server is considered acceptable. A SQL job runs every night, which parses the SmarterMail SMTP and Delivery logs, then uses the results to updates a table of known senders. That gives me a continuous log of date last seen inbound and data last seen outbound for every correspondent. That known senders table is to quarantine unknown senders and as input to our custom External Sender warning.

Anyone who wants the same capability is invited to send me a private message. It is a few SQL stored procedures and table definitions, plus two XML files used for the text file import process.

Sabatino Replied

5/27/2026 at 11:37 PM

Hi guys. Perhaps I haven't explained this idea very well and why it could be a good, low-cost solution.

1) It obviously assumes that an admin/user has a filter/control system that places spam messages in a dedicated folder/email.

2) Messages are analyzed in the background, not in real time, using a local LLM, thus complying with privacy regulations.

3) The AI agent identifies identification patterns and creates the appropriate filters on the SM via API.

In practice, the system adapts to spam attacks, but doesn't require a real-time approach and therefore an expensive AI infrastructure.

Sabatino Traini
Chief Information Officer

Genial s.r.l.
Martinsicuro - Italy

Brian Bjerring-Jensen - VonBjerring GmbH Replied

5/28/2026 at 12:58 AM

Why not host it on a central server that can be reported to by all users of SM?

So when you report spam, the list is updated. Either a score or number of reports can be used as a filter before added to the list. The list could be created from the senders located in the spam folder either on DNS, Domain or account level.

A scheduled job could be created to download the list to be run locally every hour or so.

Why make it so difficult?

Sabatino Replied

5/28/2026 at 1:26 AM

Because there's a privacy and national regulatory issue. In my opinion, you can't send the entire email to a cloud service; you can instead test patterns locally.

Furthermore, what's spam to you may not necessarily be spam to me.

So it should be managed locally per domain/user.

Sabatino Traini
Chief Information Officer

Genial s.r.l.
Martinsicuro - Italy

Brian Bjerring-Jensen - VonBjerring GmbH Replied

5/28/2026 at 5:20 AM

Meka me smarter Sabatino. For what national regulatory would spammers be regulated under?

And since data is transferred to the US anyway under the Cloud Act then I see no apparent issue of harvesting the spammers email adresses and domains and their DNS servers used to send spam.

Nothing in the email should be of any interest.

And EM client has the ability to blacklist a domain allready. Its just not centralized which would significantly reduce the load on the servers worldwide if it had.

D

Douglas Foster Replied

5/28/2026 at 6:42 AM

There are a host of privacy regulations: GDPR in Europe, HIPAA, and Sarbanes-Oxley in U.S., PCI-DSS everywhere in the world.

The data owner is responsible for protecting regulated data. We cannot prevent a sender from putting regulated data at risk, but once we receive the message, we become the data owner and we must prevent protected data from being exposed to unauthorized entities.

The assumption is that you won't know spammers from non-spammers unless you send the data off-site, so you cannot know that only spammer data is being transmitted.

Sabatino Replied

5/28/2026 at 7:45 AM

Exactly, @Douglas Foster

My idea is to have the AI process emails considered spam/phishing in their entirety, looking for identifying patterns that aren't just the sender's IP/email address, but also other things.

I can't distinguish what's inside the email; it could be spam/phishing but with stolen user data. So, simply a cloud-based AI.

Besides the regulatory issue, there's also a problem of speed and token consumption.

The proposed approach involves the use of a local LLM, which, in addition to solving the regulatory issue, also solves the token consumption and speed issues.

The email isn't analyzed in real time.

An AI agent connects via IMAP to the mailbox containing the messages that were stored there because they were considered spam/phishing and, in its own time, begins searching for identifying patterns. It can then send them via API to SM for blocking or send a report to the admin, who decides what to do.

In short, a scheme that's not real-time, but adaptive to the spam/phishing traffic being received.

If done well, the agent becomes adaptive for the recipient domain and user.

Sabatino Traini
Chief Information Officer

Genial s.r.l.
Martinsicuro - Italy

Brian Bjerring-Jensen - VonBjerring GmbH Replied

5/28/2026 at 11:49 AM

HI Douglas... I like your posts here but right now youre on my turf.

There is a fundamental distinction missing here between data ownership and data processing.

In this case, the ISP are not the data owner. The individual customer remains the data controller / data owner, while we act as a data processor handling email traffic on their behalf.

That distinction matters because receiving or processing regulated data does not automatically transfer ownership or controller responsibilities to the service provider.

Under frameworks like GDPR, the controller determines the purpose and means of processing, while the processor operates under instruction from the controller. The same principle broadly applies in many regulated environments like HIPAA.

Of course, processors still have strict obligations around confidentiality, integrity, access control, and secure handling of data. But that is not the same as becoming the owner of the data simply because the message traverses or is processed by our systems.

The second point is also important. The assumption that spam classification requires sending all data off-site is incorrect.

Spam filtering, reputation analysis, heuristics, and content inspection can absolutely be performed locally, in-region, or within a controlled processing boundary depending on architecture and compliance requirements.

So the real discussion is not “who owns the data after receipt,” but rather who is controller vs processor, where does the processing occur, what data leaves the trust boundary and under which legal basis and contractual safeguards processing is performed.

So its absolutely not a problem doing what I suggested :)

D

Douglas Foster Replied

5/28/2026 at 6:44 PM

Yes, there are solutions, by contracting so that the vendor accepts liability if they lose or misuse protected data.

But as for feasibility:

I don't see SmarterMail or anybody else proposing to offer the service you want.
I think there are serious difficulties knowing how to bill for a shared service like that.
I don't see economies of scale from someone like SmarterMail provide A.I. as a service rather than you contracting for the resources yourself.
You don't know that you would be willing to pay what this imagined service would need to charge.
Your spam problem needs to be solved now, not next year.

Sabatino has laid out a way to get to A.I. relatively inexpensively. I have solved the problem for my organization by quarantining more messages, which requires more quarantine review effort.

If you can wait for someone else to solve the problem for you, do you have a problem that needs solving?

Rod Strumbel Replied

6/2/2026 at 7:45 AM

Just playing the devil's advocate here...

By blocking unknown senders aren't you pretty much nullifying new business reaching your company? Maybe this works at a personal email level (for the most part) but at a business level it just doesn't make sense to me.

New prospects reach us all the time thru email, and we certainly wouldn't know who they are in advance.

D

Douglas Foster Replied

6/2/2026 at 11:17 AM

Fair question, but no. Unknown senders go to quarantine, and I check quarantine at least daily. So some messages get delayed, but all acceptable messages get delivered. I was already doing this, because we had false positives before switching strategy, but it feels a little more urgent now.

It works out like this:

First stage filtering, out of 100% not blocked during helo/ehlo

53.6% are discarded for no valid recipients
46.4% are allowed to proceed

Second stage filtering, out of 100% with valid recipients

14.3% are flagged as confirmed spam,
1.5% are flagged as probable spam, and
2.7% are flagged for unknown sender.
81.5% are allowed to proceed

Third stage filtering, out of 100% allowed to proceed to third stage

4.2% are blocked for content or other reasons
0.2% are added to the total as quarantine false positives
96.0% are released to the users.

Currently, known-sender false positives are 64% of all false positives, so my improperly delayed message volume has jumped from about 2 messages per day to 5 messages per day.

Although unknown senders arrive continuously, errors do not repeat (except on a same-day basis.) Once a message is released as a false positive, that sender becomes a known sender overnight.

Caveats: I said this elsewhere, but I don't think I mentioned it on this topic.

I have split senders into three categories, to limit risk:

Consumer mailbox messages - The message is from Gmail, Hotmail, Yahoo, etc. These are currently exempted from the control, although we still track known sender status. We have existing problems with these messages being quarantined incorrectly based on spam score, so I don't want to make the problem worse.
Aligned domain messages - SMTP From address and Message From address are the same organization. The unknown sender control is only applied to these messages at present.
Unaligned domain messages - The two address are different organizations. This is mostly advertising from Email Service Providers (ESPs) like Sendgrid and ConstantContact. Known and Unknown sender status is currently tracked but not enforced, but I plan to control this group in the future.

A sender can become known for three reasons:

An account or domain is in a corporate database as a vendor, client, employee, etc. Not all of my potential database sources have been integrated my solution at present.
An account or domain has been sent a message from us.
An account or domain has sent a message to us, and it has been allowed through our filtering process and was not blacklisted based on after-delivery complaints.

For consume mailbox domains, risk and known-sender status are tracked by individual accounts. For other domains, trust and known-sender status are tracked by domain.

28 Replies

Claude ha risposto: I analyzed 506 .

Reply to Thread