You are currently looking at an older section of the wincent.dev website.
Please check the new version of the site at https://wincent.dev/ for updated content.

wincent Wincent: about

About

Anti-spam policy

Wincent is opposed to spam (unsolicted commerical email) and will never send you spam. Wincent will never sell or make available your email address or any of your other personal information to third parties. Wincent does provide mailing lists for users who wish to remain informed but these lists are strictly "opt-in" and Wincent will never subscribe a user to a list; if you wish to join a list you must manually subscribe yourself.

I have a blanket policy against challenge-response systems. I don't use them myself and I don't respond to any challenges that I receive from recipients that do use them. This policy is in place for two reasons: firstly, because a lot of my outgoing mail is generated by automated systems (such as the license code mailer) and so cannot respond to such challenges; and secondly, because I believe that such systems are worse than the spam problem that they purport to cure. Instead of inconveniencing spammers, challenge-response systems inconvenience only legitimate senders, while spammers happily move on to the next target in their millions-long list of addresses. I receive about 8,000 legitimate messages and send several hundred per month; even if only a small percentage of these transactions involved a challenge-response component the drain on my time would be significant. In my experience users of challenge-response systems love them (because it frees them of spam), legitimate senders hate them (because they are being penalized for the behaviour of others), and spammers couldn't care less because they deliver by automated systems and for every target that uses a challenge-response system there are hundreds or thousands of others that do not.

Spam currently accounts for about 50% of all mail that is sent in the world. Imagine if everyone used challenge-response systems; the number of challenges and responses generated would soon dwarf the amount of spam being sent. I believe that there are much more appropriate levels of tackling the spam problem: good server-level filtering (SpamAssassin), good client-level filtering (SpamSieve), and proper configuration of mail servers (with SPF records). There can be no exceptions to this policy, because if I make exceptions then I am tacitly endorsing peoples' decision to use those systems and encouraging their further use, thus making life worse for legitmate senders everywhere.

Incoming mail (to Wincent)

Any incoming mail that contains a virus or other malicious content (as detected by ClamAV) will be discarded at the server before it is ever read.

Incoming connection attempts are checked against real-time DNS-based spam blacklists and rejected if the originating IP appears to be a known spam source.

All other mail passes through the SpamAssassin spam filter for tagging at the server level — only messages with extremely high spam scores are immediately and automatically deleted — and then SpamSieve locally here on my Mac OS X machine to route all spam into a separate folder. At the time of writing (May 2006) this arrangement has been in place for 18 months with 99.6% accuracy (193 false positives in that period, despite the fact that 19% of all email I receive is spam). I manually revise filtered spam to catch these false positives.

If for some reason your email isn't getting through you can always contact me using the web-based contact form.