Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Spam Your Rights Online

Spam Meeting Wrap-up 197

Posted by michael from the spam-and-eggs-and-spam dept.
wendigo2002 writes "Get used to that daily flood of e-mail come-ons, Viagra offers and lucrative enticements to invest in Nigerian pyramid schemes. Internet gurus, software designers and lawyers today ended a three-day Federal Trade Commission discussion on combating spam by concluding neither technology nor laws are yet capable of completely dealing with the plague."
This discussion has been archived. No new comments can be posted.

Spam Meeting Wrap-up More

Spam Meeting Wrap-up

Comments Filter:

  • Perhaps (Score:4, Funny)

    by Gonoff ( 88518 ) on Saturday May 03, 2003 @03:14PM (#5869911)
    they might work better if they got spammed every day? If we can persuade these guys to get hotmail addresses, they might understand better...

    • Re:Perhaps (Score:5, Insightful)

      by Uber Banker ( 655221 ) on Saturday May 03, 2003 @03:24PM (#5869968)
      The summary said "neither technology nor laws are yet capable of completely dealing with the plague".

      The fact they discussed it means they recognise a problem. Technology or laws not yet capable of meeting it mean they now recognise a deficiency -- a deficiency needs a solution.

      I hope they can divert resources to creating this solution. They need to throw rosources, legal and technological, and *WE* need to keep them aware (or indeed, make them more aware), so it doesn't slip down the government's priority list.

      As for your hotmail address, I suggest you ditch hotmail. I did five years ago, and that was not soon enough.

  • Meeting results will be emailed out (Score:5, Funny)

    by Anonymous Coward on Saturday May 03, 2003 @03:15PM (#5869920)
    To over 40 million email addresses. If you don't wish to continue recieving these emails, you can follow the link at the bottom to unsubscribe.

  • :Boots! (Score:4, Funny)

    by Anonymous Coward on Saturday May 03, 2003 @03:15PM (#5869923)
    Yay for meetings to determine that which you already know.

  • Nothing? well.. (Score:3, Interesting)

    by Kelerain ( 577551 ) <.moc.liamtoh. .ta. .retsampam_cva.> on Saturday May 03, 2003 @03:18PM (#5869940)
    Public executions always sounded effective to me.

    • Spam Insurance (Score:5, Funny)

      by Detritus ( 11846 ) on Saturday May 03, 2003 @03:41PM (#5870039) Homepage
      I've always thought that this is a golden opportunity for La Cosa Nostra. They could sell spam protection insurance. Get spammed? Guido will pay the spammer a visit and "explain" how spamming is not conducive to a long and healthy life.

      • Re:Spam Insurance (Score:3, Interesting)

        by AndroidCat ( 229562 )
        You mean, sort of like this incident? [hackwatch.com]
        • Anyone know where they are buried? I'd like to go dance on their graves.

        • Re:Spam Insurance (Score:3, Insightful)

          by hkmwbz ( 531650 )
          I have always wondered by so few spammers are paying for their actions. I mean, they are annoying millions of people. One would have thought that with many spammers' locations freely available, with the rage felt by some people over spam, and the psychos we know exist out there, more spammers would have been found decapitated, drowned, tortured to death etc.

          Seriously, why aren't the spammers getting more trouble over the crap they are doing to people's inboxes? They are messing with big dollars here. Peop

  • ...but SpamAssassin [spamassassin.org] in combination with Razor [sourceforge.net] and Distributed Checksum Clearinghouse [rhyolite.com] works quite well on most mail servers I've seen.

  • Washington Post coverage (Score:5, Informative)

    by Kappelmeister ( 464986 ) on Saturday May 03, 2003 @03:20PM (#5869951)
    The Washington Post takes a slightly more sensationalist [washingtonpost.com] take on the "bare knuckle," "historic" forum.

  • You know . . . (Score:5, Interesting)

    by DrMrLordX ( 559371 ) on Saturday May 03, 2003 @03:23PM (#5869962)
    I wish all those who convene to discuss law-enforcement and/or regulatory initiatives were so honest about their future prospects for success. Can you imagine what the DEA would be like if someone back in the 50s or 60s had actually gotten together and said "you know, guys, we'll never stop the flow of drugs into the country, and it's only going to get worse". On the other hand, that might have made the problem worse.

    I still couldn't fault them for being honest, though.

  • Way to go! (Score:5, Insightful)

    by arvindn ( 542080 ) on Saturday May 03, 2003 @03:23PM (#5869963) Homepage Journal
    Rep. Zoe Lofgren, D-Calif., said this week she would seek federal legislation offering rewards for individuals who help track down spammers.

    Lets see more of those! I hope the reward applies irrespective of whether you bring in the spammers dead or alive :-)

    • I love the fact that Congress has neglected to pass ONE law to deal with spam to this day...

      ...but it has managed to enact numerous laws addressing modern technology's other "scourge," copyright infringement.

      It seems that folks in DC can get things done...when they want to.

    • Rep. Zoe Lofgren, D-Calif., said this week she would seek federal legislation offering rewards for individuals who help track down spammers.

      Lets see more of those! I hope the reward applies irrespective of whether you bring in the spammers dead or alive :-)
      Oh please, please, please, let me pistol whip, kneecap, hang, draw, and quarter them. I promise to bring them in (somewhat) alive.

      OK, I'll have to wait on quartering them. Then, let us burn them at the stake.

      John (who had 30+ emails in my spam trap

  • scary (Score:5, Insightful)

    by Trailer Trash ( 60756 ) on Saturday May 03, 2003 @03:28PM (#5869987) Homepage

    ``We are now importing more spam from the United States,'' he joked. ``We are actually learning what American culture is through spam.''

    Hopefully you know that it's not an entirely accurate view of American culture...

    • American culture isn't about exploiting just about everything for profit? I'd say it's pretty accurate myself.

    • Re:scary (Score:3, Funny)

      by sean23007 ( 143364 )
      Yeah, instead they should watch primtime US TV. That would give them a realistic picture...

    • Re:scary (Score:2, Interesting)

      by stesch ( 12896 )
      Hopefully you know that it's not an entirely accurate view of American culture...

      The rest we learn by reading "Stupid White Men" and watching "Bowling for Columbine"

  • Federal law (Score:4, Interesting)

    by Klaruz ( 734 ) on Saturday May 03, 2003 @03:34PM (#5870004)
    We need a federal law with some that lets you go after:

    1: The spammer themselves provided you can find them.
    AND/OR
    2: The entity in the US that the spam was sent on behalf of. If they're trying to sell you something, or scam you, even if they didn't send the mail, they're the root cause.

    and

    3: You should be able to opt-out of any entity you directly do business with. Opt-in for any of their parters. If I buy something from Amazon I can opt out of recieving their mail. Their partners can not send mail unless I specificly ask for it. If the company gets bought, the opt-in does not transfer, except for one email informing me of that.

    4: Here's the gray area; there needs to be some sort of failsafe. So for example, if I hate slashdot and I spam a million people telling them to buy a slashdot subscription. If the people who get the mail can't find me because I sent the mail from an open AP and bounced it off a server in Korea, slashdot gets screwed.

    Disclaimer:
    I am not a spam expert (I do know a bit)
    I am not a lawyer
    I am not a lawmaker

    Take with salt. Flame on.

    • Re:Federal law (Score:3, Interesting)

      by Doctor Hu ( 628508 )

      ... that lets you go after:

      ...
      AND/OR
      2: The entity in the US that the spam was sent on behalf of. If they're trying to sell you something, or scam you, even if they didn't send the mail, they're the root cause. ...

      From the nature of the 'products' and 'services' that cause much of the annoyance, I'd hazard a guess that the peddlers involved take as much care to hide their true identity and location as do spammers - indeed, I'm sure that the spammers are perfectly well aware of their prevalent client comm

  • RFC-821 Re-Write Will Make It Manageable (Score:5, Interesting)

    by zentec ( 204030 ) <zentec @ g m ail.com> on Saturday May 03, 2003 @03:38PM (#5870021)
    Back when the Internet was a nicer place, it made sense to allow anyone to send anyone mail through any system. Now that Internet access is much more common and the propensity of abuse on open systems, it's time to either bury RFC-821 or make it significantly more modern.

    No, the deluge of unsolicited garbage will continue regardless of what is done legislatively and with technology. I'm glad to see that people are finally waking-up to the fact that more laws won't fix the spam problem. But technology can be used to make it harder for spammers to hide in their anonymous cloak.

    The processing of sending email needs an overhaul that gives system administrators the ability to determine the source of incoming mail and impart a "trust" level of the message. Messages coming from systems that have a high trust are tagged in the headers while those coming from systems that seem dubious or lack any sort of real credentials are tagged accordingly.

    No, it won't stop spam, but it'll allow people to simply deny access to systems and users that are a continued problem, forge credentials or email addresses.

    • What you're talking about seems like nothing more then a simple modification of the Black Hole system. which doesn't work at all.

      I suppose a 'source trust rank' along with other analysis like baysian filters and other techniques might be slightly more effective, but spammers can simply use these tools to 'check' to see if their messages get through as well.

      • A black hole? In a way, I guess you are correct, but it's a black hole that's configured by the receiving system. Any blame for missed messages lies solely upon the shoulders of the receiving system.

        All I'd really want is a way to accurately determine the true originator of the mail I'm receiving. With that established, I can filter based upon who and am willing and unwilling to accept mail.
        • In a way, I guess you are correct, but it's a black hole that's configured by the receiving system.

          Who the fuck do you think configures existing blackholes? The US government? Aliens? No, it's individual site administrators. They may choose to run with an unaltered public blacklist, but that's not inherent in the blacklist paradigm.

    • RFC-821 Re-Write is Not Needed (Score:4, Insightful)

      by minas-beede ( 561803 ) on Saturday May 03, 2003 @06:40PM (#5871047)
      OK, it's time to start thinking in a different mode - what's been done so far isn't working well enough. Look at the facts: almost all relay email sent through open relays because they are open relays is spam. I mean something like 99.9999% of it - almost all. Most of the rest is spammer relay tests. Quality people don't looking for open relays through which to send their email. Spammers do that. Take advantage of that knowledge. If only spammers use that pathway MINE that pathway. It's figurative mines, not real ones: prohibitions against deadtraps don't apply.

      Instead of continuing the three-years-long moan about all those clods who run open relays (I was once one of them myself) why not quit moaning and DO SOMETHING? Spammers send relay tests. DO SOMETHING that screws the spammer because of that. Report relay attempts to his ISP, accept and deliver the tests and send the spam to /dev/null - ACT. Make up your own way of dealing with them, but make it hurt them in some way, however small. Get any number at all doing something with the tests and those that merely accept the tests and ignore them will help strike fear in the spammers hearts (the operator who does nothing knows he does nothing. The spammer has to worry that the operator does more.)

      Like, for instance, here's a relay test from today:

      Received: from adsl-65-70-89-125.dsl.tulsok.swbell.net by X.X.X;
      Sat, 3 May 03 12:04 CDT
      Message-Id:
      Date: Sat, 03 May 2003 12:01:44 -1700
      From: 0eik00ha7i95o4@starband.net
      Subject: hello
      To: timsmith777@connectfree.co.UK
      MIME-Version: 1.0
      Content-Type: text/plain; charset="Windows-1252"
      Content-Transfer-Encoding: 7bit
      X-Priority: 3
      X-MSMail-Priority: Normal
      X-Mailer: Microsoft Outlook Express 5.00.3018.1300
      X-MimeOLE: Produced By Microsoft MimeOLE V5.00.3018.1300

      054053046055048046056 057046049050053058097 10011510804505405304505504804505605704504905005304 610011
      510804611611710811 511110704611511909810110810804611 0101116058049049048051058057058089101115

      (I had to beeak up the strings becuase of the Slashdot "lameness" filters.)

      It takes as close to no smarts at all to trap a test like this as is possible. DO IT.

      (By the way, I altered the string in the message-ID: that's where spammers who use this form of test encode the IP tested.) Similarly, they encode where the test originated in the body. It's decimal ascii: "048" encodes "0," etc.

      Don't want to do SMTP trapping? No problem - trap some spammer open proxy abuse. MAybe you'll learn his IP, even (the clown who sent the test above has been using the same IP since at least 11-Mar-2003.)

      I've been telling connectfree.co.uk about these test messages going to the spammer dropboxes in their space. I suggest that they simply divert email to the dropbox address so it goes someplace else. This is SOMETHING they can do that really screws the spammers. Until the spammers figure out the email is being diverted they discover no open relays if the email through those open relays to the dropbox doesn't get delivered.

      Isn't it about time people though about what to do to stop these spammers? Is it so terribly hard to divert email to a known spammer dropbox address someplace else? Does that not conform to the TOS? CHANGE the TOS - quit waiting for someone else to solve spam and act. Worried about the US DOJ saying this is a crime? Hey, we're talking about a .co.uk location - US law doesn't reach that far. DO IT.

      Read my post again. See anything that says action must wait for a change in the SMTP protocol? NO. See anything that says the little guy with a DSL or cable connection can't take part? NO. ISPs could do even better - think about what the ISP with hundreds of abused open proxies could do if it intercepted the proxy connections made by the spammers.

      This does nothing to stop direct spam. There blocklists work like a charm. This does an awful lot to sop abuse-path spam (non-direct spam.) DO IT.

      Or continue to moan. One path has better results - see if you can tell which.
      • Welcome to 2003.... Most spam today isn't from open realys, its from hacked boxes that have had proxies installed.
        • "Welcome to 2003.... Most spam today isn't from open realys, its from hacked boxes that have had proxies installed."

          Where's your data? I have no doubt some spam comes that way - I've read Michael Tokarev's November, 2002, report in mailing.postfix.users. Absent actual evidence I can't see any reason to assert that hacked boxes are now the principle conduit for spam.

          I know spammers still seek open proxies and open relays - these are still valid areas of concern and action.

          (http://groups.google.com/gro
          • I think most of the open proxies were put there and aren't config issues. Too many of them are on the wrong ports. Besides word gets arround way too fast for an open proxy on very strange ports.

            This is a recent change since November and the amount of spam I'm getting that fits into the new grouping is about double what the open smtp people were doing.

            Of course I only check a few sorces of spam but the logs show the funny proxys are much faster at sending spam than the smtp relays. I'm wonding how long
            • "I'm wonding how long it will be before they start installing smarter software on the proxies."

              I think it's pretty damned smart already. I can't recall where but I read a description of Jeem on on of the anti-virus web sites - that is pretty sophisticated already. The downside I hope exists for the spammers is that this brings all the security people into the fight against spam - when the spammers crack into systems (by whatever pathway) they've really crossed a line.

              I advocate open relay and open proxy
    • The SMTP rewrite is called X.400 and it sucks. Everyone with an email address would have to register with someone that makes a verisign cert pricing look like a good deal.
  • Why wouldn't a nationwide 'do not email' list work?

    I would think this is even more feasible and enforceable than the 'do not call' list that people are trying to establish to combat telemarketers.

    Pass a law that unsolicited email sent to an address on the list is subject to a fine.

    If the spammers are sending out multi-thousands of emails, even a fine of $50 per complaint would soon put spammers out of business. The fine could be split between the 'spamee' and some agency to enforce the spam law. I woul

    • In order for such a list to be effective, it would have to be available. If it's available, it would also end up in the hands of foreign spammers whould would use it as a source of higher percentage real working addresses. Of course the simple solution to that is that the list has to be distributed in the form of list of cryptographically strong (unreversable) checksums. To see if the next email address to be spammed is on the list, calculate the checksum of the canonical form of the address (e.g. lower

    • It wouldn't necessarily have to be available.
      Instead, the spammers could upload their lists to a server and the server could return addresses not on the "Do not email" list.

      I've proposed this to the state of Missouri but no go so far.

    • Why wouldn't a nationwide 'do not email' list work?

      Because I own my mailbox/machine/network and my premptive decision is that marketers don't get to use it without explicit permission (opt-in). The default is "you don't use my network without my permission", not "you can use it unless I tell you not to."

      The last step of this medium is owned by me; not the television networks, not radio networks, but me. The consumer pays the majority of the cost for transmission on the internet, they get to say how

  • Yeehaw (Score:5, Funny)

    by arakasi ( 225629 ) on Saturday May 03, 2003 @03:51PM (#5870084)

    Motohiro Tsuchiya, a communications professor with the International University of Japan, said Friday that about 80 percent of spam in Japan comes from outside the country and most of it is in English.

    ``We are now importing more spam from the United States,'' he joked.

    Yeah! Finally Japanese importation of at least one U.S. product exceeds their exportation! ;-P

  • FOR IMMEDIATE RELEASE (Score:5, Funny)

    by rice_burners_suck ( 243660 ) on Saturday May 03, 2003 @03:52PM (#5870096)
    The Federal Trade Commission (NASDAQ: MSFT) today announced plans to increase the amount of SPAM mail, the digital blueprints for highly desired Internet content, sent annually to over 40 million addresses on the Internet. By leveraging innovative technologies, content providers streamline compelling enterprise solutions. The move is said to foster the development of new information technologies.

    "We are excited at the news to increase the amounts of this highly desirable content that we email every day," said Xing Dung Ho Chung, president of some organization in China that sends over 5 billion SPAM emails daily. "Our customers will be very pleased when download times increase proportionally with the desirable noise to undesirable signal ratio as we flood the Internet with our information, preventing undesirable signal from getting through."

    Hong Dong Chong Shlong commented, "Our goal is to reduce the Internet into a medium for advertising with no possibility of gaining any other use from it. Our long term plans include government lobbying to illegalize the information that people want while simultaneously forcing people to spend a minimum quota of time reading every word of SPAM and clicking on every full screen advertisement that comes up. Strategic partnerships with computer companies and additional legislation will force the consumer to purchase a new computer each day because the hard drive of yesterday's computer will break down with the wear and tear of yesterday's immeasurable amount of SPAM."

    SPAM companies also indicated plans to lobby for laws requiring the consumer to purchase every product and service advertised to them. The long term plan is to give huge multinational corporations an easy method to eternal, perpetually increasing profits with no benefit to the consumer. Humanity, except the shareholders of several enormous conglomerates, will be enslaved forever.

  • the solutions are there (Score:2, Interesting)

    by zogger ( 617870 )
    --the solutions are there, just very few people want to be the first ones, and it has to come automagically installed out of the box. That's the bulk of the email users and receipients. They use what comes installed. They use mostly microsoft. Microsoft does not ship any email client that filters spam AFAIK. It doesn't ship an easy to use click here to generate a whitelist for receipients, that bounces everything else. There's your basic problem. Once again, those that made the most money by far ship the le

  • Spam is dead (Score:5, Informative)

    by ajs ( 35943 ) <ajs.ajs@com> on Saturday May 03, 2003 @04:03PM (#5870157) Homepage Journal
    Get used to a mailbox full of ... whatever you want, including nothing.

    Spam tools are currently at the point tht detection of spam is a near-certainty and the probabilities for false-positives (e.g. good mail getting called spam) are measured in the 0.00n-0.0n% range (that is n in 100,000 to n in 10,000) which can almost always be improved on locally by the user through various means that are anti-spam-tool independant.

    SpamAssassin [spamassassin.org] is currently my tool of choice. It's very flexible, can be used with any UNIXish mailer and is just getting frighteningly better over time.

    SA's recent addition of Razor2, a Bayesian filter and improved handling DNS blacklists (which SA weights so you can apply them withour worrying about slicing large and useful parts of the Internet out of your field of view) have reduced many concerns that folks had before about active abuse of SA's rule-base in the past. The speed with which this system applies hundreds of tests to a message is also quite stunning, and a major boost to Perl's tacit reputation as a "slow" language.

    The biggest problem with SA right now is probably the inability to scale up to the mid-range ISPs and medium-sized business without SERIOUS harware allocation due to the heavyweight neature of its testing. That's my personal mission for SA over the next year or so. My goal is to make SA a reasonable option for anyone that has to process orders of magnitude more mail than your average ISP (e.g. AOL).

    When the upcoming 2.54 comes out, I HIGHLY recommend checking it out. You can install SA on most UNIX-like systems, as long as they have Perl installed by typing (as root)
    perl -MCPAN -e shell
    following the configuration process if you have not done so for Perl before, and then typing
    install Mail::SpamAssassin
    After that it's just a matter of how you want to configure your MTA to talk to SA. I recommend using SA in "spamd" mode with sendmail and procmail. If you already use sendmail with procmail delivery, you just have to change your .procmailrc by adding rules to invoke SA, and there are good examples of that on the SA site [spamassassin.org]. You can also use qmail (officially qmail doesn't support this kind of thing, but if you use the standard set of patches that most every has to apply, it's reported to work fine) and postfix (though postfix has some complexity when it comes to setting up any kind of uni-directional filtering).

    Good luck!
    • Ooops, in the beginning of that message, I meant "anti-spam too dependent"... sorry if I implied there's an anti-spam-tool universal config file, though IMHO, there should be....
    • Has anyone tried a Bayesian filter with an Soundex like system? I'm thinking it would help take care of some of thouse misspelled subject lines.
      • Actually, you don't want to do that. If someone says "sluts", then it's a fair indicator of spam, and that word will be weighted appropriately by Bayes. However, if they say "5LUTS", it's MUCH MORE likely to be spam!

        Obfuscation in most cases is self-defeating, and only people who thinkg that avoiding this or than specific rule is going to help them bother.
    • The speed with which this system applies hundreds of tests to a message is also quite stunning, and a major boost to Perl's tacit reputation as a "slow" language.

      I think not. lists.indymedia.org was using it, and it induced an almost complete system meltdown with emails taking over 5 days to deliver in some cases. They had to uninstall it and get some new hardware.

      Then again, perhaps it was misconfigured or mis-installed so that it was invoked in an inefficient way - that's a possibility I suppose.

      • It was probably a fair number of versions ago. SA now has a daemon-mode called "spamd", since it turns out that most of the startup cost is in parsing the configuration (e.g. all of the rules), and compiling the Perl, of course.

        Once you have spamd in use, you cut your CPU usage amazingly (made it usable for my company), and your memory access patterns are much more reasonable for the OS to deal with. Memory is still used liberally, but that will probably change when later versions of Perl start doing CoW m

  • Answer the question that lawmakers want (Score:5, Insightful)

    by clovis ( 4684 ) on Saturday May 03, 2003 @04:06PM (#5870176)
    Nothing will be done until someone answers the question that lawmakers always ask:

    What's in it for me?

    No matter what you present to a politician, no matter how good the cause or important the problem, laws get introduced and passed for only one reason, and that reason is that someone was able to answer that question.
    Sure, it's possible that the answer was "you'll advance your career if you save mankind with this bill", but that almost never happens. There's always a payoff somewhere, and what I can't figure out is a way to tell a Congressman what's the benefit to him for putting in the effort to fix the spam problem. And getting a bill passed is a hell of a lot of work.

    I say: "There's these people who make money by sending a deluge of annoying fradulent emails
    that ..." All the politician hears is "There's these people who make money" and wonders "How can I get some of it?"

    If every spam victim donated a dollar to support congressmen (IE, campaign funding) to do something about spam, then it'll get done. I for one am ready to help.
    Just put your name at the bottom of the list, and send $5 to the person at the top of the list. Now send the list to five of your friends and soon, real soon, we'll have enough money to buy a whole session of Congress. This is completely legitimate, a lawyer looked it over, but you mustn't break the chain.

    • If every spam victim donated a dollar to support congressmen (IE, campaign funding) to do something about spam, then it'll get done. I for one am ready to help.
      Just put your name at the bottom of the list, and send $5 to the person at the top of the list. Now send the list to five of your friends and soon, real soon, we'll have enough money to buy a whole session of Congress. This is completely legitimate, a lawyer looked it over, but you mustn't break the chain.

      Yes, and Instant Message this around, to

    • Sure, it's possible that the answer was "you'll advance your career if you save mankind with this bill", but that almost never happens.

      Spam doesn't just affect geeks. Don't you think that being able to claim truthfully that you were the sponsor of a bill that substantially reduced spam and saw many spammers fined/jailed would win a few votes?

  • I don't get that much spam... (Score:3, Interesting)

    by flamingdog ( 16938 ) on Saturday May 03, 2003 @04:11PM (#5870204) Homepage
    You know, it's really not that big of a problem for me...

    I use Yahoo! mail, and they really do a great job of filtering spam. They have an option by every email to report it as spam, have it investigated, and then blacklisted if appropriate (delivered to spam folder, not deleted, just in case it's important in some way)

    In addition to their spam filters, you can create your own and they work pretty decent, too. I get about 100 spam mails a day, about 95 are filtered to my trashcan or spam folder, and only about 5 get through...I can deal with that.

    I don't see how spam makes any money any more...oh well.
    • me neither.. i guess having .adsl in the address cuts off most of it.

      i even have my email on a page available through crawling..

      how much spam i get? about 0.05 per week, i don't call useless mail i get because i subscribed to something spam though.

      as for the what's the stuff they're selling through spam.. man, i was reading old spidermans just today and it's unbelieviable what they advertise there.."buy this book and be a super athlete in few weeks"
  • Spam would stop if nobody bought anything from spammers. SOMEBODY out there must be buying the generic viagra and paying for memberships at hoochiemamma's webcam site. Likely it's nobody that reads or at least is an active participant in sites like this, but THAT's the message that needs to get out. "Don't want spam? Don't buy any of these things". Spammers need money to send spam email. If we don't buy their product they either go out of business or learn that they are losing money by sending spam.

    Now, I

    • Spam would stop if nobody bought anything from spammers.

      True. However, the spammers cost-shift their advertising costs onto the end user. Since they can steal from the consumer they have the ability to reduce their costs so much that a previously unrealized business model becomes possible.

      Their entire business model is based on that one sucker out of 1 million who buys. There's no way you're going to get the word out to everyone in sufficient quantity to even come close to making a dent in the spam

  • Spam (Score:2, Informative)

    by DaLiNKz ( 557579 )
    I have two different issues with spam:

    One, my email address that i use for almost everything for the past 4 years only recieves 1 or 2 spam a day. The address i used for 3 months recieves 100-150 spams a day, it is impossible to use that address for anything..

    Now i use two email addresses, one for things like MSN and registering to forums and websites that goto a drop box and then my main address that i only give out to people these days.. its useful, even behind the current spam filters we have on the

  • To stop spam? Two words. (Score:5, Insightful)

    by MsWillow ( 17812 ) on Saturday May 03, 2003 @04:27PM (#5870289) Homepage Journal
    White list.

    If the *only* way for email to arrive in my mailbox was if it came from (or at least purported to come from) somebody on my list, I'd never see spam again. No need to bounce it, just delete it from the mail server, sight (and site :) ) unseen. Eventually, if everybody started doing this, spammers would see zero revenue, and the tide of spam would disappear.

    Anybody know of a Linux email app that does this all, deleting spam at the server but downloading wanted email? I'm all ears.

    • whitelists mean the spammers have won. (Score:4, Insightful)

      by Schlemphfer ( 556732 ) on Saturday May 03, 2003 @07:46PM (#5871362) Homepage
      Eventually, if everybody started doing this, spammers would see zero revenue, and the tide of spam would disappear.

      The trouble is that comparatively few people are savvy enough to switch to whitelist email systems. And it only takes a small percentage of internet users who don't block spam, and who order occasionally from spam, to keep the spam problem a growing nightmare for the rest of us. I think it's unrealistic to suggest that whitelists can solve the spam problem, since there's no way to argue they'll be adopted widely enough to keep huge amounts of spam from reaching people.

      And another thing. I want random people to be able to contact me, for whatever reason. What I don't want is to be contacted by automated email systems for purposes of marketing. In my mind, whitelists prevent the latter, but they also prevent or seriously inconvenience the former. And to me, that's unacceptable. I presonally rely on Mozilla filters, which rid me of about 97% of my spam, while allowing the email of random people who need to contact me to (usually) get through.

      • it's unrealistic to suggest that whitelists can solve the spam problem, since there's no way to argue they'll be adopted widely enough to keep huge amounts of spam from reaching people.

        If it came already set-up that way, by default, in Micro$oft's new OS, and AOheLl's new version, you'd catch a fairly large percent immediately, and with that userbase, there would be one hella incentive for other email programs to incorporate these features in their new releases, too.

        Now, if you want anybody to be able to

  • Whitelisting works for me (Score:3, Interesting)

    by NetDanzr ( 619387 ) on Saturday May 03, 2003 @04:29PM (#5870311)
    Disclaimer: I've been using this method for a few months now, but I've heard the term "whitelisting" to describe this method only yesterday on CNN Headline News. I don't take any credit for it.

    Anyway, here is how it works: Set up filters for people who you want to get messages from. I personally have several different mailboxes - for family, work, newsletters I subscribed to, etc. Everything else goes by default to the trash. Operating several Web sites, I needed to make sure that strangers can contact me, too, which is shy I set up links to my e-mail to include a standard subject, and I set up a filter to look for those subjects. This way, I'm able to eliminate 99% of spam (the rest is a combination of viruses (virii?) and spams the spoof the sender's address to someone who's on my list. In turn, I lose less than 1% of messages that I'd actually want to receive. Considering that I was getting 50-70 spams per day and only 3-5 real e-mails, the numbers are on my side.

  • Hello, McFly! (Score:3, Insightful)

    by Faust7 ( 314817 ) on Saturday May 03, 2003 @04:32PM (#5870329) Homepage
    neither technology nor laws are yet capable of completely dealing with the plague.

    Um, of course they're not. If they were, the problem wouldn't exist.

    That's why we develop new ones.


  • Unfortunately there is money to be made sending spam.
    ISPs make money from spam. Some internet users, like those using Aol, MSN, and other tricked out ISPs,
    have not got the brains to read anthing in depth anyway so they need to have flash, groovy pics, colored text etc to have the computer work.

    These types of users GO to the URLs that pop up in spam and could'nt use a real email program if they knew what it was in the first place. The only thing they do with the computer is use IE or AOL to tell them wher

  • spamd (Score:3, Interesting)

    by cdn-programmer ( 468978 ) <<ten.cigolarret> <ta> <rret>> on Saturday May 03, 2003 @04:55PM (#5870453)
    I think spamd is the way to go. Its in the new release of OpenBSD. Of course - spammers will react very quickly and blackhole any OpenBSD protected site.

    But that is great for us - because we don't want to hear from them anyways.

    This is just part of the evolution of the net. A new species pops up and slowly takes over.

    Eventually uncompetative experiments die out completely.

  • Spamassassin plugin (Score:3, Informative)

    by TheFlu ( 213162 ) on Saturday May 03, 2003 @05:16PM (#5870545) Homepage
    I've been using Spamassassin [spamassassin.org] along with the Razor and DCC plugins and it works very well, 99% of the spam that enters my Inbox is clearly labeled as such. However, does anyone know of a piece of software that will automatically add the IP address of the mail server that sent the spam to my sendmail access.db reject list? If there isn't such a thing, already, I could probably write one myself, but I don't want to go through the effort if it's already been done.
  • Forward your deceptive spam to the FTC at uce@ftc.gov. If we can up the numbers they get from thousands to millions, maybe they'll fix the problem.

    http://www.ftc.gov/opa/2002/02/eileenspam1.htm

  • DMA's opt-out response… (Score:3, Interesting)

    by WiredOni ( 593210 ) on Saturday May 03, 2003 @05:53PM (#5870773)
    I am not surprised at the amount of laughter that DMA president H. Robert Wientzen caused by saying that commercial email should be opt-out. It is no wonder people hate the marketers mentality that consumers should be force to see their advertisements.

    Pretending for the moment that all the spam problems don't exist and ignoring their redefinition, can you imagine trying to opt-out of billions of email messages? Even if there was rules and they did honor opt-outs, they are still killing the usefulness of email by flooding you with crap that prevents you from getting you real messages.

    Then there is the fact that the DMA they probably will not follow the rules or will have lots of holes when they make the rules. One example I can think of will be that they make it so they can just change the names of the "company" or have several "companies" and switch the "company" sending the email so they can re-send you the same emails.

    If companies really wanted to be ethical about this and have customers, they would not resort to ticking their potential customers off and they would use confirmed opt-in and not sell their customers personal info (email, phone, street address, etc). It may be harder to get customers, but it is a lot better in the long run if you are get and retain those customers that way then what you might get if you resort to spamming the hell out of them.
  • ...Who came up with this? The technology for dealing with spam and spammers has existed for longer than e-mail. It's called 'a gun'.

    Kill the spammers, and the spam stops. It's that simple.

  • intentionally bad spam (Score:3, Interesting)

    by drDugan ( 219551 ) on Saturday May 03, 2003 @10:02PM (#5871988) Homepage
    has anyone else noticed a stream of spam that appears to be forged in an attempt to get the highest spam scores possible?

    Over the last few (2-3) months, I've watched the maximum spamassassin scores for filtered mesages -- rise steadily. it looks like people somewhere are actually trying to create spam that trips as many of the rules as possible. Its actually kind of funny -- scores like 45-55 are not uncommon.

    anyone else noticed this?

    • I've seen the exact opposite. For the last couple of months, I've seen an increasing number of spams that have forged features that generate negative scores - negatives scores big enough to outweigh the "spamminess" of the rest of the message.

      Fortunately, although annoying, this problem is easy to fix. For any forged feature that gives a negative score (ie, PGP signature, PINE as client, etc.), just go to your user prefs and assign a score of 0 to it.

      I've already set the majority of the features that

  • Problem is that there can't be a single solution that will keep everybody happy.

    Technical solutions won't work because most of the Internet won't just change on somebody's whim. Doesn't help that most of the technical "solutions" I've seen here and elsewhere range between ineffective and idiotic.

    Political solutions won't work because nobody has a universal definition of what we want to ban, and the obvious inability to get the spammers to follow the rules.

    Legal solutions won't work because of jurisdi

  • Before we try to figure out how to ban spam, we need to know how it works. Has anybody done a real study that would tell us things like:

    • How much money do the spammers make? I'm talking looking at the books, not news articles by uncritical reporters.
    • How successful is spam as an advertising medium? I'm talking about auditing the books of the guys selling penis enlargers or whatever.
    • Who answers the ads? What happens to people who actually give their credit card numbers to spammers?
    • How does spam g
  • "Internet gurus, software designers and lawyers today ended a three-day Federal Trade Commission discussion on combating spam by concluding neither technology nor laws are yet capable of completely dealing with the plague."

    OK, you think about it, you make up your mind - is it hopeless?

    What is the one arrow the spammers have in their quiver? Send more spam. What do they do in response to protective measures such as filters and blocklists? Send more spam. Is this perhaps why you see more spam - the def

Slashdot Top Deals

The Tao is like a glob pattern: used but never used up. It is like the extern void: filled with infinite possibilities.

Close