Comments

You have commented 339 times on Rantburg.

Your Name

Your e-mail (optional)

Website (optional)

	My Original Nic Pic-a-Nic Sorry. Comments have been closed on this article.
Foto

Submit your comments on this article

Home Front: Tech

Techies Working on Spam Blockers

2004-07-11

Aggravating, time consuming, and expensive â spam, cyberspeak for junk mail — has gotten so bad that many computers are virtually unusable.

Tell me about it. I was so busy for two days last week that I didn't have time to read my mail. I had over 900 messages, of which most were spam. Anybody whose mail I didn't answer, I apologize...

"This is totally illegal and something needs to be done about it," said Peter Chambers of Affinity Web Services.

Actually, sending email is a legal activity in most places. It's hijacking other people's computers to use as SMTP servers that's illegal...

Last year, President Bush signed a law making spam illegal in some cases. The Bush administration has declined to create a national "do not spam" registry to discourage unwanted e-mails, arguing that using the current technology could allow such a registry to be hacked, giving the unscrupulous spammers access to the e-mail addresses on the list. Spam costs U.S. businesses $4 billion a year in lost productivity alone. Consumers can buy spam blockers for about $50 but larger businesses and Web service providers are spending $1 million or more on software to block certain headers or words in incoming e-mails.

Spam blockers aren't infallible, either. I have tales of woe on that one, too...

While spammers defend their right to send unwanted e-mail, experts say many of the messages carry viruses, trick consumers into buying useless products at inflated prices and lure consumers into authenticating their addresses and giving up their personal information.

Pay Pal and EBay phishing seems to be down this week. I wonder if those guys were caught?

Tech giants Microsoft, AOL, Yahoo and Earthlink are developing "Sender ID," which identifies and deletes any e-mail that canât be traced to its Internet address. It is similar to caller ID for telephones.

That's a damned good idea. I've got telstra.com and bigpond.com blocked at the server, and I've come close to doing the same with AO-Hell a few times. Instead, this afternoon, instead of working on Rantburg — I should have the new server installed this week — I'll be working on a spam killer that I started a couple months ago.

Posted by:Mark Espinola

#10
Bold:
Italic:
Strike:

Posted by: Ebbavith Angereling7227 2004-12-21 1:47:57 AM

#9 Great advice all around, OS. I consider that to be a comment for the archives.

Posted by: eLarson 2004-07-11 10:13:43 PM

#8 Chris, I know about the adaptive spam filters. I myself use Spam Assasin and others. I also know my ISP (earthlink) does some filtering as well....

My point is why should I have to use my bandwidth downloading their crap? I pay for my connection and even if it is broadband it still is a cost. I am also afraid that the filter might throw away something good (which has happened as well).

I also use a 'dummy' account like the one given as my link for Rantburg (its a yahoo account).

I also get 'bounce' messages from spammers fraudulantly using my email account as the 'from' address for their spam spews.

I also used 'sneakemail,.com'. This is where you can setup a free email address which gets 'forwarded' to you real address. Among other things you can track who is selling your address by tracking who you give it to. You can also direct it to simply drop all email sent thru that address.

And I dont how many emails I forwarded to the ebay abuse line in the hope that they can catch the abuser.....

Posted by: CrazyFool 2004-07-11 10:07:47 PM

#7 Popfile does an excellent job - its a Bayesian filter. Glad to see that stuff making its way out into the unclassified world, finally.

Secondly, the "SenderID" is already out there in an open standard. pobox.com has it and has open sourced it.

POBox's advice:

1. Don't use a common word or name as an email address. One of the most common spam tactics nowadays is to send millions of messages to every name and word they can think of, from adam@yourdomain.com to zebra@yourdomain.com.

2. "Munge" your email address
"Munge" means to alter your email address so that a human can figure it out, but an automatic harvesting program will get a fake address. Do not make up domain names or simply alter your user name, as that will cause spam to go to someone else. A good example is ouralias@pobox.nospam.com, although the more commonly used a munge tactic is, the more likely it is to be stripped out by the harvesting program. On web pages, include your email address as a graphic, instead of text.

3. Remove your email address from online directories. Unless the online directory has restricted access (like an intranet behind a firewall), online directories are a potential pool for email addresses.

4. Use a spam-catching account. Create an account that isn't your primary address. Or use an alias that you filter to a different mailbox. Then use that address for everything except emailing people you know personally. You should use it when posting to newsgroups and chat rooms, subscribing to public mailing lists, registering at websites, on your web page, or anywhere else that could be found by a program or sold by a company. You should not throw this mail away, but separate it from your regular email, so you can deal with it when you feel like it.

Use an anonymous remailer when posting to public forums. This allows you to post anonymously. See About.com's page on remailers.

If you are subscribed to a large, public mailing list, you may want to ask the listowner who can access the subscriber list. Some mailing lists will provide a subscriber list to anyone who knows how to ask for it.

Use an image that displays your email address on your web page.

NEVER reply to spam or fall for the "remove me" trick. Once they have verified that your address is active, it will be a lot harder to get removed. "Reputable" companies (ex. amazon.com) will honor remove requests. But if you aren't certain, don't respond.

If you are on a site that asks you for your email address, assume that they will use it to send you spam unless they are a reputable company you feel you can trust.

Some spammers have been using personal messages that give you the impression that you have received mail intended for someone else. When you reply, they verify your address and add you to their list. If you get suspicious looking mail that seems just too personal, ignore it.

Report it! While most ISPs do take steps to prevent their resources from being misused, there is always the possibility of getting around it. There are a lot of programs out there that will automate the process for you.

Posted by: OldSpook 2004-07-11 8:43:33 PM

#6 You are wrong, Crazyfool. There are a type of adaptive filter programs that learn what spam looks like and filter with great accuracy. When spammers change strategy, the filter learns the new key words very quicky. I get 400 emails a day, 395 of which are Spam and the free program I use, PopFile, makes about one mistake per week or so. It is 100 times better than Norton/ MacAfee antispam programs

You can even use it to categorize your good mail into groups

Posted by: Chris Smith 2004-07-11 8:15:46 PM

#5 And I sent Fred 10,000 emails telling him how to get rich surfing the internet.

Posted by: ed 2004-07-11 11:16:09 AM

#4 "Anybody whose mail I didn't answer, I apologize... "

Fred, I sent you one about how to get rich answering surveys online at home while getting your penis enlarged....

Posted by: Frank G 2004-07-11 11:03:52 AM

#3 Some people take a lot of education. I win eight or nine international lotteries a day, a matter of millions and millions of dollars. I had an interesting conversation with a lady at work not long ago, who quite by coincidence won a few of the very same lotteries herself, also without buying a ticket. It took me awhile to convince her that giving the prize committee her bank account number for them to deposit all that money from the payout might be a bad idea.

Posted by: Fred 2004-07-11 10:48:37 AM

#2 Developing spam blockers won't work -- someone will simply get more creative and fraudulant. I think the protocol needs to be replaced or updatted. The protocol was written back when the internet was a small and much more secure network (DARPA) and is wide open and insecure. It was never meant for massive use over a insecure network.

How many people know that you should not send credit card numbers through email?

Sender-ID is a good idea (Will that be an 'open' protocol?) Some means of possitivly identifying the sender is needed (I opt for PGP signing/ecrypting everything) and having heavy fines against people who accumilate a good number of 'complaints'.

Another is to make it unprofitable by educating people not to do business with Spam senders or the people they represent. -- If they will commit fraud to send you the offer you probably don't want to do business with them.

Posted by: CrazyFool 2004-07-11 10:09:57 AM

#1 Yea wonderful. I have had one of my domains Joe Jobed by this scum. I get 600 + spam messages a day to my personal mail box. (I filter it out mostly) Congress could have done something but it bent over for the telemarketers who want to get in on the action. Opt out doesn't work.

Make sending spam a federal crime and buying crap from them one too. Put "legit" business that hire this waste of skin out of business.

If I ever find out who is Joe Jobbing me they are getting a 45 cal enema. When you steal my name you asked for it.

Posted by: FlameBait93268 2004-07-11 5:21:47 AM

00:00