Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Internet Is Losing Ground in Battle Against Spam
NY Times ^ | April 22, 2003 | SAUL HANSELL

Posted on 04/22/2003 5:43:55 AM PDT by Pharmboy


Axel Koester for The New York Times
Albert Ahdoot and Alyx Sachs have operated
the e-mail marketing business NetGlobalMarketing
in Los Angeles for about a year.

Alyx Sachs is no longer sending people e-mail offering to "fix your credit risk free."

Confronted by an increasing number of individuals, businesses and Internet service providers using software meant to identify and discard unwanted junk e-mail — commonly known as spam — Ms. Sachs has been forced to become more creative in her marketing pitches. The subject line on her credit e-mail, for example, now reads "get a fresh start."

From a small office on Sunset Boulevard in Los Angeles, millions of messages prepared on behalf of others by Ms. Sachs and her partner are still going out to e-mail in-boxes every day, promising not just to restore a poor credit rating but also to sell printer ink, 3-D glasses and, lately, even playing cards with pictures of wanted Iraqi leaders.

In the cat-and-mouse game of e-mail marketers and those trying to stop them, the spammers are still winning.

So far, nothing that has been tried to block spam has done much more than inconvenience mass e-mailers. Just as Ms. Sachs's company, NetGlobalMarketing, has been able to reword its e-mail to evade spam filters, others use even more aggressive tricks to disguise the content of their messages and to send them via circuitous paths so their true origin cannot be determined.

"There is no silver bullet," said Lisa Pollock, the senior director of messaging at Yahoo, the popular Web portal. "There will always be people who can find a way to get around whatever you have in place."

No doubt making a living selling things by e-mail is becoming harder. Not only are more messages being blocked by automated antispam systems, more senders of e-mail are also facing legal action. Last week, America Online and the Federal Trade Commission each filed suit against e-mailers that they say are illict spammers. Congress is seriously considering legislation to crack down on spam.

But the infestation is growing faster than the antispammers can keep up. Brightmail, which makes spam-filtering software for corporate networks and big Internet providers, says that 45 percent of the e-mail it now sees is junk, up from 16 percent in January 2002. America Online says the amount of spam aimed at its 35 million customers has doubled since the beginning of this year and now approaches two billion messages a day, more than 70 percent of the total its users receive.

Indeed, the spam problem defies ready solution. The Internet e-mail system, designed to be flexible and open, is fundamentally so trusting of participants that it is easy to hide where an e-mail message is coming from and even what it is about.

Another reason there is so much spam is that, with a simple computer hookup and a mailing list, it is remarkably easy and inexpensive to start a career in e-mail marketing. Companies that offer products like vitamins and home mortgages as well as those selling items like penis and breast enlargement kits will allow nearly any e-mail marketer to pitch their wares, paying a commission for any completed transaction.

The microscopic cost of sending e-mail, compared with the price of postal mailings, allows senders to make money on products bought by as little as one recipient for every 100,000 e-mail messages. Internet marketing companies typically charge $500 to $2,000 to send a solicitation to a million in-boxes, but the cost goes up if the list is from a reputable source or is focused on people in certain favored demographic groups. Sending the same offer to a million people by mail costs at least $40,000 for a list, $190,000 for bulk-rate postage and more for paper and printing.

Albert Ahdoot, for example, started a part-time business using e-mail to sell printer-ink refill systems while he was in college. When he dropped out of medical school, he hooked up with Ms. Sachs, a former producer with Geraldo Rivera who later worked in marketing at several Internet companies. With her client contacts, his technology and some e-mail lists they acquired, they started their business about a year ago.

Like many in the e-mail marketing business, Ms. Sachs says her e-mail blitzes are not spam because she sends them only to lists of people who have agreed to receive marketing offers over the Internet. These opt-in lists, as they are called, are generated when Internet users enter a contest on the Web or sign up for an e-mail list in which the fine print says the user agrees to receive "occasional offers of products you might find valuable from our marketing partners."

Arguing that no one is forced to sign up for e-mail pitches, Internet marketers say that the attack on spam has already gone too far, interfering with legitimate business.

"We have allowed these spam cops to rise out of nowhere to be self-appointed police and block whole swaths of the industry," said Bob Dallas, an executive of Empire Towers, an e-mail firm in Toledo, Ohio, widely cited on antispam lists used by many Internet companies.

"This is against everything that America stands for," Mr. Dallas added. "The consumer should be the one in control of this."

But activists who oppose spam say that some e-mailers who argue that they have permission to send e-mail to a certain address often do not. Earlier this year, a New York court ruled that a Niagara Falls, N.Y., company, MonsterHut, had violated antifraud laws for misrepresenting opt-in permissions.

Lower on the marketing totem pole than opt-in mailing is what the industry calls bulk e-mailing: blasting a message out to any e-mail address that can be found. CD-ROM's with tens of millions of e-mail addresses are widely available — advertised by e-mail, of course. These addresses have been harvested by software robots that read message boards, chat rooms and Web sites.

Others use what are called dictionary attacks, sending mail to every conceivable address at major e-mail providers — first, say, JohnA @example.com, then JohnB @example.com, and so on — to find the legitimate names.

Such distinctions, however, are usually lost on users who, in recent years, have found unwanted marketing pitches are overwhelming their legitimate e-mail.

As dissatisfaction has risen, the big Internet service providers, like AOL, and purveyors of free e-mail accounts, including Yahoo and Microsoft's Hotmail, have all greatly accelerated efforts to identify and block spam. Among other things, they have created prominent buttons for users to report offending e-mail as spam.

There is little that Internet services can do to keep spammers from gathering e-mail addresses directly from users. Many people still will type virtually their life history into an unknown Web site that claims to be offering a chance to win a Lexus.

But some Internet providers have built systems to identify when they are being subject to dictionary attacks and cut them off quickly before valid e-mail addresses are deduced.

To identify phrases and other patterns that occur in spam, the Internet service providers look at what is received in thousands of so-called honeypot e-mail accounts — those that have no legitimate reason to receive e-mail messages.

The spammers quickly caught on to this technique, however. So they have varied their messages — morphing, they call it — often by simply appending random words or characters, so the filtering systems no longer see millions of identical solicitations.

At the same time, e-mail users now receive spam that is not only unwanted but cryptic, too. In an attempt to avoid automatic filters that search for certain phrases, marketers offer, for example, "Her bal V1agra" and ways to make "F*A*S*T C*A*S*H."

So the Internet companies now look for unusual spelling as well. "Some people have jobs that change day to day," said Charles Stiles, the technical manager of AOL's postmaster team, which looks after spam blocking. "Ours changes from minute to minute. A filter that works one day will likely not work the next."

Another way spammers avoid detection is to send mail using the HTML format, the language mainly used to display Web pages. Spammers and major advertisers alike think that e-mail with varied type and inserted graphic images is more persuasive than ordinary text. But the spammers also find that this format makes it easier to evade the filtering programs.

A lot of spam now puts the actual sales pitch in an image that is only displayed when the user reads her e-mail. The filter reads merely some random text and the Web address of the image to be displayed.

Spam filters are now being adjusted to be suspicious of e-mails that only have links to Web images. But it is still hard for any program to distinguish, say, a pornographic come-on from a baby picture, especially when processing hundreds of millions of messages a day.


Tom Williams for The New York Times
Charles Stiles, center, technical manager for
America Online's antispam team, says a "a filter that
works one day will likely not work the next."

At the same time, the argument is intensifying over what represents legitimate e-mail, particularly when it ends up being blocked by an antispam filter. Last November, AOL threatened to block e-mail from Gap. Even though Gap said it only sent e-mail to people who explicitly signed up for its mailing list, AOL said that many of its members reported Gap mailings as spam. When it investigated, AOL found that Gap had been offering people a 10 percent discount for providing their e-mail address. Nearly a third of the addresses collected were fake, but they often belonged to other people who did not want the Gap e-mail.

"You can't underestimate the power of people to make up an e-mail address to get a 10 percent discount," said Matt Korn, AOL's executive vice president for network operations.

The other major approach to preventing spam is to block any messages sent from computers and e-mail addresses known to be used by spammers. This is harder than it seems because the spammers are constantly changing their accounts and are adept at methods to make up fake return addresses and hide behind private accounts. That does not prevent the big service providers, and an army of spam vigilantes, from creating blacklists of offenders.

These blacklists, however, often also block legitimate companies and individuals from sending e-mail. That is because the spammers find ways to hijack unprotected computers to relay their messages, thus hiding their true origins.

In the earlier, more innocent days of the Internet, many computers were set up to relay e-mail sent by any other user, anonymously, just to give a helping hand to those with connection problems. Now there still are computers set up to be what is known as an open relay, even though such machines are largely used by spammers.

Another approach to limiting spam, which is favored by big marketers, is to create a "white list" of approved senders, but this raises the question of who will compile such a list. A group of the companies that send e-mail on behalf of major corporations will put forward another proposal tomorrow that would allow senders to certify their identities in every e-mail message they send and report a rating of how much they comply with good mailing standards. Users and Internet service providers would then decide what sort of mail they choose to accept.

"We wanted to come up with a way of shining a big bright light on all those that want to stand in the light and say, `This is who I am, and I was that person yesterday, and I'll be that person tomorrow,' " said Hans Peter Brondmo, a senior vice president at Digital Impact, a major e-mail company and one of the developers of the proposal, known as project Lumos.

Rather than such a self-regulatory approach, the antispam legislation in the Senate would try to make many deceptive e-mail practices illegal. It would force commercial e-mail messages to identify the true sender, have an accurate subject line and offer recipients an easy way to remove their names from marketing lists. And it would impose fines for violators.

For her part, Ms. Sachs, the e-mail marketer, says that any such move would only end up making it harder to run a legitimate business.

"These antispammers should get a life," she said. "Do their fingers hurt too much from pressing the delete key? How much time does that really take from their day?"

By contrast, she said, "70 million people have bad credit. Guess what? Now I can't get mail through to them to help them."


TOPICS: Business/Economy; Culture/Society; Extended News; News/Current Events
KEYWORDS: annoyance; apple; email; internet; marketing; michaeldobbs; spam
Navigation: use the links below to view more comments.
first 1-5051-64 next last
Always an interesting topic for Freepers.
1 posted on 04/22/2003 5:43:55 AM PDT by Pharmboy
[ Post Reply | Private Reply | View Replies]

To: Pharmboy
I object to having to push a delete button to get rid of mail I didn't SOLICIT or ask to receive in the first place. When most of the e-mail you get is spam, it makes a lot of people wary about taking to family and friends over the web. There are legitimate ways to do business and make money online but if you have to cheat, lie, and con potential customers to get business you shouldn't be working from home, period. No one likes spammers and when you consider spam pitches products no one is interested in buying or need, people are just turned off. And this damages those who are trying to make an online living without spamming. In the eyes of netizens, every spammer who brazenly floods their mailboxes simply doesn't care that personal privacy is being destroyed and the free and trusting nature of the netizen culture is being pushed one step closer to extinction. The spammers are the Huns and Vandals of the modern Internet.
2 posted on 04/22/2003 5:55:48 AM PDT by goldstategop ( In Memory Of A Dearly Beloved Friend Who Lives On In My Heart Forever)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pharmboy
The anti-spam orginizatons like Brightmail (Dullmail to those of us who use it) have a vested interest in the continuaton of spam. Without spam and without spam growing, they would be out of business. Talk about a conflict of interest.

Best way is for ISP's to require a special application and checks for any user who sends more than 100 or so e-mails a day.

3 posted on 04/22/2003 6:01:17 AM PDT by Blue Screen of Death
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pharmboy
According to a recent article in a network rag I read, expect email spam to dissapear within the next two years. There are many techniques used to try to filter spam: keyword searching, black and white lists, hashes/signatures, heuristitcs, Reverse DNS lookups, header analysis, image scanning... but one in particular is gonna shake out this "industry". Bayesian filtering is ideally suited to run on the client machine, and tailer itself to the individual user's email, and shut out almost all of the offending crap. The best thing about it is its adaptive nature, so that spammers cannot just figure out what gets thru, and take advantage of it... if they did, the bayesian software would adapt to their new strategy, and start filtering it.

Now that the technique to do this is becoming known, expect products in the next year or two to take advantage of it.

4 posted on 04/22/2003 6:03:16 AM PDT by C210N
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pharmboy
Notice how frequently Ah, Oh helL is mentioned. When it and its ilk - yayhoo, earthtklink, zeronet and all of the other FREE services - are run off then we'll get the internet back. Until then I am reminded a hundred times per day - each time I rat out another spammer - of the costs of unprincipled capitalism.
5 posted on 04/22/2003 6:03:19 AM PDT by dhuffman@awod.com (The conspiracy of ignorance masquerades as common sense.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Blue Screen of Death
I agree. People who send more than 100 pieces of e-mail a day should be charged for the cost of sending, processing, and scubbing their rejected e-mail. That should cut down on the flood of spam rather dramatically. No legitimate advertiser in the real world gets to send business promotional material for free.
6 posted on 04/22/2003 6:03:51 AM PDT by goldstategop ( In Memory Of A Dearly Beloved Friend Who Lives On In My Heart Forever)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Pharmboy
Confronted by an increasing number of individuals, businesses and Internet service providers using software meant to identify and discard unwanted junk e-mail — commonly known as spam — Ms. Sachs has been forced to become more creative in her marketing pitches. The subject line on her credit e-mail, for example, now reads "get a fresh start."
The spammers quickly caught on to this technique, however. So they have varied their messages — morphing, they call it — often by simply appending random words or characters, so the filtering systems no longer see millions of identical solicitations.
At the same time, e-mail users now receive spam that is not only unwanted but cryptic, too. In an attempt to avoid automatic filters that search for certain phrases, marketers offer, for example, "Her bal V1agra" and ways to make "F*A*S*T C*A*S*H."

This is clearly an attempt to evade the security of the target computer, and should be punished under the computer "cracking" laws. (Kevin Mitnick went to jail for five years. Since I'm in a very good mood today, I'll consider than an acceptable penalty for a first-offending spammer.)

7 posted on 04/22/2003 6:03:55 AM PDT by steve-b
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pharmboy

Two faces down, 53 to go. Anybody know a good manufacturer of custom playing cards?

8 posted on 04/22/2003 6:05:52 AM PDT by steve-b
[ Post Reply | Private Reply | To 1 | View Replies]

To: goldstategop
People who send more than 100 pieces of e-mail a day should be charged for the cost of sending, processing, and scubbing their rejected e-mail.

That is a good idea. I could help out with 400-500 a day, and I don't use AOL or any of the other free services.

Becki

9 posted on 04/22/2003 6:06:10 AM PDT by Becki (Pray continually for our leaders and our troops!)
[ Post Reply | Private Reply | To 6 | View Replies]

To: steve-b
Plus confiscate the spammers illicit profits and apply it to the cost of dealing with their junk mail so the rest of us don't need to bear the cost of paying high internet access fees for them.
10 posted on 04/22/2003 6:06:13 AM PDT by goldstategop ( In Memory Of A Dearly Beloved Friend Who Lives On In My Heart Forever)
[ Post Reply | Private Reply | To 7 | View Replies]

To: goldstategop
Any legit business should welcome such a law.

This tells you where these people are...
11 posted on 04/22/2003 6:09:10 AM PDT by DB ()
[ Post Reply | Private Reply | To 2 | View Replies]

To: Pharmboy
Ms. Sachs, a former producer with Geraldo Rivera...

Insert joke here.

Anyway, this article just proves that Ms Sachs and Mr Ahdoot are very, very stupid people. There are a lot of extremely angry people out there that will now be aiming spam at THEIR private email accounts, signing them up for magazine subscriptions, etc ... and they deserve every bit of what they get.

12 posted on 04/22/2003 6:13:17 AM PDT by Timesink
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pharmboy
I'm not a violent man (despite the "Dentist" moniker), but if I ever get my hands on either of those spammers they will learn what pain really is!
13 posted on 04/22/2003 6:16:39 AM PDT by theDentist (So..... This is Virginia..... where are all the virgins?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pharmboy
I'm using SpamPal, with the Bayesian filter installed. It works pretty well, but I have to send spam to the Deleted folder and check it for genuine messages. I have Outlook Express set to delete permanently on closing. That saves me from having to look at most of the messages or the porn when it's deleted.

I notice this article neglects to mention pornography. No doubt Howell Raines thinks that porn is constitutionally protected under the fifth amendment and shouldn't be touched.

SpamPal is freeware, advertising free, but the developer asks for a small donation if you like it:

http://www.spampal.org/
14 posted on 04/22/2003 6:16:44 AM PDT by Cicero (Marcus Tullius)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Blue Screen of Death
I think the solution is rather simple: Make open mail relays illegal. And to stop people from merely moving their email harassment operations outside US borders, make it illegal for US internet companies to accept ANY connections from sites that have open relays ... no web connections, no telnet, no nothing. Institute a fine just high enough to make it worth the ISPs' while to insure compliance ... say $250 per violation if an illegal relay remains accessible more than 7 days after a complaint is lodged.

It would take a few months to implement, but in the end it would reduce spam by 95-98%.

Oh yeah, two other laws would be needed: 1) Anyone who sends unsolicited commercial email gets fined $250 per email. 2) No ISP could offer trial accounts (this means you, AOL) that allowed users to send more than five emails per hour.

15 posted on 04/22/2003 6:20:43 AM PDT by Timesink
[ Post Reply | Private Reply | To 3 | View Replies]

To: Pharmboy
It is time to charge for email. So many a month for free to accomodate private use and each one after that would be billed at $0.10 or whatever.

When you have something for free, it will be abused. With spam at 40% of email traffic and 90% of what I get in my email box, it is time to do something about it.

Charging for it will put a stop to much of it.
16 posted on 04/22/2003 6:25:37 AM PDT by BJungNan
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pharmboy
Spammers are so annoying, because they are so cheap, sleazy, and evasive. I may look at a piece of physical junk mail, because someone has at least considered it worth the expense to send it. But spam can be sent virtually for free, which vastly lowers the bar.
17 posted on 04/22/2003 6:26:30 AM PDT by drlevy88
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pharmboy
Perhaps the best spam filter on the market is the one included with Apple's free Mail client for MacOSX. It's superb and constantly improves in spam recognition.

Combine that with Apple's new Safari browser--which blocks pop-ups and is compact and elegant and faster than IE--and the Mac platform's near-absence of viruses and you have hassle-free Internet surfing and communications.

18 posted on 04/22/2003 6:27:31 AM PDT by Stop Legal Plunder
[ Post Reply | Private Reply | To 1 | View Replies]

To: Becki
100 pieces a day is a bit restrictive. Once a month I do a mailing of about 120 for a community newsletter and monthly meeting. Lettle C program: Sends each individually so I can get bad addresses and not give away others on the list.

Also easy C program: Get the headers off your server (presuming you don't use AOL, but people that slow aren't here), delete the obvious there, and then open up your favorite e-mail client for stuff you want to look at. It's working so far, but is getting worse. Pretty soon, I'll be doing more heavyweight filtering.

I shouldn't have to. And it's becoming noticeably higher volume.

19 posted on 04/22/2003 6:29:33 AM PDT by Blagden Alley
[ Post Reply | Private Reply | To 9 | View Replies]

To: Pharmboy
Seems to me they could go after the websites that the emails lead you to or shut down the 1-800 numbers as a defense against spam.
20 posted on 04/22/2003 6:30:19 AM PDT by trebb
[ Post Reply | Private Reply | To 1 | View Replies]

To: steve-b
LOL!!
21 posted on 04/22/2003 6:38:45 AM PDT by Pharmboy (Dems lie 'cause they have to)
[ Post Reply | Private Reply | To 8 | View Replies]

To: steve-b
Two faces down, 53 to go. Anybody know a good manufacturer of custom playing cards?

They look like mimes, which are almost as irritating as getting 485 pieces of junk in your bulk mail folder.

22 posted on 04/22/2003 6:42:06 AM PDT by TheSpottedOwl (America...love it or leave it. Canada is due north-Mexico is directly south...start walking.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: dhuffman@awod.com
I'm an admitted lightweight, so I continue to have AOL since that's what I learned on....I have no idea what I did right in setting up my mail controls (I have only three sending addresses blocked), but I get maybe one spam (unknown sender) mail every three or four weeks.

I do a lot of mailing, and get a lot of mail - just extremely rare to get stuff I don't want.

Maybe I'm just lucky!

23 posted on 04/22/2003 6:42:54 AM PDT by ErnBatavia (Bumperootus!)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Stop Legal Plunder
I have to agree. I've been using OS X Mail's spam filter since Jaguar was released. It gets those dang spams out of my way. It doesn't hurt the spammers, but it keeps them from annoying me.

Another thing to do to avoid spam: DO NOT READ HTML FORMATTED EMAIL. The formatting is embedded in the mail, but the images are generally on a separate server. By simply reading the mail, your computer has to fetch the images, thus letting the spammers know that you are a live email address, causing them to spam you more (sadly, this is what most unsubscribe links do also). Any decent email program can be set to not render the images.

Combine that with the fact that you can embed a virus in html email which would be launched by simply reading it, without even opening an attachment, and that leads you to one conclusion:

A smart person avoids HTML formatted email.
24 posted on 04/22/2003 7:01:23 AM PDT by Obi-Wandreas (Dedicated to the shameless pursuit of silliness)
[ Post Reply | Private Reply | To 18 | View Replies]

To: Pharmboy
There is no point in trying to enact laws to stop these people. We need to hunt them down and kill them.

I have been waging a personal war against porn producers who have been targeting me. On my main e-mail account I have had to use five of my eleven filters to screen out porn. I block anyone who sends me porn and report them as spammers to my e-mail provider. With all of this effort I cannot go more than three days without receiving porn spam. I enbled my most recent filter last Sunday, after pornographers decided to send me a "gift" for Easter.
25 posted on 04/22/2003 7:03:27 AM PDT by redheadtoo
[ Post Reply | Private Reply | To 1 | View Replies]

To: Timesink
There are a lot of extremely angry people out there that will now be aiming spam at THEIR private email accounts, signing them up for magazine subscriptions, etc ... and they deserve every bit of what they get.

Did you see the story about Alan Ralsky getting buried in junk snail-mail and whining about it? Hey, Al -- karma's a bitch!

26 posted on 04/22/2003 7:03:30 AM PDT by steve-b
[ Post Reply | Private Reply | To 12 | View Replies]

To: goldstategop
Spammers: one legitimate use for Uday's shredder....
27 posted on 04/22/2003 7:05:57 AM PDT by steve-b
[ Post Reply | Private Reply | To 2 | View Replies]

To: Pharmboy
http://spamassassin.org/
28 posted on 04/22/2003 7:13:50 AM PDT by B Knotts
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pharmboy
For her part, Ms. Sachs, the e-mail marketer, says that any such move would only end up making it harder to run a legitimate business.

But that's just the point - she is NOT running a legitimate business. She's stealing bandwidth and space that others pay for.

I want to see a "Do Not Spam" list like the do not call lists, and fat fines for those who violate them.

Spammers are scum.

29 posted on 04/22/2003 7:14:26 AM PDT by jimt (Is your church BATF approved?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: C210N
Mozilla (www.mozilla.org) is a web browser and e-mail client which includes Bayesian filtering. It's free, just download it.

The filtering improves with time, but I think I have probably approached its peak after about 3 weeks of use. It's about 95% effective in detecting spam and sending it to the spam folder automatically.

But there is a downside, of that 95% it thinks is spam perhaps 3% is not spam. So in order to not delete e-mails you want you have to review what it thinks is spam. You can do this quickly because it puts it all together for easy review, but its still a problem! It still wastes a lot of my time.

The only solution I think can be 100% effective yet consume almost no user time is TMDA (www.tmda.org). It's a 'white list' solution. Unfortunately my ISP doesn't yet offer it.

30 posted on 04/22/2003 7:20:36 AM PDT by Voltage
[ Post Reply | Private Reply | To 4 | View Replies]

To: Pharmboy
POPFile is a pretty good Bayesian filter. It should work with any e-mail client. I get about 95% accuracy with it. Regular filters catch most of what POPFile misses.

Mozilla also has an e-mail client with Bayesian filtering built in.

31 posted on 04/22/2003 7:34:47 AM PDT by evilC (Ju5t s4y n0 t0 sp4m)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ErnBatavia
Yesterday I had to check a co-workers email at the start of the day. There were over 700 spam emails in her in-box with an additional 200+ that had been blocked and went straight to delete. Spam mail has gotten out of hand. The porn crap is VERY graphic -- real good if a kid should be checking the mail.
32 posted on 04/22/2003 7:52:37 AM PDT by girlscout
[ Post Reply | Private Reply | To 23 | View Replies]

To: Timesink
I think the solution is rather simple: Make open mail relays illegal.

Some ISPs are restricting who they'll take mail from on this basis. AOL and Earthlink won't take your mail if you're on an IP addy which resolves to a DHCP block, or something other than the domain you present to their server. RoadRunner runs scans and tests on incoming mail servers and won't accept mail from open relays or proxies. Does this help? Not from where I sit, as I'm still getting spam from folks with American-sounding (mostly spoofed) domains, but with IPs which originate in places like China, Hong Kong, Romania, etc. So it's still getting into RoadRunner's network from somewhere, somehow.

The problem with this is that many people are running open relays and proxies and don't even know it. And if they never use it to send mail, it won't ever be detected -- except by spammers running scans. I see several episodes per month, where overseas spammers try to send test e-mails through my mail server. Thus, some misconfigured user gets penalized, while the spammer gets away.

And to stop people from merely moving their email harassment operations outside US borders, make it illegal for US internet companies to accept ANY connections from sites that have open relays ... no web connections, no telnet, no nothing.

This ignores the fact that many overseas ISPs are nothing more than spam relay houses. Now we're talking international commerce. And RoadRunner is taking some heat for doing its port scans.

I think the e-mail users are going to have to combat this problem themselves, as with banners and pop-up ads, with mail filtering and tactics... such as:


33 posted on 04/22/2003 8:04:33 AM PDT by TechJunkYard (via Cherie)
[ Post Reply | Private Reply | To 15 | View Replies]

To: Obi-Wandreas
.. DO NOT READ HTML FORMATTED EMAIL. The formatting is embedded in the mail, but the images are generally on a separate server. By simply reading the mail, your computer has to fetch the images, thus letting the spammers know that you are a live email address..

They mainly do this to reduce the size of the e-mail; it's generally impossible to resolve an IP addy in a web server log to an e-mail addy, however if they're using anonymous FTP to retrieve the images, they could learn your addy that way... therefore, DO NOT enter your real e-mail addy into your web browser for anonymous FTP.

34 posted on 04/22/2003 8:13:53 AM PDT by TechJunkYard (via Cherie)
[ Post Reply | Private Reply | To 24 | View Replies]

To: goldstategop
The only problem with this is that it also hits legitimate mailing lists. It's not really so much a problem of someone sending out 200 or even 100 emails, it's the sending of one email that BCCs hundreds of thousands of people. Unfortunately, this can also catch legitimate mail.

I think we'll eventually get to the point where you'll have to have sender confirmation. There are already some systems in place to do this. If we eliminate fake/forged return addresses, it will get rid of a lot of spam. Of course, then spammers will just randomly pick a valid address to send from. Some already do this. A lot of thought is currently being put into how to deal with mail in a better way. The POP protocol was fine back in the day, but it doesn't quite satisfy anymore. It is going to be hard to replace though, as there are also legitimate uses of anonymous mail that should be honored. I've used anonymous remailers before and have found them to be useful tools.

One thing that I'd like to see a lot more of is encrypted/digitally signed mail. I still don't understand the resistance so many people have to encryption.

35 posted on 04/22/2003 8:25:23 AM PDT by zeugma (If you use microsoft products, you are feeding the beast.)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Pharmboy
It would be wrong to follow this link and use the email address and phone number there, to sign these people up for spam. Flat out wrong.

http://www.hcdonline.com/jobs/DisplayJob.asp?ID=32572
36 posted on 04/22/2003 8:28:45 AM PDT by TC Rider (The United States Constitution 1791. All Rights Reserved.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pharmboy
I think the only effective solution to stopping spam is to go after the companies that hire spam marketers. In order to sell their product, there has to be a valid link back to their server, or some other traceable information, so tracking them down shouldn't be a problem. It's time for the FBI to set up some sting operations.
37 posted on 04/22/2003 8:29:32 AM PDT by tdadams
[ Post Reply | Private Reply | To 1 | View Replies]

To: zeugma
Here are some interesting takes on killing spam: http://www.tmda.net/press.html

Its a whitelist with lots of additional features to make it more practical. I would really like to use it, but my cable internet provider seems uninterested..at least so far. Probably not enough complaints yet.

38 posted on 04/22/2003 8:32:36 AM PDT by Voltage
[ Post Reply | Private Reply | To 35 | View Replies]

To: TechJunkYard
AOL and Earthlink won't take your mail if you're on an IP addy which resolves to a DHCP block, or something other than the domain you present to their server. RoadRunner runs scans and tests on incoming mail servers and won't accept mail from open relays or proxies.

I've already run into this. I use sendmail at home to post outgoing mail. I don't accept mail, so can't be a relay, (other than for local users, but that's the way it's supposed to work), but I still can't send mail to a couple of people. I'd rather have the ISPs getting rid of all the jacka$$es that are still beating on my server with code red infections.Rather than just blatantly block all DSL/Cable IPs, it would make more sense to check for open an open relay and accept if it's not present.

39 posted on 04/22/2003 8:37:14 AM PDT by zeugma (If you use microsoft products, you are feeding the beast.)
[ Post Reply | Private Reply | To 33 | View Replies]

To: TC Rider
Yup. It would be wrong. It would also be wrong to call 800 numbers culled from spam from payphones as you walk through the mall. Don't do it.
40 posted on 04/22/2003 8:39:50 AM PDT by zeugma (If you use microsoft products, you are feeding the beast.)
[ Post Reply | Private Reply | To 36 | View Replies]

To: *all
Can anyone track down contact information for these two pipsqueeks.

Maybe we can turn the tables on them like people did to Alan Ralsky.

41 posted on 04/22/2003 8:40:08 AM PDT by Johnny Gage (God Bless our Military, God Bless President Bush, GOD BLESS AMERICA!!!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Voltage
I already do my own whitehat filtering. It has made a big difference to my inbox clutter. I almost never have spam in my inbox, though I do have to occasionally do a quick look at my spam folder to see if someone I haven't added to my filters yet has sent me email.

One interesting thing about manual whitehat filtering is that you get a good feel for how many people/orgs you are actually communicating with. I get so much spam now that it was almost impossible to deal with my inbox in an efficient manner prior to implementing a whitehat list. This is the down side of having the same email address for 6+ years.

42 posted on 04/22/2003 8:46:13 AM PDT by zeugma (If you use microsoft products, you are feeding the beast.)
[ Post Reply | Private Reply | To 38 | View Replies]

To: TechJunkYard
There's another way they do it. By assigning a unique url for the images for each email they send (basically putting a lot of copies on their server with slightly different addys), they can know simply by which images are accessed which individual emails were read, and therefore which addys are real. At least, this is what I've heard from some on the anti-spam front.

Of course, I find email in any format other than plain text to be obnoxious in general, and an ugly waste of perfectly good bandwidth. (And don't even get me started on how AOL encodes it's emails......)

Thanks for the advice on anonymous ftp!
43 posted on 04/22/2003 8:48:46 AM PDT by Obi-Wandreas (Dedicated to the shameless pursuit of silliness)
[ Post Reply | Private Reply | To 34 | View Replies]

To: Pharmboy
"Ms. Sachs says her e-mail blitzes are not spam because she sends them only to lists of people who have agreed to receive marketing offers over the Internet."

Not true, you spam villains. I hereby certify that I have never agreed to receive marketing offers over the Internet. Spam is not what America stands for, spam is obnoxious and vile and someday we will come up with a reply weapon that will seek out and damage these creeps. I had to change ISP's because I was getting over 50 spams a day for porn, diet pills and get-rich-quick scams. I dreaded getting my mail because it took so long to download and delete this crap.

44 posted on 04/22/2003 8:56:37 AM PDT by Sender
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pharmboy
The Center for Democracy & Technology conducted a study about spam. Covers what attracts it and how to avoid it. Published last month. Pretty good read.
45 posted on 04/22/2003 8:57:20 AM PDT by zeugma (If you use microsoft products, you are feeding the beast.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: zeugma
I use sendmail at home to post outgoing mail.

It's easy to redirect mail bound for Earthlink/AOL through your ISP's server, using these rules in the "mailertable" file.

aol.com esmtp:your.isp.smtp.server
earthlink.net esmtp:your.isp.smtp.server

They'll accept mail from your ISP every time.

For RoadRunner, the only answer is to tighten up your server and/or firewall them out.

46 posted on 04/22/2003 8:59:33 AM PDT by TechJunkYard (via Nancy)
[ Post Reply | Private Reply | To 39 | View Replies]

To: TechJunkYard
If you append a "?email=blah@somewhere.com" to the end of every URL in the email, then, yes, you will know which email addresses are good.
47 posted on 04/22/2003 9:00:05 AM PDT by B Knotts
[ Post Reply | Private Reply | To 34 | View Replies]

To: zeugma
The POP protocol was fine back in the day, but it doesn't quite satisfy anymore. It is going to be hard to replace though...

I agree with you to an extent. Since POP and IMAP are storage and retrieval mechanisms, I think what's needed is a major redesign of SMTP itself.

Spam and e-mail virii weren't a problem back in the day; as uses for e-mail have evolved over the years, so must the tools. If we can limit what gets injected and transported through the network to begin with, there will be less crap that the users need to filter out.

48 posted on 04/22/2003 9:14:43 AM PDT by TechJunkYard (via Nancy)
[ Post Reply | Private Reply | To 35 | View Replies]

To: B Knotts
Oh yeah, forgot about that trick. And it's real easy to automate.
49 posted on 04/22/2003 9:16:22 AM PDT by TechJunkYard (via Nancy)
[ Post Reply | Private Reply | To 47 | View Replies]

To: Pharmboy
I said on another thread last night I'd post a piece of spam I recently received advertising spam services.
Since this is the live thread I am posting it here:
DOES EMAIL ADVERTISING WORK?

It just did.

Email advertising is the most effective method of marketing
 your product. No guess work about how many people will see
 your ad. They all will. Your ad delivered directly into
the inbox thousands, even millions of people.
 
We can help you advertise your service or product from as ow as $399.

We can send your ad to up to 55 million email users. 
250,000 - $499 *Special $399
500,000 - $649 *Special $499 
1 million - $999 *2 million for $1000 
3 million - $1999 *Special $1499 
10 million - $4999 *Special $3499
Specials end on Friday at 1 pm Pacific.
 
ATTENTION NETWORK MARKETERS:

Let us help you generate biz op leads. We can help you
 generate quality leads. When the sales rep calls you ask for details.
Want your own opt in list? We are selling a double opt-in
 list of 185,000 people who have opted in and are known to
 have purchased through direct email marketing. We are only
 selling this list to 10 people for the very low cost of $3500. Won't last.

Note: This is national advertising only. We cannot target
or segment in anyway.

To learn more about email advertising, print this form and fax back to:
(702) 447-5895 and a representative will contact you shortly.
Name:_______________________ Telephone:(_____)_____-_________
Fax #(_____)_____-__________ Email address:____________________
-----------------------------------------------------------------------------------------
To be removed please send an email to unlist20031@inbox.lv
Please note this is the only way to be removed. 
Removal request via fax or telephone will NOT be honored.
-----------------------------------------------------------------------------------------

esutrust jdgfd yi  bzcnbccn

By the way, this string, variations of which you see on most spam,
and which I changed to protect the innocent, identifies the spam batch, or what?
esutrust jdgfd yi bzcnbccn

50 posted on 04/22/2003 9:16:33 AM PDT by Revolting cat! (Subvert the conspiracy of inanimate objects!)
[ Post Reply | Private Reply | To 1 | View Replies]


Navigation: use the links below to view more comments.
first 1-5051-64 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson