How to Can the Spam

NEWSWEEK ^ | Feb. 20, 2003 | Steven Levy

[Salgak]

One minor little problem. The world's standard for email, the Simple Mail Transmission Protocol, also known as SMTP, doesn't allow such a procedure. Nor does any mailserver I know of. So, such a system would need all new servers and clients. . . .just so we won't get mail that we didn't ask for ??

[lormand]

I have hyperlinked a jpg to my email address, but I don't think that is a viable solution. Simply getting the URL source will expose the "mailto:" html, thus exposing your email address.

I would like to personally meet these people on a dark alley somewhere.

[Ron H.]

I agree, MailWasher is a great program. However, like other anti-Spam programs it can't help with the spoofed return mail address. IMO, just making that either illegal or unprofitable to do would go a long ways towards reducing spam.

Many times MailWasher encounters a piece of junk mail with a spoofed (phony) return address and it can't notify the spammer so the spammer just keeps spamming away.

[k2blader]

The first year I used my cable provider's email address I received *no* spam whatsoever, due to the fact that I gave out that address only to trusted friends.

However, it took only one person to screw it all up.

Basically, a fellow cable customer tried to sign up for my email address despite the fact that it was already registered (to me, of course). Thinking that my email address was now hers, this person then distributed my email to her friends and family and also used it at several websites. My inbox got hit time and time again with email from strange people and annoying e-vendors. Fortunately, one of the emails I received included the phone number of the woman who started the whole mess. I called her, explained I was getting all her email, and asked her to take care of it on her end. She must have eventually gotten her own email address because email from her friends and family stopped arriving ... but the stupid spam still came.

Then there was the incident involving a friend who didn't tell me until it was too late that her MS Outlook Express got infected by a spam-inducing internet worm.

So I guess the lesson to learn here is: Be *exceedingly* careful whom you give your email address. Barring freakish events of cyberspace, this should keep one's inbox fairly spam-free.

I've always used an easily replaceable, spam-blockable Hotmail addy at sites which demand an email address in order to be viewed.

[Blue Screen of Death]

The solution is to provide the option of making your e-mail service EXCLUSIVE of the world at large, i.e. you only get mail from those who you have explicitly included in your "approved to receive mail from" list.

Occasionally I get suprise e-mail from old friends that have located me (usually via Google) and I am happy to hear from them. I don't want to give up this ability because some scum sucking asshole is sending spam. Screw 'em give them jail time. Fines don't work as long as there is money left over after the fine, which becomes a cost of doing business.

I don't care about anything except stopping these pukes. Forget the crap about no more laws, freedom of speech. Screw 'em.

[Movemout]

Later read BUMP!

[finnman69]

Step one, get rid of AOL. I was up to 30 spam message a day. And no, I don't need a longer penis.

[FourtySeven]

I could be misreading your suggestion (and your reply Salgak), but it seems to me this is already done. On "Web-based" e-mail services like Hotmail, Yahoo, and AOL, you can already set a "filter" that will only accept incoming messages from a set of e-mail addresses that you input. Thus, there's no way around it.

Indeed, I use this system to keep my junk mail down to 0. I usually keep my Hotmail account set to "exclusive", which prevents anyone but mail I choose to come through, but when I "register" something, I just open up the filter to allow every mail, and when the "confirmation e-mail" comes, I just slam the filter back shut again.

For this reason, I believe that web-based e-mail delivery systems will become the "wave of the future", with free ones always available, but for real e-mail exchanges (no limits, or a high limit such as 10 MB on outgoing/incoming messages) one would have to pay a fee.

So no law is required, just a little more refinement in the area of "web based" e-mail systems, imo.

[Ramius]

We're using: http://www.postini.com

Pure magic.

[tubebender]

The only spam I get are the sites I signed up for like classmates.com since I went with Cox Cable.net. I want to know about cookies...Do I need cookies enabled to access sites I'm registered on like FReerepublic.com etc ? And how often do you clear cookies

[Salgak]

What your describing is a server-side filter for your inbox. The service is still geting the spam, you're just not seeing it anymore. The server still has to recieve it and process it and file it to /dev/null, taking up computer cycles, hardware, and bandwidth.

The family of protocols that make up the TCP/IP suite is a VERY flexible thing, which has made the Net grow as explosively as it has to date. However, the thieves that are spamming us are abusing that flexibility, much as someone who yells "fire" in a crowded theater is abusing free speech.

The simplest explanation of the evils of spam is this: it is, in effect, a collect call that you cannot refuse. . .

[steve-b]

But in the meantime, we have to take a step that some digital libertarians might find distasteful. We should pass a federal law to control spam.

Don't try to use big words unless you know what they mean. Respect for property rights, and punishments for violating them, are a basic tenet of libertarian principles.

[steve-b]

In any case, it would be an important step to get these creeps officially defined as outlaws.

It would be useful to get spammers defined as outlaws in the old-fashioned sense of the term (i.e. outside the protection of the law). That is, proving that the target was spamming should be an absolute defense against any computer-cracking charge.

[steve-b]

The issue of improved filtering and the issue of prohibiting bandwidth theft are not mutually exclusive. Most people lock their doors and support laws against burglary.

[mommybain]

bttp for reference later

[new cruelty]

?

[csmusaret]

When I get an e mail that is sexualy explicit I forward it to uce@ftc.gov. They are supposed to put a stop to it.

[TechJunkYard]

I've always used an easily replaceable, spam-blockable Hotmail addy..

I use a couple of ways to combat spam.. until we can get rid of the spammers.

• If you use your ISP's mail facilities, create two e-mail addys: one for "normal" use and one for spam.
  
  
  • Use the spam addy at the top of your e-mail, usenet posts, etc., and use the normal addy as your "Reply-To" addy. If people hit the "Reply" bu tton in their e-mail client, they'll go to the normal addy, make sure your friends and family know the difference.

  • Once in a while, go to your spambox and clean it out (taking care to find any legitimate mail that may have dropped in, and update the senders on usi ng "Reply-To").

  • Yeah, it gives you another account/password to check, but you can let it sit for months.
  
  
• If you're unsure whether to give your e-mail addy to a web site (or to prevent a one-time transaction from becoming a permanent relationship) create a temporary addy like "myaddy20030401@my-isp.com" and use that. Then you delete the temporary addy (say on or after April 1st) whether or not it actually get spammed.
  
  
  • This works best if you run your own mail server where you can create and delete IDs at will.

  • Linux users can configure "alias" addys that point to their "real" addy in /etc/alias such as:
    • myaddy20030401: myREALaddy@myisp.com
    .. and save the expense of having another account to check for mail.

I've heard that most 'net traffic now is spam. I don't see how legislation here will stop the asian spam mills. Blocking spam at the recipient is tricky and doesn't help the congestion problem. Spam will stop only when it gets too expensive to do.

[new cruelty]

are you notified of any progress made on stopping the emails you have sent to uce@ftc.gov?

[csmusaret]

Notified no, but they come much less frequently now.