Spam

I’ve just returned from a short vacation to Boston. I was away entirely from email for 4 days — probably the longest gap in 10 years. While I was away, I received 461 new email messages. Of those, 10 were useful and important work, friend, or family-related email, about 30 were automatic system monitoring emails generating by various servers, and just over 400 were spam (the usual selection of “we can make part X of your body [small \| bigger]” and “you can make lots of money doing activity Y”).

This is now beyind annoying: it’s costing me too much time and money. What are my options?

Comments

Dave Moses's picture
Dave Moses on December 12, 2001 - 14:01 Permalink

what about a reverse blocker. you know how some email programs allow you to block senders… how about the reverse? You provide a list of email addresses or mail servers to be allowed by the server… the rest get an automated response with a phone number where they would request acceptance by your server.

Alan's picture
Alan on December 12, 2001 - 14:07 Permalink

Please do create something simple like Dave suggests. I understand that since a certain person sold a list, all of PEI or at least anyone on on a list of an ITAP member has had to deal with this crap. I am sure it has expanded beyond that initial sale but it certainly was triggered one day. Usenet posting generates alot of this as well, doesn’t it?

Jevon's picture
Jevon on December 12, 2001 - 14:42 Permalink

You’d like:
http://mail-abuse.org/rbl/

No fees for individual and hobby sites. For companies however, this is a charge.

These systems have gotten better (The lawsuits got that done quickly)

Kevin O's picture
Kevin O on December 12, 2001 - 18:01 Permalink

The *worst* way of dealing with spam is to use a so-called “black hole” list. The reasons why it’s so terrible are too many to list here. The best way is a way that has not been implemented (yet) cuz it’s my idea.


This method would require a tremendously powerful server if there is any appreciable amount of traffic on it (I think our’s handles about 20 emails per second which would definitely qualify as busy). Here’s how it would work:


Each message is trapped and stripped of header information. Then the body is CRCd (any fast checksum algorithm would be fine). Then the message gets delivered. Same next message except if it matches any checksums in the database it is delayed by one minute. Another match and the delay gets doubled to 2, 4, 8, 16, 32, 64, 128, etc… As you can see the 8th identical message will be delayed for over 2 hours before delivery. Then you set a threshold beyond which no more delaying will take place and subsequent messages matching a “hot” CRC is simply tossed out. The other threshold is the length of time a CRC remains in the database.


There is a less effective version of this on the market right now called Razor which, funnily enough, you (pete) put me on to (http://razor.sourceforge.net/).


In Razor the CRCs are not aged but they are shared between systems

Kevin O's picture
Kevin O on December 12, 2001 - 18:05 Permalink

One more thing, Dave M, I like your idea for individual boxes… wouldn’t work well for systems like mine, but an effective solution for systems like mine would make it unnecessary to implement solutions on individual systems like your’s.

Jevon MacDonald's picture
Jevon MacDonald on December 12, 2001 - 19:46 Permalink

Kevin: What are the problems with the blackhole lists? I run it on one of my domains and it’s been great… am I missing something?

Kevin O's picture
Kevin O on December 13, 2001 - 16:13 Permalink

Black hole lists are not maintained by any reputable organization, have no “code of ethics” that can be challenged or modified, have ad-hoc (governed by the geek(s) that runs it) rules about how and who gets on and or off the list, have no ability to intelligently alter themselves (automagically) when the nature of data flow changes, can therefore leave one with a false sense of security, offer no ability to add in scanning for virii etc, and the list goes on and on…


They’re not bad for low traffice, non critical, email systems that don’t have to handle email for a lot of different types of people who have very different uses and requirements for what they want and what they don’t want.


For example, I’m certain if I was to eliminate 100% of all incoming spam at ISN there would be people who switch providers because a) I’m practicing censorship, or b) the like the entertainment value of reading junk, or c) ~you~fill~in~a~reson~

Kevin O's picture
Kevin O on December 13, 2001 - 16:14 Permalink

Alas, both “traffic” and “potato” are fine without an “e”!

Charlie's picture
Charlie on December 13, 2001 - 20:47 Permalink

I believe that the highest level junk filter on hotmail is now a setup where you enter the e-mail addresses of the people/lists that you want mail from and everything else gets trashed.