Slashdot Mirror

Seriously, the spammers will adapt no matter when anti-spam tactics you use.

They 'cannot' beat the filtering I use now...

Not long ago, I added a form of rbl support to a personal copy of My homebrew Windows email client freebie and the results were 'amazing'....

Essentially NO spam gets through now!

Recently, one got through so I spent a few minutes to take care of it.

The only drawback to using a rbl is that it can be inaccurate if an innocent party starts using a blacklisted IP. But in the real world due to laziness, inertia, and corporate indifference, that is quite unlikely.... :P

The 2nd half of my approach uses a few rules that simply take away the ASCII characters a spammer is likely to use in their message. I patently refuse such email at iamcf13@hotpop.com so they get deleted immediately.

All the spammers are doing is wasting the small amount of time and computing resources it takes me to get my email with this 'updated' program. But usually I am doing something else of importance at the time so presumably no time is wasted at all...

My approach is 'transparent' with the current email system and could be useful -- nowadays there is talk of replacing the current, spammed out system for something else -- a likely far remote possibility....

Food for thought.... :)

P.S. Shout/mod me down if you want but you have to admit, Baysean spam filtering is just not working anymore. Challenge/response is cumbersome, considered 'bad manners' by some, and can generate more unwanted email messages. How about giving a different approach such as mine a try?....

Disclaimer: I wrote it. I use it. It's 100% free (keep your money).

It was available at my website (more info here if you want to read it) but it got 'Slashdotted' and was 'removed'. So I finally got around to updating it with statistics logging to 'prove' it's effectiveness, to accommodate 'flakey' mailservers that might not like a highly efficient POP3 client accessing them, and to treat 'highbit' email the same as file attachments (email is historically a 7-bit protocol) and posting it on http://rapidshare.de/ at the 'sig' URL above. Download and enjoy! :)

P.S. see

http://slashdot.org/comments.pl?sid=184696&cid=152 59932

and

http://slashdot.org/comments.pl?sid=171793&cid=143 07815

for more info.

In short, my approach uses the venerated, time tested SMTP protocol and character set AGAINST spammers....

I have no formal benchmark figures.

All I can offer are the following observed 'guestimates'

per http://slashdot.org/comments.pl?sid=171793&cid=143 09227 ,

I calculate my POP3 program's processing speed at 660KB a minute and 40 messages a minute. This takes into account my PC's CPU speed of 1.1 GHz and a broadband connection to the Internet.

In practice I have observed the program deleting 1-2 spams a second when
they were short and didn't have any imbedded file attachments.

If you are stopping about 90% of the spam before it is transmitted with the SMTP DATA command, I'd have to say that is very good! Using a mailserver designed as described here. with 0 Spambyte codes for the users should bring the suppressed spam percentage up to 99.67% Whatever spam gets through can be fed to a 3rd party Bayesian filter program for further processing/rejection/deletion.

The actual Windows-based mailserver I coded can only handle (very) small or personal domains. I have been unable to find a simple, sample Visual C multithreaded program project that can handle a large number of simultaneous threads and has clear, concise, straightforward code. The method I use spins off SMTP miniservers in a separate thread for each incomming connection. If someone could provide the URL to sample code I can download and use right away to show me how to code a Windows-based SMTP mailserver better than this, it would be greatly appreciated. This is a serious request for help in this matter.

Thank you for your consideration.

Note: If you hate ads, please do not read or 'badmouth' this post or mod it down in 'anticommercial retaliation'. If you hate email spam, please read this post.

Fed up with email spam, I wrote my own filter

Now, at iamcf13@hotpop.com, where I have 'max filtering in effect', I only get spam that looks like this:


+OK 406 octets
Return-Path: <ikoey8y36vihioyt@yahoo.com>
Received: from 222.115.40.214 (unknown [222.115.40.214])
by mx3.hotpop.com (Postfix) with SMTP id 27CC51B0D23E
for <iamcf13@hotpop.com>; Sat, 3 Dec 2005 10:01:01 +0000 (UTC)
Received: from by ; Sat, 03 Dec 2005 05:55:12 -0400
Message-ID: <[20
Date: Sat, 3 Dec 2005 10:01:01 +0000 (UTC)
From: ikoey8y36vihioyt@yahoo.com
To: undisclosed-recipients:;
Subject: (CF13-SMTP [SpamByte=000:]) no subject
X-MTA: CF13-SMTP(TM) / CF13-POP3(TM) http://www.cf13.com/
X-CF13-SMTP-ID-Message: <20051206190956.CF13-POP3@69.168.168.192.in-addr.a rpa>

.


or like this:


+OK 1061 octets
Return-Path: <heated@libel.org>
Received: from c-24-11-215-156.hsd1.mi.comcast.net (c-24-11-215-156.hsd1.mi.comcast.net [24.11.215.156])
by mx1.hotpop.com (Postfix) with SMTP id 02C6BE8390
for <iamcf13@hotpop.com>; Tue, 6 Dec 2005 01:34:51 +0000 (UTC)
Received: from unknown (HELO arguably) (192.168.212.39)
by c-24-11-215-156.hsd1.mi.comcast.net with SMTP; Mon, 5 Dec 2005 20:28:21 -0500
Content-Transfer-Encoding: 7bit
Message-Id: <11581682156.87374113983@c-24-11-215-156.hsd1.mi.c omcast.net>
Content-Type: text/plain; charset=us-ascii
To: iamcf13@hotpop.com
From: Joyce Mcgee <heated@libel.org>
Subject: (CF13-SMTP [SpamByte=000:]) Expand your Penis 20% Larger in weeks
Date: Tue, 6 Dec 2005 01:34:53 +0000 (UTC)
X-HotPOP-Delivered-To: iamcf13@hotpop.com
X-MTA: CF13-SMTP(TM) / CF13-POP3(TM) http://www.cf13.com/
X-CF13-SMTP-ID-Message: <20051206191144.CF13-POP3@69.168.168.192.in-addr.a rpa>

World first Patch Technology for penis Enlargement /pt/

Contraceptives should be used on every conceivable occasion.
Change is good, but dollars are better.
It's hard to work in groups when you're omnipotent.

When you have loved as she has loved, you grow old beautifully.

.


From 2005-11-30 to 2005-12-19, my POP3 client 'ate' 2,109 spam emails on iamcf13@hotpop.com while allowing 6 'null spams' (see first example) and 1 'bozo spam' (see second example) to get through. This equates to a 'failure rate' of about 1/3 of 1% --in other words, for every 300 spams 'eaten', one would get through...

Since my approach has been ridiculed and belittled here in the past I'll just let the facts and figures in this post speak for themselves. It would be nice if I could use my SMTP server and then I could block or drop the email spam at the SMTP level instead which would be much more efficient. Since [variants of] Bayesian filtering is still popular in antispam software today, my approach could be used as a 'pre-processor' to cut down the input to the Bayesian email filtering module by droping 'obvious' spam and processing only 'suspect spam' (see second example). As a benefit, such filters wouldn't be inundated and waylaid by normal 'Bayesian busting' spam email that is only a carrier unit for the spammer URLs, email addresses, contact info, and shiping and pricing information contained within them.

With my approach, spammers will have to be painfully and obviously verbose in order to get around my filtering method. In fact, to do so, would make it impossible for the email recipient to easily surf to the spammer's site.

Isn't that the

Note: If you hate ads, please do not read or 'badmouth' this post or mod it down in 'anticommercial retaliation'. If you hate email spam, please read this post.

Fed up with email spam, I wrote my own filter

Now, at iamcf13@hotpop.com, where I have 'max filtering in effect', I only get spam that looks like this:


+OK 406 octets
Return-Path: <ikoey8y36vihioyt@yahoo.com>
Received: from 222.115.40.214 (unknown [222.115.40.214])
by mx3.hotpop.com (Postfix) with SMTP id 27CC51B0D23E
for <iamcf13@hotpop.com>; Sat, 3 Dec 2005 10:01:01 +0000 (UTC)
Received: from by ; Sat, 03 Dec 2005 05:55:12 -0400
Message-ID: <[20
Date: Sat, 3 Dec 2005 10:01:01 +0000 (UTC)
From: ikoey8y36vihioyt@yahoo.com
To: undisclosed-recipients:;
Subject: (CF13-SMTP [SpamByte=000:]) no subject
X-MTA: CF13-SMTP(TM) / CF13-POP3(TM) http://www.cf13.com/
X-CF13-SMTP-ID-Message: <20051206190956.CF13-POP3@69.168.168.192.in-addr.a rpa>

.


or like this:


+OK 1061 octets
Return-Path: <heated@libel.org>
Received: from c-24-11-215-156.hsd1.mi.comcast.net (c-24-11-215-156.hsd1.mi.comcast.net [24.11.215.156])
by mx1.hotpop.com (Postfix) with SMTP id 02C6BE8390
for <iamcf13@hotpop.com>; Tue, 6 Dec 2005 01:34:51 +0000 (UTC)
Received: from unknown (HELO arguably) (192.168.212.39)
by c-24-11-215-156.hsd1.mi.comcast.net with SMTP; Mon, 5 Dec 2005 20:28:21 -0500
Content-Transfer-Encoding: 7bit
Message-Id: <11581682156.87374113983@c-24-11-215-156.hsd1.mi.c omcast.net>
Content-Type: text/plain; charset=us-ascii
To: iamcf13@hotpop.com
From: Joyce Mcgee <heated@libel.org>
Subject: (CF13-SMTP [SpamByte=000:]) Expand your Penis 20% Larger in weeks
Date: Tue, 6 Dec 2005 01:34:53 +0000 (UTC)
X-HotPOP-Delivered-To: iamcf13@hotpop.com
X-MTA: CF13-SMTP(TM) / CF13-POP3(TM) http://www.cf13.com/
X-CF13-SMTP-ID-Message: <20051206191144.CF13-POP3@69.168.168.192.in-addr.a rpa>

World first Patch Technology for penis Enlargement /pt/

Contraceptives should be used on every conceivable occasion.
Change is good, but dollars are better.
It's hard to work in groups when you're omnipotent.

When you have loved as she has loved, you grow old beautifully.

.


From 2005-11-30 to 2005-12-19, my POP3 client 'ate' 2,109 spam emails on iamcf13@hotpop.com while allowing 6 'null spams' (see first example) and 1 'bozo spam' (see second example) to get through. This equates to a 'failure rate' of about 1/3 of 1% --in other words, for every 300 spams 'eaten', one would get through...

Since my approach has been ridiculed and belittled here in the past I'll just let the facts and figures in this post speak for themselves. It would be nice if I could use my SMTP server and then I could block or drop the email spam at the SMTP level instead which would be much more efficient. Since [variants of] Bayesian filtering is still popular in antispam software today, my approach could be used as a 'pre-processor' to cut down the input to the Bayesian email filtering module by droping 'obvious' spam and processing only 'suspect spam' (see second example). As a benefit, such filters wouldn't be inundated and waylaid by normal 'Bayesian busting' spam email that is only a carrier unit for the spammer URLs, email addresses, contact info, and shiping and pricing information contained within them.

With my approach, spammers will have to be painfully and obviously verbose in order to get around my filtering method. In fact, to do so, would make it impossible for the email recipient to easily surf to the spammer's site.

Isn't that the

Note: If you hate ads, please do not read or 'badmouth' this post or mod it down in 'anticommercial retaliation'. If you hate email spam, please read this post.

Fed up with email spam, I wrote my own filter

Now, at iamcf13@hotpop.com, where I have 'max filtering in effect', I only get spam that looks like this:


+OK 406 octets
Return-Path: <ikoey8y36vihioyt@yahoo.com>
Received: from 222.115.40.214 (unknown [222.115.40.214])
by mx3.hotpop.com (Postfix) with SMTP id 27CC51B0D23E
for <iamcf13@hotpop.com>; Sat, 3 Dec 2005 10:01:01 +0000 (UTC)
Received: from by ; Sat, 03 Dec 2005 05:55:12 -0400
Message-ID: <[20
Date: Sat, 3 Dec 2005 10:01:01 +0000 (UTC)
From: ikoey8y36vihioyt@yahoo.com
To: undisclosed-recipients:;
Subject: (CF13-SMTP [SpamByte=000:]) no subject
X-MTA: CF13-SMTP(TM) / CF13-POP3(TM) http://www.cf13.com/
X-CF13-SMTP-ID-Message: <20051206190956.CF13-POP3@69.168.168.192.in-addr.a rpa>

.


or like this:


+OK 1061 octets
Return-Path: <heated@libel.org>
Received: from c-24-11-215-156.hsd1.mi.comcast.net (c-24-11-215-156.hsd1.mi.comcast.net [24.11.215.156])
by mx1.hotpop.com (Postfix) with SMTP id 02C6BE8390
for <iamcf13@hotpop.com>; Tue, 6 Dec 2005 01:34:51 +0000 (UTC)
Received: from unknown (HELO arguably) (192.168.212.39)
by c-24-11-215-156.hsd1.mi.comcast.net with SMTP; Mon, 5 Dec 2005 20:28:21 -0500
Content-Transfer-Encoding: 7bit
Message-Id: <11581682156.87374113983@c-24-11-215-156.hsd1.mi.c omcast.net>
Content-Type: text/plain; charset=us-ascii
To: iamcf13@hotpop.com
From: Joyce Mcgee <heated@libel.org>
Subject: (CF13-SMTP [SpamByte=000:]) Expand your Penis 20% Larger in weeks
Date: Tue, 6 Dec 2005 01:34:53 +0000 (UTC)
X-HotPOP-Delivered-To: iamcf13@hotpop.com
X-MTA: CF13-SMTP(TM) / CF13-POP3(TM) http://www.cf13.com/
X-CF13-SMTP-ID-Message: <20051206191144.CF13-POP3@69.168.168.192.in-addr.a rpa>

World first Patch Technology for penis Enlargement /pt/

Contraceptives should be used on every conceivable occasion.
Change is good, but dollars are better.
It's hard to work in groups when you're omnipotent.

When you have loved as she has loved, you grow old beautifully.

.


From 2005-11-30 to 2005-12-19, my POP3 client 'ate' 2,109 spam emails on iamcf13@hotpop.com while allowing 6 'null spams' (see first example) and 1 'bozo spam' (see second example) to get through. This equates to a 'failure rate' of about 1/3 of 1% --in other words, for every 300 spams 'eaten', one would get through...

Since my approach has been ridiculed and belittled here in the past I'll just let the facts and figures in this post speak for themselves. It would be nice if I could use my SMTP server and then I could block or drop the email spam at the SMTP level instead which would be much more efficient. Since [variants of] Bayesian filtering is still popular in antispam software today, my approach could be used as a 'pre-processor' to cut down the input to the Bayesian email filtering module by droping 'obvious' spam and processing only 'suspect spam' (see second example). As a benefit, such filters wouldn't be inundated and waylaid by normal 'Bayesian busting' spam email that is only a carrier unit for the spammer URLs, email addresses, contact info, and shiping and pricing information contained within them.

With my approach, spammers will have to be painfully and obviously verbose in order to get around my filtering method. In fact, to do so, would make it impossible for the email recipient to easily surf to the spammer's site.

Isn't that the

Note: This is an on-topic 'ad'. If you hate ads, read no further. If you are 'drowning' in unwanted spam email, please read on.


No single technology will bring spam under control. It's going to take a blend of technologies, namely:

Spam filtering.

Preventing forged headers.

Making e-mail sending computationally expensive.


I did this back in July, 2004 as Windows shareware, the platform that could *really* use such software.

Note: Submitted with 'No Karma Bonus' to prevent cries of 'Karmawhoring/astroturfing'.

I have written a mailserver program and may need to update and test it in the future. Because of this, I need an ISP that WILL NOT BLOCK PORTS WHATSOEVER!

Please do not recommend I use The List (of ISPs), I do not have time to search through them all to find an ISP.

Please do not suggest AOL, Earthlink, MSN, and the like -- please suggest an ISP that is 'programmer friendly' if one exists.

Thank you for your consideration.

AC parent poster is right!

The very existence of the CAN-SPAM act ought to be enough for Hormel to withdraw their complaint against DSPAM and their ilk. Why didn't they say anything when Congress named the anti-UCE bill CAN-SPAM?

Free advertising for Hormel and SPAM via the (worthless) CAN-SPAM Act Of 2003.

Hormel can't have it both ways....

As for me I will continue to 'eat my own dogfood' and enjoy a spam-free email inbox at iamcf13@hotpop.com

This is an on-topic, one line ad for a software program I wrote. If you hate ads then READ NO FURTHER!

My mailserver does everything it can to prevent spammers from using the SMTP DATA command to send their spam.

9 years too long? i don't think so. on what grounds would they win? did the people who bought penis enlargement pills give good feedback? when the law takes effect has no merit, he was sending 10 mil emails a day. just multiply that by 2 weeks.

38 million people worldwide have (or will) buy stuff from email spam -- about 5 million of that figure in the USA alone (http://www.rhsmith.umd.edu/ntrs/NTRS_2004.pdf).

The 38 million figure is extrapolated from the 4% value in the above report and applying it to the world online population is estimated to be 945 million (http://www.clickz.com/stats/big_picture/geographi cs/article.php/5911_151151).

For the sticklers, the actual value is about 37.8 million people.

This is why spam WON'T go away because there is a small 4% market of people online who have (or will) buy stuff from spam.

Since the spammers won't stop and the hodgepodge of anti-spam laws in place aren't effective, I just simply block all the spam I get

While people continue to wring their hands over the spam problem here, I will be enjoying a spam-free email box. How about you?

-and flag as spam/autodelete any and all HTML email. That is how I deal with phishers. I got tired of dealing with their (ultimately pathetic) subterfuge which is OBVIOUS by simply comparing the domains in the bogus href link in the underlying HTML to the link text that is displayed to the user -- they aren't the 'same'.

As has been mentioned earlier: Do not click emailed links to sensitive websites--type the URLs to them into a new browser window instead.

Of course, if the HOSTS file gets 0wned by malware, the above advice is pointless....

In response to this and this all I can say is that the spam menace necessitated integrating antispam code to cf13-smtp. Why not fight spam at the SMTP level and keep it out of the networks once and for all in the first place? As for the mailbox scanning, how else is the mailserver supposed to detect spamlike email?

With a bit of effort, cf13-smtp can be configured to act like a regular MTA. This is accomplished by sending all email/spam logging to the bit bucket and allowing all incoming mail with a SpamByte code of 255. But doing all that ultimately allows is the influx of spam to the networks it services and defeats the purpose for the program's existence....

Here are the ingredients to this solution:

A completely designed, 100% empty database.

A COMPLETE log of all the SQL statements that were applied to it IN the order they were used. This is obtained by the application logging the SQL statements to the SQL log file AFTER the SQL statement is succesfully executed.

When a data base failure occurs, stop everything, 'replay' the backed up SQL logfile (thats on a separate backup system) on a copy of the empty DB there. TADA! you are back in business back to the point of failure!

The downsides....

Redesigning the database will screw everything up unless the SQL statements used during the redesign are logged as well.

All sql requests must be funneld through 1 and only 1 db connection. Otherwise the sql statements in the logfile stand a chance of being recorded 'out of sequence'. Here is a brief example:

With one db connection, user 1 edits record x two separate times in succession then user 2 comes along behind user 1 and modifies the record with no problems. Without record locking or with indiscriminant multithreading, record x will be corrupted if user 2 edits record x between user 1's two consecutive edits. See the downside?

The SQL logfile gets corrupted due to storage media failure. The only way around this would be to copy the log file to a backup mirror system on a periodic basis and verify it is a good backup copy using a strong cryptographic hash such as SHA-512 or for the utterly anal and paranoid, a byte-for-byte comparison.

The EXTREME volume of data may/will make this approach unfeasable due to time constraints -- too much data to restore via 'replaying'. 'Checkpointing' from a known good database state will cut down the size of the SQL log file but introduces the possibility of database corruption by simply using the wrong checkpoint database when replaying the sql statements.

Speaking of 'tar' in the parent post, I 'cowrote' a simple, high-performance freeware Windows file archiver that combines file aggregation with data compression. If you want to try it out, it is here.

My approach simply tacks on '.txt' on the end of ALL email file attachments filenames. As a result, system compromise is IMPOSSIBLE this way provided Windows still associates .txt files with Notepad/Wordpad and those programs haven't been compromised.

In this manner the incoming file attachments can be safely scanned for viruses, deleted, quarantined, or renamed by removing the '.txt' at the end and put to use.

If you want to learn more and download my quality (but bland-looking) Windows freeware/shareware, visit now.

P.S. since July 2004, I've only gotten a handful of 'no content' email spam at iamcf13@hotpop.com. This technique is used by spammers to validate working email addresses that do not bounce. That is the only spam I recieve nowadays. All the rest is autodeleted by cf13-pop3.

However, I DO wish I could run my shareware mailserver cf13-smtp and avoid downloading the spam in the first place.

My approach simply tacks on '.txt' on the end of ALL email file attachments filenames. As a result, system compromise is IMPOSSIBLE this way provided Windows still associates .txt files with Notepad/Wordpad and those programs haven't been compromised.

In this manner the incoming file attachments can be safely scanned for viruses, deleted, quarantined, or renamed by removing the '.txt' at the end and put to use.

If you want to learn more and download my quality (but bland-looking) Windows freeware/shareware, visit now.

P.S. since July 2004, I've only gotten a handful of 'no content' email spam at iamcf13@hotpop.com. This technique is used by spammers to validate working email addresses that do not bounce. That is the only spam I recieve nowadays. All the rest is autodeleted by cf13-pop3.

However, I DO wish I could run my shareware mailserver cf13-smtp and avoid downloading the spam in the first place.

The only way we'll actually see a reduction in spam is to put true measures in the MTAs such that there is absolutely no way to mask the sender's address or host, and completely disallow any form of relaying.

Done. Give it a try....

My approach simply filters out all email containing stuff spammers/crackers use in email to do their dirty work.

Interested? Complete details here.

While other antispam advocates here on slashdot hide behind obsfucated email addresses, I opted to use an unobsfucated one--just like the 'good old days' on the Internet before the spammers made email communications almost worthless....

Nowadays, the only spam I get is 'zero content spam' used to verify recipient email addresses. Lame and pathetic.

My approach simply filters out all email containing stuff spammers/crackers use in email to do their dirty work.

Interested? Complete details here.

While other antispam advocates here on slashdot hide behind obsfucated email addresses, I opted to use an unobsfucated one--just like the 'good old days' on the Internet before the spammers made email communications almost worthless....

Nowadays, the only spam I get is 'zero content spam' used to verify recipient email addresses. Lame and pathetic.

I stick with sendmail out of inertia more than anything else. Frankly, it's about time I explored other MTAs

Consider my Windows-based software MTA that I wrote back in July, 2004 if you can use it.

It is an all-in-one solution to unwanted email. The only spam it cannot stop is 'zero content email' which is pointless to send out other than to verify working email accounts (no bounces sent back to the sender).

Since I've been using the companion email client program I wrote along with the MTA, 'zero content email' is the *only* spam I get. All the other spam I get to iamcf13@hotpop.com is downloaded and automatically deleted. At the present time, I cannot use my own MTA to receive my email otherwise I wouldn't have to download the spam in the first place--my MTA could silently route it to the 'bit bucket' with the spammer none the wiser....

"Nothing in the Constitution compels us to listen to or view any unwanted communication, whatever its merit. We
categorically reject the argument that a vendor has a right under the Constitution or otherwise to send unwanted material
into the home of another. If this prohibition operates to impede the flow of even valid ideas, the answer is that no one
has a right to press even 'good' ideas on an unwilling recipient. The asserted right of a mailer, we repeat, stops at the
outer boundary of every person's domain."
-- Chief Justice Warren Berger, U.S. Supreme Court

My Windows program is very sensitive to spam because it uses a different method I find more effective than the leading statistical method to stop spam. It works for me, an individual who was fed up with spam and malware and wanted to get rid of both of them for good.

My program lets you decide what kinds of email you want.

Fear not, the program can be configured to 'save spam' in order to avoid deleting important email. The best thing to do is to set my software up on a 'wide open' public POP3 email address and direct correspondents to private 'wide open' email addresses as needed for the ones that get past the filtering.

All I can say is that proper usage of it will make receiving spam and malware 'almost impossible'.

P.S. No lewd/derisive comments please. My software may not be a perfect fit for you but it is for me.

To put it bluntly, I pity spammers/scammers/computer crackers now. Their email is worthless to me--i'll never see it. Should I see it on rare occasions, it will be in a harmless, inert state or contain absolutely no content at all.

Only email provider based filters really work at stopping spam because people who use individual filters wouldn't buy stuff anyway.

If you seriously want spam relief, visit my site.
I did which is why I use the freeware email checker I wrote to check my POP3 email accounts.
The shareware email mailserver I wrote there will reduce and/or keep spam out of your domains and computer networks while making the propagation of malware 'almost impossible'.

If you do not have anything constructive to say about this post, please do not reply to it. The advantages and disadvantages of my approach to spam filtering are spelled out in excrutiating detail there so that you can decide for yourself if my approach is right for you.

Only email provider based filters really work at stopping spam because people who use individual filters wouldn't buy stuff anyway.

If you seriously want spam relief, visit my site.
I did which is why I use the freeware email checker I wrote to check my POP3 email accounts.
The shareware email mailserver I wrote there will reduce and/or keep spam out of your domains and computer networks while making the propagation of malware 'almost impossible'.

If you do not have anything constructive to say about this post, please do not reply to it. The advantages and disadvantages of my approach to spam filtering are spelled out in excrutiating detail there so that you can decide for yourself if my approach is right for you.

1) Configure all e-commerce sites you do business with to send you ONLY PLAINTEXT EMAIL--NO HTML!

2) Filter out ALL HTML email sent to your e-commerce contact point email address. I use my own program to do this automatically for me.

Without the cover of HTML, phishers CANNOT use it to fascilitate their desception.

I used to enter bogus info at the phish sites but I gave up as they seemed to be keeping records and I cannot use a particulare (presumably) 'bogus' credit card number against them. Now I just delete all HTML email (phishing included) that is sent to my e-commerce contact email address.

The Boulder Pledge

Under no circumstances will I ever purchase anything offered to me as the result of an unsolicited e-mail message. Nor will I forward chain letters, petitions, mass mailings, or virus warnings to large numbers of others. This is my contribution to the survival of the online community.
-Roger Ebert

They steal bandwidth. They steal disk space. They steal our time, and time costs dearly. You can't replace it.

Stop spam and spammers at the TCP/IP connection level.

Directory of IP Based Blacklists

Geographic IP lists

Use an aggressive antispam solution to filter spam out. I wrote one and use it regularly to check my email on my terms and not that of other solutions that use more complicated rule-based or statistical methods to fight spam.

Please keep this in mind should my approach be ridiculed (it has been in the past) by people enarmored by statistical approaches that are not as effective as they used to be.

would it be so difficult to set the file attribute on the hosts file to read only. ugh.

The C library function _chmod can be used to un-read protect a file so protecting the hosts file that way is useless.

So I primarily use my software to filter out such HTML-based exploits in additon to certain system configurations to make such attacks 'almost impossible'.

If they cracked down on spam, they would lose all the hard currency they get from spammers in the West. This currency helps defray the cost of the powers that be to remain in power while the rest of China remains in various states of oppression and suppression.

Pink contracts are pink contracts no matter where in the world they are agreed to.

I'll just continue to delete my spam automatically with my own software as I have been since July, 2004.

AOL needs to learn that @hallmark.com DOES NOT equal spam.

It does if the headers say otherwise.

Look at all the 'phish' spam purportedly from such sites as eBay, PayPal, CitiBank, and SunTrust that I've gotten recently in the past.

But no more.

That crap, along with all other unwanted email with file attachments and HTML are now headed for my own virtual wastepaper basket.

I wrote it. I use it. It works.

Or possibly your approach languishes because people aren't interested in an approach with a staggering potential for false positives in identifying spam?

My software can be configured to allow all sorts of 'spammy' content through. At least such content is 'defanged' to prevent malware via HTML and file attachments from compromising one's PC outright. Can the same be said of the other spam filters? The other ones I know about cut away file attachments with 'runnable' extentions and probably do not 'neutralize' unsafe HTML like my software does. Since it has been posited (established?) that computer crackers are working with spammers to set up 'zombie relays' via infected email file attachments or exploit-laden HTML pages sent by email, why not deny them those avenue of attack while still allowing such email to flow unimpeded but in a benign, inert state? In this manner, the user must consciously compromise their system by making such content hostile again which is easy to do.

You say that other systems have 'complicated rules' like that's a bad thing--they are complicated in an attempt to actually separate spam from ham intelligently.

But how can you do that effectively if the sp4mm3rs 4r3 c0nst4nt1y m1ssp31ling w0rds in an effort to evade word-based pattern matching algorithms? My approach is immune to such chicanery because the content I 'score' on is the only content that really matters when looking for spam or 'spamlike' content--all other content is irrelevant and is used by spammers/crackers to get their content past filters and into your mailbox. The way I see it, someone sending you unsolicited email for the very first time have absolutely no need to send you file attachments, HTML (looking content), quoted printable (looking) content, percent signs, dollar signs, numbers, URLs (or URL-like content), or email addresses (or email address-like content). If they do, the email they sent you is likely spam. In my case, that fact was borne out as when the filtering on my public email address, iamcf13@hotpop.com, was a little less restrictive, I still got spam and the occasional Nigerian '419' advance fee fraud email that didn't use percent signs or dollar signs in their fraudulent content. Fed up with even getting this trickle of spam and fraud, I set my SpamByte code to 0 and filtered out effectively all my spam! Right now, I rarely get an occasional 'Subject line' spam with a zero-content body. I have concluded for the time being that these are sent 'manually' out of spite by the spammers and are not 'standard' spam with it's convenient links to 'spamvertised sites' and whatnot.

It's not like there is some conspiracy to promote other solutions over yours.

Allow the Slashdot story editors to 'speak for themselves'.

Since 2004-07-15, the following antispam software packages/algorithms got a news story about them on Slashdot:

DSPAM v3.2 Released

DSPAM v3.2 Beta-1 Released

SpamAssassin 3.0 Released

Revolutionary Spam Firewall Developed
My shareware mailserver had built-in 'antispam firewall' support at the TCP/IP connection level since Thursday, July 15, 2004, 22:19 Universal Coordinated Time

Fighting Spam with DNA Sequencing Algorithms

The above software all use sophisticated numerical and pattern matching algorithms in order to indentify spam from other legitimate email. I say it is unecessar

Unfortunately, 'spreading the message' of the Boulder Pledge via email could be construed as 'mass mailings' even though it is not commercial in nature.

Perhaps it is best to post the Boulder Pledge to your website or as the signature to your emails.

This is why I cannot use unsolicited spam emails to 'spread the word' about my antispam software---the ends wouldn't justify the means.

So my simple, effective approach languishes in obscurity while bigger, more complicated, CPU-intensive approaches are featured on Slashdot.

My approach lets *YOU* decide what kinds of content you want in your email while the other approaches I've seen here use complicated rules to try to flag an email as spam or not.

In an earlier post, I describe the merits of my software in an enthusiastic, factual manner.

For that, this was the result:

[block quoted section below]
MOD SPAMMING PARENT DOWN (Score:0)
by Anonymous Coward on Saturday October 23, @11:06PM (#10612183)
Your solution is to spam slashdot with adds for your overly-restrictive, simplistic mail filter?

Go home.

[ Reply to This | Parent ]

Re:Spam is a social problem--my solution (Score:0)
by Anonymous Coward on Saturday October 23, @11:35PM (#10612297)
I hope you don't write your emails in the same way as you write your posts, because this one surely looks like spam.
[ Reply to This | Parent ]
[block quoted section above]

Why then was the following news item posted to Slashdot in the first place?...

[block quoted section below]
The Long Tail

Posted by michael on Tue Oct 05, '04 04:25 PM
from the something-for-everyone dept.
Chris Anderson writes "I'm the editor of Wired Magazine and if you'll forgive the autohornblowing, I think you'll be interested in my piece in our latest issue. It argues, with a lot of new data, that the entertainment industry is shifting from an era of hit-driven economics to one of niche-driven economics. Content that was once relegated to the fringe, beneath the threshold of commercial viability, is now increasingly able to find a market in distributed audiences, marking a shift towards the previously-neglected Long Tail of the demand curve."
[block quoted section above]

Why is it all right for Chris Anderson to talk about his ideas for free on Slashdot in the form of a news story and not I?

Some selected posts from that thread that address this issue:

[block quoted section below]
Re:autohornblowing (Score:0)
by Anonymous Coward on Tuesday October 05, @04:36PM (#10444135)
if the Slashdot invoice for this publicity is 0$, then I'm even more impressed by the autohornblowing.
[ Parent ]

Why? (Score:0, Flamebait)
by jmays (450770) on Tuesday October 05, @04:29PM (#10444034)
Why does /. succumb to these blatant types of advertising. If the article was submitted by a non-Wired affiliated person ... I might have read it. At least some other Slash-Advertisers post anonymously. pfft.

Re:Why? (Score:3, Insightful)
by halfelven (207781) on Tuesday October 05, @04:59PM (#10444377)
(http://florin.myip

Unfortunately, 'spreading the message' of the Boulder Pledge via email could be construed as 'mass mailings' even though it is not commercial in nature.

Perhaps it is best to post the Boulder Pledge to your website or as the signature to your emails.

This is why I cannot use unsolicited spam emails to 'spread the word' about my antispam software---the ends wouldn't justify the means.

So my simple, effective approach languishes in obscurity while bigger, more complicated, CPU-intensive approaches are featured on Slashdot.

My approach lets *YOU* decide what kinds of content you want in your email while the other approaches I've seen here use complicated rules to try to flag an email as spam or not.

In an earlier post, I describe the merits of my software in an enthusiastic, factual manner.

For that, this was the result:

[block quoted section below]
MOD SPAMMING PARENT DOWN (Score:0)
by Anonymous Coward on Saturday October 23, @11:06PM (#10612183)
Your solution is to spam slashdot with adds for your overly-restrictive, simplistic mail filter?

Go home.

[ Reply to This | Parent ]

Re:Spam is a social problem--my solution (Score:0)
by Anonymous Coward on Saturday October 23, @11:35PM (#10612297)
I hope you don't write your emails in the same way as you write your posts, because this one surely looks like spam.
[ Reply to This | Parent ]
[block quoted section above]

Why then was the following news item posted to Slashdot in the first place?...

[block quoted section below]
The Long Tail

Posted by michael on Tue Oct 05, '04 04:25 PM
from the something-for-everyone dept.
Chris Anderson writes "I'm the editor of Wired Magazine and if you'll forgive the autohornblowing, I think you'll be interested in my piece in our latest issue. It argues, with a lot of new data, that the entertainment industry is shifting from an era of hit-driven economics to one of niche-driven economics. Content that was once relegated to the fringe, beneath the threshold of commercial viability, is now increasingly able to find a market in distributed audiences, marking a shift towards the previously-neglected Long Tail of the demand curve."
[block quoted section above]

Why is it all right for Chris Anderson to talk about his ideas for free on Slashdot in the form of a news story and not I?

Some selected posts from that thread that address this issue:

[block quoted section below]
Re:autohornblowing (Score:0)
by Anonymous Coward on Tuesday October 05, @04:36PM (#10444135)
if the Slashdot invoice for this publicity is 0$, then I'm even more impressed by the autohornblowing.
[ Parent ]

Why? (Score:0, Flamebait)
by jmays (450770) on Tuesday October 05, @04:29PM (#10444034)
Why does /. succumb to these blatant types of advertising. If the article was submitted by a non-Wired affiliated person ... I might have read it. At least some other Slash-Advertisers post anonymously. pfft.

Re:Why? (Score:3, Insightful)
by halfelven (207781) on Tuesday October 05, @04:59PM (#10444377)
(http://florin.myip

You cannot fix social problems with legislation. Spam will never end as long as there will be fools who buy products advertised by unsolicited commercial e-mail. Period.

The first real programming language I learned in college. My first Turbo Pascal program, a simple equation solver, was a kludge that showed it's roots in BASIC, the programming language I knew at the time. Once I properly wrapped my head around the structured programming concept, I was good to go and was off to the races. Nowadays, I think up the code in Visual C++ (almost always just plain C with CString support), type it into the IDE, compile it, and run it with usually no more than minor compile-time/run-time errors. If you are interested, an example of my C coding skills is here--a non-trivial software solution to a real problem that I myself use on a regular basis. :)

My approach only uses 8 simple rules to score spam--the others use more complicated and computer-intensive methods.

My approach is fast, simple, and effective.

I use it to check my own email where it has filtered out my spam without fail.

The only 'spam' it wont detect currently is 'subject line' spam with email bodies with absolutely no content but I can easily fix that....

Maybe my approach is 'too good to be true' or 'not serious' to merit 'airtime' on Slashdot. You decide.

I almost completely agree that if you're dumb enough to fall for the scam, you deserve it.

It's no good being a great programmer or having a great product generally if you can't communicate that or convince anyone of it.

"Because of outsourcing [of software and system administration jobs], it's one of the only ways a hacker can make money," says Kittridge.

[Slashdot News submission result for my website and an earlier version of the software that used a more complicated approach]
A bold, new approach to fighting spam.... Thursday March 11, [2004] @11:51PM Rejected

The Long Tail
Media | Posted by michael on Tuesday October 05, @04:25PM
from the something-for-everyone dept.
Chris Anderson writes "I'm the editor of Wired Magazine and if you'll forgive the autohornblowing, I think you'll be interested in my piece in our latest issue. It argues, with a lot of new data, that the entertainment industry is shifting from an era of hit-driven economics to one of niche-driven economics. Content that was once relegated to the fringe, beneath the threshold of commercial viability, is now increasingly able to find a market in distributed audiences, marking a shift towards the previously-neglected Long Tail of the demand curve."

My primary email address is 16 characters, made from a couple German words strung together. I've got another one, which is my name @gmail.com, set up to redirect to my primary. If I ever start getting spam from that, I can discontinue use, and set up a new address, keeping the forwarding address secret. I have received zero pieces of spam in either to date. What's your excuse for getting spam?

Thank you for your comments, Burning1.

While everyone else goes gaga over SpamAssassin 3.0 and whatnot, I've gone from barely restrained outrage over spammers/computer crackers to now feeling rather sorry for them as they are wasting their time and resources sending me their garbage to me at iamcf13@hotpop.com -- I'll (effectively) never see it. It would be nice if I could use my mailserver program directly and avoid even having to download the crap as it would 'autodelete' it for me.... =/

Sounds like a great way to block legitimate email. : \

If current antispam technologies just move a message to a spam folder, which we have to check its full quantity of messages to make sure there isn't a false positive, then where is the improvement?

I'm probably going to flamed for this, but that install process [for SpamAssassin on Windows] is ridiculous.

Modern spamming software is highly multithreaded and will continue sending thousands of emails even if it's being actively tarpitted by several servers.

An old college professor of mine once said: "There is no such thing as a perfect programmer. Those that think they are, are either a fool or a liar."

Use a hardware router that filters out *ALL* unsolicited incoming internet connections. This should 'hide' your computer from others while on the internet. In addition, use a software firewall program such as Outpost.

Install an antivirus program such as AVG and keep it constantly up-to-date.

'Harden IE' by disabling ActiveX, Java, and Javascript. No more IE 0wnage!

Delete/rename the Windows Scripting Host. No more 0wnage via VBScript!

By doing all of the above, it should now be safe to use Outlook (Express) to check your email and not get 0wned by some email-based exploit. Be on the lookout for spam (FREE V14gr4!!!), phish (id theft attempts), fraud (Nigerian advanced fee fraud), and malware (the latest Wintel/OE mass-mailing-virus). To avoid running emailed malware by accident, consider using my approach which renders known and unknown emailed malware 'inert' and safe to handle provided the system hasn't been compromised first.

And laws haven't been created to change social habits. Ever heard of the DMCA?

Easily flouted. Just have Americans in America post their DMCA-infringing information anonymously to Usenet or a throwaway/anti-DMCA friendly website/FTP site. Even better is for Non-USA individuals to post such information freely to the web--the DMCA doesn't applay to them as they are not U.S. citizens. However, because of the Berne Convention, copyright infringers may be extradited from one country to another as was the case of that guy from Australia.

"why not use technological means to filter them out for good!"

That's what we're doing. Worked so far? No?

Until now. Unfortunately, my approach makes spam and malware 'almost impossible' NOT 100% impossible.

As long as there is an internet and the people using it crave 'easy money', there will ALLWAYS be spam and (zombie mail relay based) malware.

Re:DomainKeys will not work. Crypto costs time and (Score:1)
by B2382F29 (742174) on Friday September 17, @08:35AM (#10275453)

It still isn't useful against spammers because the filter rules are too simple and too inflexible.

The only possible use is against exploits as HTML-mails are converted to plain text. Nice "i can program an email-server"-project but nothing worth to use in daily life.

--
Windows is not the answer. Windows is the question. The answer is NO. - stolen sig

I did this some time ago in the very first version of software I wrote here. I set the method aside for a method that is faster and doesn't depend on spelling.