Slashdot Mirror

← Back to Stories (view on slashdot.org)

SpamNet: Razor for the Masses

Posted by CmdrTaco on from the isn't-that-cool dept.

UCRowerG writes "From CNET News on Yahoo!: "Conceived by Napster co-founder Jordan Ritter and open-source developer Vipul Ved Prakash, the company is touting the benefits of democracy, networking and collaboration in the war against unscrupulous e-mail marketers." " Since Prakesh is responsible for Razor, hopefully there will be Linux support as well, but once again I gotta throw my props at Spamassassin which catches over a hundred spam for me each day.

10 of 256 comments (clear)

  1. Bandwidth by Iscariot_ · · Score: 4, Insightful

    Think of all the Bandwidth wasted on spam. (Downloading, and sending.) Before my cable provider charges me for spending too much time on the net because I'm using their precious data lines, I think they should get rid of those spammers.

    Rather than a client side tool like SpamNet, I'd like to see something that sits along side mail servers.

    Stop the spam before it gets sent!

    --

    Go here for teh [sic] funny.
    1. Re:Bandwidth by Jon+Katz+on+Tuesday · · Score: 1, Insightful

      Myth: Bandwidth is wasted on spam

      Fact: In the overall since of things, bandwidth is plentiful and very cheap. While it may cost you or I an arm-and-a-leg for a DS1 or DS3 circuit - it costs your average telco very little. With all the huge pipes flowing into Tier 1 and Tier 2 ISPs, the amount of bandwidth used on sending you that 15k spam email is minimal comparied to you using P2P software to download coprighted songs.

      So really you should be up-in-arms about the illegal downloading of music using P2P software when you talk about wasting bandwidth.

  2. Spamassassin works with razor ... by dzym · · Score: 3, Insightful
    According to README.Debian ...
    SpamAssassin is compatible with Razor, an online spam database. Get the package razor, maintained by Robert van der Meulen.
  3. SpanBouncer is good too by chowbok · · Score: 2, Insightful

    It's straight procmail, not perl-based. The main problem with it was that it hadn't been updated in nearly a year, but a new version finally came out last Friday.

  4. masses = outlook by rainTown · · Score: 2, Insightful


    The company does face challenges. It is charged with transforming a tool that's geared for a small Unix developer community into a product for the masses....

    Cloudmark's solution requires a free plug-in that plays a minor role in the background of Microsoft's Outlook, the only e-mail client that the product is currently available for.

    hmmm having to choose between the lesser of two evils : spam or viruses, i dunno...

  5. Nilsimsa's popularity will be its own demise by intuition · · Score: 5, Insightful
    Vipul's razor uses something they call "Nilsimsa" fuzzy signatures.

    The signatures are used to determine how "close" the email that your are testing is in content to known spam. The source code of this hashing algorithm is publically available.

    If this network ever became a real problem for spammers, they will simply use word substitution algorithms or any other number of simple methods to change the email until the nilsimsa's signatures are not close enough to flag the email as spam.

    This was the problem with Vipul's razor version 1.0, which was discussed on slashdot, and this remains the problem in Vipul's razor 2.0

    1. Re:Nilsimsa's popularity will be its own demise by Matts · · Score: 5, Insightful

      Disclaimer: I'm one of the SpamAssassin developers.

      I'm not really sure how Razor2 is managing to use Nilsimsa (and despite Vipul saying that Razor is open source, we don't get to see the server, so I can't find out easily).

      When I did testing of Nilsimsa for SpamAssassin it turned out that in order to be able to use Nilsimsa you have to use a special comparison function over every single nilsimsa hash in your database. This basically became unusable at about 50K signatures, as when you received an email, you first had to hash it with Nilsimsa, but then you had to use nilsimsa_compare (or whatever the function was called) on each and every one of those 50K entries.

      I'd really like to hear how they're doing it. Perhaps Vipul found some way of indexing the search so it wasn't a full scan. If anyone follows the Razor lists and knows how it works, please share.

      --

      Matt. Want XML + Apache + Stylesheets? Get AxKit.
  6. Re:Yeah, I remember that discussion by ahrenritter · · Score: 5, Insightful

    I don't believe that computing cycles are the contention point here. The difference is in who is paying for the bandwidth. Consider these two hypothetical cases:

    A. Not worrying about razor
    The spammer loads up their spam program and gives it a dump file of five hundred thousand email addresses. It takes these, and using its knowledge of spam friendly networks, sends one copy of the spam to 500 different relay servers. Each server receives an identical e-mail with 1000 different bccs. The e-mail body is only 20k, adding the 1000 addresses gives you another 20k or so, so the spammer spends 20 megs in bandwith (20k+20k * 500 mails sent)

    B. Worrying about razor
    The spammer loads up their spam program and gives it a dump file of five hundred thousand email addresses. It takes these, and the message to be spammed, and sends a slightly modified message to each group of we'll say 10 addresses. This way, if one of the messages gets razor'ed, they only lose 9 possible reads. The spamware sends out 100 emails to each of the 500 spam friendly servers. The e-mail body is only 20k, and the 10 addresses only add 1k or less, so the total message is only 21k now, but it is sent out 100*500 times. The spammer has spent over 1 gig in bandwith now.

    That doesn't come cheap.

    --

    All I wanted was a rock to wind a piece of string around, and I ended up with the biggest ball of twine in Minnesota
  7. Re:Free speech is meaningless by schon · · Score: 2, Insightful

    Now we're reading about people impeding commercial entities' right to advertise.

    Uhh, Seth, if it really is you, I just lost all respect for you. Spam is NOT about censorship, or advertising - spam is harrassment.

    What about MY right to be free from harrassment?

    Are restraining orders issued by judges "censorship"? No, they're protecting victims from unwanted contact. This is no different, except for the fact that the victims in this case don't need a judge

    The simple fact that someone employs a spam filter means, by definition, that they don't want to be harrassed.

    Of course, if you disagree with me, please post your phone number here, so that I can set my computer to autodial you every 15 minutes with my "special offers."

  8. I use ask by kwerle · · Score: 4, Insightful

    Seems to work 100%. It sends mail back to any unknown sender to confirm that they really wanted to send me email. Of course spammers never confirm.

    http://a-s-k.sf.net/