Slashdot Mirror
SpamNet: Razor for the Masses
UCRowerG writes "From CNET News on Yahoo!: "Conceived by Napster co-founder Jordan Ritter and open-source developer Vipul Ved Prakash, the company is touting the benefits of democracy, networking and collaboration in the war against unscrupulous e-mail marketers." " Since Prakesh is
responsible for Razor, hopefully there will be Linux support as well, but
once again I gotta throw my props at Spamassassin which catches over a hundred
spam for me each day.
Spam is the only mail I get...makes me feel part of something greater than I.
And the first thing the story about the spam-battling startup does is to load some popup advertising.
Wonderful.
...which catches over a hundred spam for me each day.
Is the plural of "spam" really "spam"?
Think of all the Bandwidth wasted on spam. (Downloading, and sending.) Before my cable provider charges me for spending too much time on the net because I'm using their precious data lines, I think they should get rid of those spammers.
Rather than a client side tool like SpamNet, I'd like to see something that sits along side mail servers.
Stop the spam before it gets sent!
Go here for teh [sic] funny.
Just as a curiousity, are these signatures just checksums, or are they a more complex algorithm?
I would be interested to learn how these signatures are generated. Since if they are checksums, it will be reasonably easy to defeat (just change one letter in each e-mail message), but if they are something more complex it might become more difficult.
As well, it might prevent good mail from coming through if these signatures are too simple.
Anyone know details at all?
~ kjrose
If it works anything like existing P2P networks then It will take about a week to stop each spammer and block thousands of non-spam emails simply becuse they contain the same words commonly used by spammers.
:-)
My $0.02 will always be worth more than your â0.02, so
http://www.cloudmark.com/
... because the guy who posted this obviously couldn't be bothered....
So, does anyone actually know of a package using Vipul's Razor or similar that works on Windows and does not require me to switch to a MS product?
My blog
>"Prakash drew inspiration for the company from the sci-fi novel A Fire Upon The Deep, by Stanford computer science professor,
>Vernon Ving, who wrote about a router the size of a planet "that could filter spam," Prakash said. "
Wow, I bet Vernor Vinge is happy about that one!
what if they got into the system and overloaded it while still small so as to promote their own links and to discredit the project? Just a wild thought, not that they would ever be that organized.
I am thinking of the recent Google ranking wars, for example.
for most folks using it, it would be enough to put them off their feed if the spammers polluted the data pool early and strongly enough. Presuming that the average user was not an expert user.
I see this as part of a larger problem of people pushing competing viewpoints on the web.
Alledged nasty group "A" against alledged heroic group "B" - gets messy when things like politics and religion get involved.
"It is a greater offense to steal men's labor, than their clothes"
My e-mail is currently hosted at SpamCop, who do a pretty good job of filtering out spam before it even reaches my mailbox. They shunt spam into a seperate folder using the excellent SpamCop blacklist, and can also optionally use additional blacklists including SPEWS, Osirusoft, ORDB, Spamhaus, Monkeys.com, etc. etc.
Combine that with POP3, IMAP, and web access, and also the ability to suck mail out of existing POP3 accounts and I think it's excellent value.
No, they're not paying me to say all that, I'm just an extremely happy customer. :)
It's straight procmail, not perl-based. The main problem with it was that it hadn't been updated in nearly a year, but a new version finally came out last Friday.
No, I long ago suggested spam licenses where we get to go out and give each spammer a bright orange flow in the dark permanent eartag, complete with animal tracking collar. Then we can heard them up and stampede them over a cliff or something.
"It is a greater offense to steal men's labor, than their clothes"
This would be a welcome feature addition for Evolution.
The company does face challenges. It is charged with transforming a tool that's geared for a small Unix developer community into a product for the masses....
Cloudmark's solution requires a free plug-in that plays a minor role in the background of Microsoft's Outlook, the only e-mail client that the product is currently available for.
hmmm having to choose between the lesser of two evils : spam or viruses, i dunno...
It's a law that any spelling/grammar flame must contain at least one spelling/grammar mistake. This one's got several.
The signatures are used to determine how "close" the email that your are testing is in content to known spam. The source code of this hashing algorithm is publically available.
If this network ever became a real problem for spammers, they will simply use word substitution algorithms or any other number of simple methods to change the email until the nilsimsa's signatures are not close enough to flag the email as spam.
This was the problem with Vipul's razor version 1.0, which was discussed on slashdot, and this remains the problem in Vipul's razor 2.0
It's a war!
Everything is a war!
War on Poverty!
War on Drugs!
War on Terrorism!
War on Spam!
TO ARMS! TO ARMS!
WAR DRAWS NIGH!
Steve's Computer Service, Hobbs, NM
Yahoo and CNet, I mean.
:(
Cloudmark
Brightmail
It doesn't work with Outlook Express 6 so I'm in no position to test it
[o]_O
I've run both Spamassassin and Spambouncer. For the curious, I prefer Spamassassin, and here's why.
I was very impressed with Spambouncer. It was the first spam-heuristic system that I'd used (previously, I'd relied solely on MAPS, ORBS, ORDB, RBL, etc.), and I was very impressed. I found that it rejected a lot of legitimate mail until I grepped my "Sent Items" folder, extracted every "To" field and made that my white list. (The assumption being that if I've e-mailed somebody, I don't mind hearing from them.) That worked very well, and I was happy with Spamassassin. The odd piece of spam would get through, and I still had 1:100 legitimate messages get put in my spam folder. But it made my life much simpler.
Then I tried Spamassassin. The big reason was because I wanted to take part in Razor and know that I was a part of a collaborative process. Also, Spambouncer hadn't been updated in months, which struck me as odd. But I also just wanted to try something different. I found that Spamassassin was better. Not in a way that made Spambouncer look bad, it was just clear that Spamassassin was a superior product. For example, Spamassassin provides a complete scoring in the headers, so you know exactly what criteria caused the message to be block. And I never had to set up a whitelist -- it just works. I still get that tiny little bit of spam that gets through, no more or less than with Spambouncer, but that's really not a complaint. It's very, very rare that a legitimate piece of mail gets caught up in the system. Best of all, the nonexistent addresses on my system that spammers have somehow discovered (big@waldo.net, aldo@waldo.net) can be forwarded via my aliases table to Spamassassin's (Or is it Razor's? I forget.) server to be automatically added to their honeypot collection.
I'll stick with Spamassassin, I think. It appears to be the most mature, stable, simple, straightforward spam filtering product available today. For those looking to set up server-side spam filtering, I highly recommend it.
-Waldo Jaquith
"Vernor Vinge"
/ 102-0508855-7921755
If in doubt go to http://www.amazon.com/exec/obidos/ASIN/0812515285
Steve's Computer Service, Hobbs, NM
Are client-side spam filters a good idea any more? It seems to me
that if I have to reject spam at the client end, the damage has already
been done, in that I have already paid for the spam coming through
the network.
Lately I've started actively finding the source of the spam and
alerting the postmaster that their server has been cracked. Am I
wasting my time, or should I just be deleting the stuff without
worrying about it?
"700 per person this year. "
are you kidding me... my hotmail acct gets over 100 a day... At least I know for every week I keep that e-mail address some lucky guys doesn't get spam for a whole year... But then again he isn't going to get his college degree from a non-acredited college or meet girls that just turned 18 and decided to put a webcam in their shower... and let's not forget the 1000s I'm gonna make when this african prince moves all his money into US banks.
Your mammas flamebait.
This is unsolicited bulk/commercial/junk email, it is not Spam and these are not Spamer's, Spamer is a proper surname, my surname.
k in =lycos&type=residential&pagesize=10&name=Spamer&lo cation=Hull&initial1=&initial2=
Now experience has told some will not believe this and think it's a troll so 1) check my posting history, I don't troll and 2) here is my entry in the UK online phone directory.
http://ukphonebook.lycos.co.uk/servlet/Search?s
Yes, my name really is Martin SPAMER;
Yes, it really p!$$ me off when people abuse my name;
Yes, it does cause me no end of grief;
Yes, I've heard all the wise cracks before;
No, I don't find them funny.
No, I refuse to be bullied into using an alias, how would you feel if I equated your name with thieving scumbags.
So if you wish to get on my bright side, do not use the term Spam or its derivatives use the term(s) unsolicited [ commercial | bulk | junk ] email.
thank you.
Martin Spamer
"Razor for the Masses"
I was thinking one of the silly metal scooters...
-Pete
Soccer Goal Plans
score RAZOR_CHECK 5.0
I've also got the other "network tests" enables (blacklists), but I assign them low scores since they have a lot of false positives.
Using spamassassin with razor and the blacklists really works. My spam file has 836 spams automatically filtered between March 1 to today, June 19. Of those 836 messages, 511 have the RAZOR_CHECK string in the "X-Spam-Status" line that spamassassin adds to the header.
Not too bad, considering Razor uses a rigid message digest that fails if the spammer adds any "random" content to the messages. Saddly, it seems like that's becoming more common. Rumor has it that Razor is someday going to use "fuzzy" matches with one of two algorithms that somehow accomplish such a feat. Anyone know when/if this is supposed to happen??
PJRC: Electronic Projects, 8051 Microcontroller Tools
I don't believe that computing cycles are the contention point here. The difference is in who is paying for the bandwidth. Consider these two hypothetical cases:
A. Not worrying about razor
The spammer loads up their spam program and gives it a dump file of five hundred thousand email addresses. It takes these, and using its knowledge of spam friendly networks, sends one copy of the spam to 500 different relay servers. Each server receives an identical e-mail with 1000 different bccs. The e-mail body is only 20k, adding the 1000 addresses gives you another 20k or so, so the spammer spends 20 megs in bandwith (20k+20k * 500 mails sent)
B. Worrying about razor
The spammer loads up their spam program and gives it a dump file of five hundred thousand email addresses. It takes these, and the message to be spammed, and sends a slightly modified message to each group of we'll say 10 addresses. This way, if one of the messages gets razor'ed, they only lose 9 possible reads. The spamware sends out 100 emails to each of the 500 spam friendly servers. The e-mail body is only 20k, and the 10 addresses only add 1k or less, so the total message is only 21k now, but it is sent out 100*500 times. The spammer has spent over 1 gig in bandwith now.
That doesn't come cheap.
All I wanted was a rock to wind a piece of string around, and I ended up with the biggest ball of twine in Minnesota
We implemented Spamassassin at our ISP and people actually called up complaining that they were not receiving their junk mail (yes, they wanted it).
So we took down the system-wide implementation and now protect domains and users on a customer-by-customer basis (when they ask for it).
Makes me wonder if some sick individuals out there love getting telemarketing calls? Different strokes for different folks, I guess.
Can Razor really avoid this? (I'll submit the email using different accounts if razor asks for more than one submission; I'll setup the accounts to bounce all spamassassin-filtered email to razor too, so that Razor thinks the accounts are serious spam-cops).
Or am I missing something?
There is another option. If you get your email from a POP3 mail server (chances are that you do, unless you use web-based email), try the Spam Tamer Proxy.
1. It will let all the spam through, but it will eliminate pictures, pop-up windows, web bugs, and other garbage. That makes the spam easier on you and your bandwidth.
2. It will never block legitimate mail. Pictures sent as attachments make it through. (Friends and family send pictures as attachments, but spammers never do.)
3. It doesn't confuse people who send you legitmate email.
So, it's not the same as a spam blocker, but if conventional filtering isn't the right choice for you, I suggest you give it a try.
Best of all, the nonexistent addresses on my system that spammers have somehow discovered (big@waldo.net, aldo@waldo.net)
/. Bam! Discovered! :)
They just scan
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
In short, the spammers are advertising... to themselves!
- Have a picture
Now we're reading about people impeding commercial entities' right to advertise.
Uhh, Seth, if it really is you, I just lost all respect for you. Spam is NOT about censorship, or advertising - spam is harrassment.
What about MY right to be free from harrassment?
Are restraining orders issued by judges "censorship"? No, they're protecting victims from unwanted contact. This is no different, except for the fact that the victims in this case don't need a judge
The simple fact that someone employs a spam filter means, by definition, that they don't want to be harrassed.
Of course, if you disagree with me, please post your phone number here, so that I can set my computer to autodial you every 15 minutes with my "special offers."
I'm currently using spamassasin with procmail to filter spam, which is nice, but it has introduced another failure point.
Basically, I forward all my e-mail from an e-mail gateway to my own box, run spamassassin, and then forward it off to my IMAP server (the gateway and IMAP server are out of my control).
What I would like is to run a cron job, look at what's already in my IMAP inbox, examine the new messages, and put them in an appropriate folder if they are flagged. I also have co-workers who's gateway and IMAP server are the same, so they are SOL at the moment. A solution like this would work great for them.
Now since there are Perl front ends to both IMAP and Spamassassin, what I want to do shouldn't be that hard to write, but has someone else already written it?
The guy who co-founded Napster, software whose focus it was to allow the unlawful distribution of copyrighted material, is now trying to fight something else that's every bit as troublesome.
I know, I know...
::hangs head in shame::
I won't dance in a club like this...All the girls are slags, and the beer tastes just like piss! -The Specials
Is there a Spamassassin/Razor type product that works with OutlookExpress for Windows?
Unforunately Cloudmark's Spamnet only works with Outlook, not OutlookExpress.
One thing I've seen spammers do to evade filters is munge the HTML source by randomizing line breaks or inserting nonsense tags like [!asdf] . They especially like to use line breaks to break up common spam phrases like "save 70% on your life insurance!". It renders all on one line, but it's split across lines in the source so dumb filters will miss it. Not sure if DCC or Razor account for this by ignoring nonsense HTML tags or ignoring line breaks in HTML mail.
You'd have to make substantial changes to defeat Nilsimsa (which I'm not sure if Razor is really using yet, but it is planned).
I doubt a tool could be crafted to automatically alter a text message sufficiently to avoid Nilsimsa without also distorting the message so badly that it'd be worthless (it'd have to be automated to be effective). Even knowing where Nilsimsa will decide where the clusters are within the data, you'd need to be able to make a good number of those clusters change, and change in a different combination that ever done previously.
It'd take quite a linguist to craft code to substitute words, phrases, etc and still achieve the same overall message with each one significantly different. Then again, maybe Scott Pakin could do it?
PJRC: Electronic Projects, 8051 Microcontroller Tools
I use Spamcop to filter my incomming mail at the MTA level, and I've been exceedingly happy with it. Apart from one or two that 'slip through', the only spam I receive nowdays comes through MTAs I have no control over.
Quick brief on how it works. There are two portions:
- Reporting tool, that allows you to forward spam to SpamCop for analysis. This will pick apart the headers and body, find out where the spam originated from (even if it's gone through legitimate relays and aliasing systems, such as mailing lists), and will send complaints to the relevant owners of the IP block owners, MTAs and web sites. It does a VERY good job of figuring out who's responsible.
- Blocking tool that uses a RBL-style blocking list, which lists IP addresses of spam originators. If enough spam gets reported within 24 hours, the IP sending the spam gets added to the list. You can use this to block addresses where spam has originated from so you dont even receive the spam. People get their IP addresses unblocked only if spam stops being sent from that IP.
The system is very good. It relies on you and others reporting spam to SpamCop in a very workable collaberative effort.
http://spamcop.net/
The single best thing all of us who know how to run traceroute and whois can do is LART THE ISPS THAT HOST SPAMMERS!
I've been forwarding every spam I get that come from a Verio hosted site, or spamvertises a site hosted on Verio to Verio and their parent company, NTT. I'm using bitch-list.net to do so, since they have a bazillion email addresses for Verio. I make sure the email has the spam attached, and since Verio has claimed the cannot read attachments (***cough***BULLSHIT****cough***) I also paste the mail headers into the message, along with a WHOIS and traceroute showing it to be a Verio customer. When they complain, I tell them "MY message isn't spam - your customer contacted me, so a prior business relationship exists. You want it stopped, stop the spammer."
I won't say it is working, but if 10% of everybody who got these spams did as I do, then Verio's help desks would be so clogged that they couldn't HELP but see the damage on the bottom line.
www.eFax.com are spammers
That's why Spamassassin is highly customizable. Using the default ruleset it will catch things like that, but you can easily change how it works.
What?
Check out Blackhole by the Groovy Organization, which integrates really well with Qmail but will work with just about any MTA. I found SpamAssassin's documentation to be mediocre at best, and had a helluva time getting it operable. Blackhole worked right off the bat for my Qmail/Courier IMAP/OpenBSD 3.0 setup, and can use Razor amongst other filtering methods. The software is constantly updated, and the developer plesant and responsive. Give it a try!
And don't forget the shortage of printer toners... Even if you don't even own a laser printer of copier...
Pyzor works in a very similar way to Razor, but the client and server are open sourced. The Razor *server* is not open sourced.
http://pyzor.sourceforge.net/
Oh, BTW, Spamassasin *uses* Razor.
Government of the people, by corporate executives, for corporate profits.
Sorry Martin, but two things can have the same name. It's not like you can trademark nouns!
I've got MailScanner...i lscanner/
http://www.sng.ecs.soton.ac.uk/ma
...run ning on my personal server. It's a "wrapper" for SpamAssassin and a number of server-side virus scanners. Pretty cool tool.
m1m3r - n. - a leet speak performance artist that sometimes gets trapped in an imaginary glass box
This comes back to problem of paying for some one elses advertising. Before telcos started chageing per meg of download (some as high as $.20 per Mb) it was hard to put a cost on that 15k download (some spams lately are using html tags to pull in images that weigh in at 150kb or with a little math $.03) after recivieng 100+ 15k spams a day you are losing around $.03 assuming that there are no bloated images attached. Multiply that time 365 (spammers don't take days off) adn you wasted around $10.00 on advertising for some one else. And that is assuming that your time is worthless.
Whenever i here someone defending spam the only thing I can think of is that they must be spammer or they are teminaly clueless.
I used to have a cool sig, back when I cared
It lets through, on average, one per month.
Seems to work 100%. It sends mail back to any unknown sender to confirm that they really wanted to send me email. Of course spammers never confirm.
http://a-s-k.sf.net/
That's what I did once. It didn't modify the mail's body, it just added a convenient X-Spam header.
I took a look at spamassassin a few months ago and also thought it looked like a great package.
However, it makes the assumption that the UNIX box it is running on is the final destination for the mail it tags.
My frustration is that I have postfix running on my Internet mail gateway, sending mail internally to our MS Exchange server. This is the Way of the Corporate World, and no amount of bitching and moaning will change it. It's nice to have postfix on the outside; I trust it. But Outlook/Exchange is the way I, my users, and most companies interface with email.
However, I've yet to find a good way to have spamassassin tag the mail on the way through the postfix server. Sounds relatively trivial, but nothing that was out there when I last looked was simple to configure or reliable.
This has *got* to be a common situation for many of us. Is there a Good Solution yet for those of us who'd love to use spamassassin but can't run it on the final mail server?
I checked it. No luck.
Rather than a client side tool like SpamNet, I'd like to see something that sits along side mail servers.
Absolutely!
I think that we could dramatically reduce the amount of SPAM out there is we did the following:
All SMTP servers should do a reverse lookup on the IP address of any host that attempts to deliver mail to it, and require any host attempting to send mail to it to identify it's domain. If the domain the mail server provided does not match the domain the IP space is registered to, the mail server should refuse to accept the message and drop the connection.
Since most of the SPAM I receive comes from non-existant domains, I think that something like this could help.
*** Where are we going? And what's with this handbasket?
I prefer to block SPAM at the door with Exim. This does mean that you will have to your own MX hosting which might be more trouble than it's worth for most folks. It also requires mail filtering since you typically detect a source of spam when one ore more messages get through. After 3 months of monitoring I have collected a number of hostmask (reverse-DNS challenged hosts are automatically blocked). This collection manages to block out about 98% of all SPAM messages.. during the SMTP handshake! The remaining 2% are new messages from (mostly open Windows NT) relays that do get blocked by the other filters. Some of the more notorious and persistent sources:
:) Given, there are still a couple of messages that pass through all the filters, but the last such message I got was about 2 weeks ago. Not fullproof, but getting htere...
*.pacbell.net
*.mb0?.net
*.client.dsl.net
*.dsl.att.net
*.attbi.com
Today's addition: *.passionup.com
-adnans
"In short: just say NO TO DRUGS, and maybe you won't end up like the Hurd people." --Linus Torvalds
I'm fairly certain that the core technologies that this service uses were patented in 1997 by Bright Light Solutions, who later became BrightMail.
Here's a snippet from their patent:
1. A system for controlling delivery of unsolicited electronic mail, comprising:
a communications network;
a plurality of user terminals coupled to said communications network, each of said plurality of user terminals having a unique e-mail address, wherein each of said plurality of user terminals comprises a filtering application for receiving incoming electronic mail messages addressed to said unique e-mail address of said user terminal and filtering said incoming electronic mail messages based upon stored filtering data; and
a control center, comprising
a distributor for generating a probe address and transmitting said probe address to at least one site on said communications network, wherein said probe address is different from each of said unique email addresses of each of said plurality of user terminals,
a processor for receiving electronic mail messages addressed to said probe address, and for extracting source data from said received electronic mail messages, and
a database update signal generator coupled to said processor for generating and transmitting a database update signal incorporating said extracted source data;
wherein each of said plurality of user terminals receives said database update signal from said control center, updates said stored filtering data in response to said database update signal, and filters electronic mail messages received by said user terminal in accordance with said updated filtering data.
2. A system according to claim 1, wherein said user terminals filter electronic mail messages sent from other of said user terminals in accordance with said updated filtering data.
3. A system according to claim 1, wherein said probe address is transmitted to sites on said communications network that provide address information for senders of unsolicited electronic mail messages.
4. A system for controlling delivery of unsolicited electronic mail, comprising:
a communications network;
a plurality of user terminals, wherein each of said plurality of user terminals has a unique e-mail address;
a server coupled to said communications network and each of said plurality of user terminals, wherein said server comprises a filtering application for receiving incoming electronic mail messages addressed to said unique e-mail address of each of said plurality of user terminals and filtering said incoming electronic mail messages based upon stored filtering data; and
a control center, comprising
a distributor for generating a probe address and transmitting said probe address to at least one site on said communications network, wherein said probe address is different from each of said unique email addresses of each of said plurality of user terminals,
a processor for receiving electronic mail messages addressed to said probe address, and for extracting source data from said received electronic mail messages, and
a database update signal generator coupled to said processor for generating and transmitting a database update signal incorporating said extracted source data;
wherein said server receives said database update signal from said control center, updates said stored filtering data in response to said database update signal, and filters electronic mail messages addressed to each of said plurality of user terminals in accordance with said updated filtering data.
5. A system according to claim 4, wherein said filtering application updates said filtering data in response to said database update signal by adding said extracted source data to said filtering data stored in said server.
6. A system according to claim 4, wherein said server also filters electronic mail messages sent from each of said plurality of user terminals.
7. A system according to claim 4, wherein said probe address is transmitted to sites on said communications network that provide address information for senders of unsolicited electronic mail messages.
In an interview, Prakash and company CEO Karl Jacob said Cloudmark's software solves the problem of identifying spam and quickly updating e-mail filters by harnessing the intelligence of the Web community at large.
Ad that is why it will never work.
Don't forget his wish to increase his breast size, as well as interests in Russian women and naked black men.
--
"Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
At home I've been using a system of somewhat complex Sendmail filters and header checks which validate a message's headers before the message is officially accepted (according to the client). I use this to stop spam by effectively bouncing the message even after the entire body has been sent -- but the message bounces before the (evil) SMTP session is closed.
However, Sendmail's options for this are rather limited and at the moment I'm evaluating a Postfix/SpamAssassin/Razor setup to flag and filter spam. It seems to me that SpamAssassin can only filter messages which have been accepted by the MTA (same with Razor). To me, this is unacceptable.
What I'd like is the following:
Line by line checking of the SMTP session, specifically the DATA phase. If any line matches my ruleset (and thus is spam), immediately return an error code (553 you're an evil spammer) and then disconnect the client. I think Postfix allows for this but I'm not sure (Postfix says it will for a long pause prior to the error as well, which is nice).
SpamAssassin/Razor filtering after the DATA phase (after a "." on a line by itself) but prior to the return of the message accepted code. This would enable me to still "bounce" messages directly to the sending server, while not actually accepting the message.
Different rulesets (perhaps some global, some site specific) for different domains/addresses. Eg, I want firstsite.com to use a very restrictive check of the headers (both for proper format and against SpamAssassin), while secondsite.com only uses SpamAssassin and doesn't check for silly header mistakes.
Right now, Sendmail does a pretty good job for me, but I have a problem with valid messages getting rejected because the sender's MTA does stupid things, like use improperly formed Message-IDs or leaves them out entirely.
I initially thought it might when I first heard of Razor, but I don't think it does.
Razor doesn't attempt to determine the source of a mail, it doesn't create an alert signal of any kind and doesn't broadcast a message to network servers or user terminals.
It doesn't infringe that patent.
Deleted
Check out this excerpt from the EULA:
Certain third-party modules may be bundled with the Software and may be provided to You subject to separate license terms, in which case they would not be covered under this Agreement. Any such separate license terms are provided in a text file accompanying each individual third-party module.
Sure sounds like a Spyware clause to me! I'll let you know when I finish installing...
You don't need a fancy fetchmail/procmail setup to use SpamAssassin. MandrakeForum has an excellent HOWTO on how to set it up in KMail, or indeed any MUA that supports filtering through an external process/program. Works like a charm here - I'm never looking back!
"Oppression and harassment is a small price to pay to live in the land of the free." -- Montgomery Burns.
One of the problems Razor has is the false reporting of mailing lists as spam. e.g. Someone continually reports the CERT advisories as spam, as a result you have to specifically "whitelist" the CERT mailing list in order to get the advisories.
The problem is that Razor automatically trusts the spam reports. I'm not sure if that's still true of Razor 2.
Pyzor is being designed with client authentication in mind, you'll get an account on the server and the client will authenticate itself when it connects, then your report spam will be logged against your acount. If you report mail as spam falsely, you'll lose your account.
Deleted
Apparently, whoever needs volume to achieve something goes the Microsoft way; in this case, Outlook users. The quickest way to achieve the critical mass required for their system to work would be to have an agreement with Hotmail, which is already probably using this technology and is self-sufficient for the task, given the volume they deal with.
Now, why do I still get spam in my hotmail box, and why does it always come from the same sources? Do they keep their eyes closed for some specific UCE suppliers?
have you been defaced today?
People seem to be putting a lot of work into a lot of different SPAM blocking schemes... The problem is that they are all reasonably easy to defeat.
So, why has no-one begun using the simple, full-proof method? Just have a phrase that must appear in the subject-line of all your e-mail.
So, my phrase will be 'loaded' (note: the only way this system may become ineffective is if everyone choose similar phrases). Now, as I give everyone my email address, I tell them 'loaded' must be in the subject of every e-mail they send me. I set up filters in my (free, web-based) e-mail account to throw away anything that doesn't have the phrase 'loaded' in the subject line.
Now, assuming I'm not careless about how I note my phrase on message boards and web pages, I should never again recieve a single piece of spam.
It's just that simple. No David verses Golliath... No million-dollar charity organizations that manually filter out spam. No more thousands of hours writing rules to block e-mail that doesn't perfectly match the rfcs... No more complex programs that may be fairly easilly defeated by the spammers.
The single problem is mailing lists. For each list to which you subscribe, you must write a single rule to deliver mail from that 'To:' or 'From:' address, into your Inbox, rather than your Trash.
Blocking SPAM, it's just that simple, people. And if the idea spreads, the spammers will completely stop, as there's no more profit to be had.
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
Heh, I just finished that one, came across it at a library while I was looking for something new to read. Vinge had entered my consciousness from /. or somewhere on the internet but I'd never read any of his stuff(for an avid reader and a sci-fi fan I've missed quite a bit of good stuff). Now I've gotta hunt down more, that was an amazing book.
Bleh!
What about D. J. Bernstein's "Internet Mail 2000" idea? As far as I can tell, it's a system where the recipient has to actively fetch mail from other hosts, so you could just choose to not fetch mail from spammers.
Yes, but smaller spamhausen typically sign up for dialups to abuse, they couldn't do that with this kind of bandwidth.
All I wanted was a rock to wind a piece of string around, and I ended up with the biggest ball of twine in Minnesota
Reverse DNS is NOT A REQUIREMENT TO HOST MAIL
:)
It is for me. And seeing how it defeats about 90% of ALL incoming SPAM I think I'll keep that requirement. If you don't take the time to properly configure reverse-DNS lookup, if only for your SMTP server, I simply bounce your message with an appropiate 50X reply. If you can't live with that, tough!
Read the related RFC's
LOL. What the hell does an RFC have to do with combatting SPAM at my doorstep?
Anyone who bounces mail based on a lack of a reverse lookup has no concept of how to properly run a host.
Riiiiight!
-adnans
"In short: just say NO TO DRUGS, and maybe you won't end up like the Hurd people." --Linus Torvalds