Slashdot Mirror
Email (As We Know It) Doomed?
Mephie writes "A pretty interesting article at Slate.com takes a look at how spam may be killing email as we know it. With the increase of spam, the argument is made that more users will switch from blacklisting spammers to 'whitelisting' specific, trusted addresses, making email more like instant messaging: if you're not on someone's 'buddy list,' you have to prove you're an actual person (e.g. identify a word in an image) to send a message." May be?
Right now, my email box gets about 30 spams a day. I almost never receive legitimate email anymore.
.. Email is just becoming outdated as a method of communication, funny how fast that happened. Spam didn't help though, that's for sure.
Additionally, I find that email communication is too slow, which is ironic since its so much more efficient than the old way everyone used to communicate by post.
Instant messaging clients have more than replaced email for me. They can do everything email clients can do, without spam.
Email will always have a place of course, like websites will need email addresses for contacts, and other such things. But for person to person communication, instant messaging clients are much easier to use
Tolerate no spamming what so ever. If one complain about a customer with an proven case of spam would arrive at a abuse department, shut that account down. There is no need to allow this, and no need to "warn" users doing this.
My ISP limits me from commersial activities at my homepage, why not limit the e-mail account from spamming.
The biggest problem today is that the price of spam is not charged from the spammer, but the poor user who recieves the shit. For all you americans out there, sue a spammer, make him/her pay for all loss of productivity he/she has caused. It'll make you rich, and perhaps make spammers think twice before clicking that send button.
Another doomsayer, give me a break, the Internet is going to fall apart in $random years, we'll be swimming in spam and popup ads, hackers will wage "cyberwar" on our "infostructure" unless we do something about it. Whatever. Use the proper tools. By now if you're still swamped in spam/popups/adware, then you're an idiot.
The moron who cut me off on the road this morning is a danger to motorists, highways are doomed to failure!
Previously bayesian spam filtering was demonstrated on slashdot to be very effective. Once this becomes commonplace, and seamless, no extra configuration required on the users behalf, hopefully we will see the end of spam.
However, combined with whitelists this could be quite useful. Bayesian filters to filter out spam, except for whitelisted spam. Eg mailing lists of advertisements you sign up to being whitelisted could be effectively. I suppose that when you sign up to a mailing list that would normally be recognised as spam, when it sends a confirmation e-mail your client could recognise it and ask if you want to add it to your whitelist.
Anyway, with the introduction of bayesian filters into an ordinary client means that the future of e-mail may not necessarily have to be so bleak.
Then, I should ofcourse plug this Openchallenge submission about Learning e-mail classifier:The use of a naive bayesian algorithm in automatically filtering spam and classifying e-mail has been discussed and also implemented in the past. Implement an automatic e-mail classifier system which works together with an IMAP server. The system should: a) constantly refine the database used to classify messages either by periodically re-analyzing the IMAP folders or by tracking each incoming message and periodically checking to which folder the user actually moves each message. b) assign each incoming message an extra header item which contains the path of the IMAP folder where the message belongs according to the classification algorithm.
Also, you could also mine your site for smammers like this.
So, my point is that just during last two years the spam problem has exceeded so much that there is enough interest in fighting it seriously. Spam will die.
so what happens when person A emails person B? if both of them have this whitelist-filter..
B's whitelist emails back saying "identify yourself", A's whitelist respons with "identify yourself"
infinite loop?
CloudMark or other systems that use peer based filtering seem like the way to go. If 10 people have said this is spam, why should I have to see it?
"A language that doesn't affect the way you think about programming, is not worth knowing" - Alan Perlis
I just can't really see email going away, especially not in favor of IM. Emails true usefulness, the thing that makes it a 'killer app' is that it is asynchronous. Unlike IM, when I send someone an email, it is unnecessary for them to be online, or have their IM client running in order to receive my message. Their email server is more than happy to hold their email for them until they can get it, and allows them to respond when they can.
Additionally, it's not like IM is spam-free. A quick google search reveals a growing business in providing anti-spam tools to IM users, so I doubt that making email more IM-like will help, though I do see some limited use of whitelists to be beneficial.
Businesses however, can never get away with using whitelists, or even most blacklists to reduce the amount of spam they have to deal with. I know that at our company, we cannot block nearly the number of netblocks that we would like to, as we need communicate with customers almost exclusively by email, and cannot afford to lock out potential buyers for any reason.
The solution to the spam problem is not an easy one, especially not for businesses, but small steps forward are made all the time, in better pattern matching, address lookup, etc that one day will (hopefully) allow for spam to be stopped, or at least to stem the tide...
The anti-spam movement has been saying this since 1997. It's about time the world woke up and realized how badly the spammers have trashed the effectiveness of email. I know I block using several DNSbl's, a huge access.db with spamassassin picking up the slack that the others miss. I have had to whitelist people whose email gets caught in the other traps.
To me, I dream of the day we can go back to simply leaving email unfiltered and where we receive only that mail we would normally expect, not drivel from marketoons who think that email is the next best thing to handbills posted on my front door. I'm tired of having to update my access.db. I'm tired of keeping up all the diligence, watching logs to see what legitimate mail might have bounced.
Thank you, you rotten, spamming assholes and all the idiots that ever bought anything advertised in spam email.
Rich
The worse spam gets, the more people will look to alternatives. Maybe it's time to set up some infrastructure for Internet Mail 2000.
If one complain about a customer with an proven case of spam would arrive at a abuse department, shut that account down.
I don't think it's quite as easy as that. If one customer using my laptop gateway sends a spam from my IP address, is that the end of my cybercafe? If one angry employee at IBM sets off a spamming program as he walks out the door, does IBM vanish from the Internet?
A while back our server got blacklisted for a week or so by SPEW because it was in the same 16-bit IP range as a machine that has been used for spam. That's potentially 65k machines! It was at this point that I vowed not to co-operate with any of these anti-spam measures, which inevitably martyr innocent users at random and don't touch the big spammers with the resources to change IP address and ISP three times a day if necessary. The cure is worse than the original disease!
Virtually serving coffee
... has been discussed here before: Hash Cash.
os x's default email app, mail, seems to toss spam directly into the trash with (about) 99% accuracy... that is, 99% of spam is correctly identified as spam. perhaps twice i've found emails that i've wanted to receive in the trash, but that's over many months, and the mistakes will never be repeated after a quick "whitelisting".
anyway, if you're really upset by spam, it's pretty friggin' easy to avoid it... do NOT put down your regular email address for any site that wants to email you a password for registration. get a trashy hotmail account (or whatever) just for verifications, and use your regular email addresss for real communication.
perhaps spam, collectively, is a huge problem, but the problems it causes for typical individuals are small, especially given the existence of spam filters. that's why spam won't "kill" email by any measure.
.
For a long time, there were doomsday predictions of the "web as we know it". The pessimists claimed that the signal-to-noise ratio was constantly decreasing and that things would soon degrade to such a point that it would be untenable. Well, what happened? The link structure of the web serves to greatly amplify useful content on the web and filter out noise (so neatly exploited by google).
This is only the latest in a long line of articles saying "spam is increasing at an exponential rate. So in X years Y% of our time will be spent deleting SPAM. E-mail is doomed!!!". This author, for example, says nothing of bayesian spam filters . What is likely is that spam and anti-spam will both mature in a few years, and that a combination of filtering methods will weed out most junk from our mailboxes; users will have so problem manually sending the handful of remaining penis enlargement offers to
Maybe Yahoo and MSN will implement user by user Bayesian spam filtering now :) It would also be interesting to see if they could do the filtering on their entire user base instead of person by person.
"Not knowing when the dawn will come, I open every door." - Emily Dickinson
Subject: bulk email received from one of your account
hi,
I just received a unsollicited bulk email from one of your email adress : e8johan@etek.chalmers.se
Here's a copy of the first few lines of this email :
Received: from mail.etek.chalmers.se (129.16.32.20)
by mta448.mail.yahoo.com with SMTP; 10 Oct 2001 17:48:42 -0700 (PDT)
Message-Id:
From: e8johan@etek.chalmers.se
Subject: product for you... but i think u need to buy it
X-Priority: 3
X-MSMail-Priority: Normal
Date: Thu, 11 Oct 2002 3:47:35 +0200
Mime-Version: 1.0
Content-Type: text/plain; charset="Windows-1251"
Online Drugstore can have your order of discounted Viagra shipped to you for
only 5 minutes of your time!!!
http://www.justgottago.com/od/azzbc/
No Prior Prescriptions Needed
-Licensed U.S. Physicians are ready to fill your order
-Guaranteed Lowest Prices Available
-Discreet Mailing directly to your home or office
Just visit http://www.justgottago.com/od/azzbc/ and enjoy the good life today!!!
So now, your account will be shut down without any warning, that's it ?
#include "coucou.h"
Am I the only person who doesn't receive spam? OK, that's a little bit of a lie, but by and large, I reckon less than 2% of my email is real spam. It's not like I don't get any email - I receive probably 60-100 emails per day over about 3 different accounts, including several mailing lists.
.net about a year ago (I think???), and then these settings were added and enabled for everyone so if you didn't notice it, it will still be enabled.
I think the secret with spam is to stop spreading your email address around the internet. I object to having to provide my email address to forms to register for every damn website (eg. download.com) - I always give a false address if I can. If I can't, I will very seriously reconsider whether I need access to that site (I usually don't). I have an email account that is used solely for the purpose of registering for websites or what have you. Whenever I stick my email address into any form on the web I always check to see whether there is a checkbox that lets me opt out (or in) any mailing lists. The only sites I don't mind signing up for are those that I am genuinely interested in receiving future correspondence from, but they are few and far between.
I also have an email address that is used solely for usenet - this one receives by far the most spam.
Another interesting thing that people may not be aware of is that the default setting for hotmail accounts allows your email address and personal information to be shared. Go to options->personal profile and have a look at the check boxes at the bottom. This never used to be the default setting until the service switched over to
"Because it's there." - George Mallory, when asked why he wanted to climb Mt Everest, March 18, 1923 (New York Times)
The telephone gets bombarded with equally determined spammers and yet that hasn't changed. Certainly, you might not pick up the phone if it's not a number you recognise, but you're still going to look. It's the same for email.
The only reason email will go away is when mobile (cell) phones become as convenient and cheap a way to communicate as email currently is.
I had spam yesterday where they spelt Viagra wrong. Unless Viagrea is a new wonder drug?
Not funny at all. You knew what they meant; a filter on your inbox on the keyword 'Viagra' wouldn't have. Someone I know once worked on software to do realtime filtering of keywords in "family friendly" chatrooms. He said it was almost impossible; a human's ability to communicate FUCK without out actually typing it was far ahead of any rules he could encode into his software without breaking legitimate conversations. That's one of the reasons the spam problem is so difficult to solve purely with technology.
I've said it before, and I'll say it again.
Sending emails back to spammers is for brainless cretins - it serves only to clutter up your mail queue and risks offending innocent impersonated senders or having your email address confirmed as valid for spam.
And sending automated emails back to legitimate senders is downright *immoral* - making everyone do the work that a spammer *should* be doing to get through to you is indefensible.
And I've seen a case recently where this TMDA thing was so misconfigured that it sent an mail back to a mailing list saying there was an unrecognized sender address, and of course that mailing list was half of the gnu.emacs.help mail2news gateway, so the message appeared on the newsgroup for *all* to see. Talk about efficiently multiplying spam.
Now for something useful. Use one of the Bayesian filters, seeing as they're all the rage and get about 97-98% spam matched correctly, coupled with SpamAssassin as a fall-back for the remaining 2% cases, and you'll have far less of a problem.
Now incorporate those filters in your MTA so that the whole body is checked for spammishness before being "accepted for delivery" and you'll have the best solution of them all: bounce the mail at injection-point and be done.
~Tim
--
Rushing on down to the circle of the turn
This wouldn't happen. Anyone who lives in the EU: check your emails - are any sent from EU nations? NO. If the US would stop this stupid insistence on your personal details being everyone else's property but your own - then we wouldn't have to put up with so much sh*te being sent to our inbox about mortgages on another continent. I hope the EU goes through with the (jokey) threat to find and list the names of the people breaking the law - so if they ever take a holiday to Paris, we can be waiting.
Pimping my Karma Whore since 1847.
$ wc -l .whitelist .whitelist
804
It works, but it's a pain, and I still have to manually check the spam folder once in a while to catch people writing to me out of the blue about my software. And there are still a few false positives in the archive (tell me about them, and I'll try and weed them out).
Rich.
Gratuitous spam archive advert: http://www.annexia.org/spam/
libguestfs - tools for accessing and modifying virtual machine disk images
I get bugger all Spam, at work or at home. Could this be because I always tick the "don't spam me" boxes. And because I don't put real email addresses on the internet.
Strange isn't it.
An Eye for an Eye will make the whole world blind - Gandhi
Knuth killed his email address in 1990,
Knuth vs Email
Analytic & algebraic topology of locally Euclidean meterization of infinitely differentiable Riemmanian manifold
One thing I have observed about spam is that seems to especially target free webmail services, and in particular, MSN Hotmail. I have several email accounts, some of which are webmail accounts I signed up for, others came with dial-up or hosting accounts, the universities I've studied at, and the companies I've worked for. The webmail accounts I signed up for are the ones that receive the spam, the others get zero or next to none.
It is worth mentioning that my Hotmail account fills up in three days if I disable the `delete mail from unknown users' filter. The reason is that I enter my Hotmail address whenever I think it's going to be used for spamming. This keeps my other addresses clean.
The reason I use my Hotmail account for that, as opposed to another free-as-in-beer service, is that I have noticed that Hotmail accounts attract spam no matter what. Even though MicroSoft claims they do their best to protect their customers from junkmail, I have noticed that next to everyone who uses Hotmail complains about spam, email that is sent to a long sequence of ASCII-ordered addresses are delivered as if it wasn't obviously spam, a Hotmail account will receive junk mail even if you just let it sit there and never use it or give the address to anybody, and countless other badnesses. I don't know how this compares to other providers of free webmail, but I do know that my Yahoo account gets an acceptible (for me) amount of spam, despite having only the default level of spam protection, whatever that amounts to.
Now there is an additional issue here. I do not use my webmail accounts for everyday email; I prefer POP and SMTP for that. I don't know if more frequent usage would result in higher volumes of spam, but I could see a scenario of how this would work. Most modern email clients, whether they be stand-alone programs or web interfaces, keep an address book. The address books of notable email programs are known to contain exploits that allow hackers access to the stored addresses, and malicious (money-hungry?) webmail interfaces could easily read their clients' address books and sell the information to third parties. In this case, by sending an email to somebody, I expose myself to the risk that my email address will eventually be known by spammers.
Having said all this, I will come up with a couple of hints for avoiding spam. There work for me, YMMV:
1. Avoid using free webmail services (especially Hotmail) for accounts you don't wish to recieve spam on.
2. Use an address other than your primary account when dealing with a party you don't trust.
3. Don't leave your email address on webpages. Even encoding or scrambling your email address won't protect you - if humans can understand it, programs can be made to do so as well.
These practices have left my mailboxen uncluttered for years, aside from the incidental win32 virus. Which brings me to another point: make sure your email client does NOT execute code attached to emails. Most versions of MicroSoft Outlook and Outlook Express are known to be vulnerable. For your own good and that of the rest of the Internet: DO NOT USE THESE PROGRAMS.
I hope my comments will prove helpful to some of you. Feel free to redistribute as you see fit.
---
(1) Everything depends.
(2) Nothing is always.
(3) Everything is sometimes.
Please correct me if I got my facts wrong.
No idea how they implemented it, but I wouldnt be suprised if it was based on bayesian principles as well, since it learns from its mistake (it marks junk emails as such, but allows you to change a mail's status if it guessed wrongly).
Since it starts of in "learning mode", where it only color junk mail but does not delete them, you get to check its efficiency before putting it in "real mode". And even there, by default it only moves the mail in a "junk mail" box, so you can check once in a while if there was anything important there.
Since using it, my father found that it caught something like 95% of emails, and very very rarely had false positive. Even when it had, correcting the mistake meant it was not repeated.
I expect such anti-spam systems to get a lot more frequent... and they DO work. Not flawlessly, but well enough to stop spam being such a pain.
BTW, Apple's filter also have an elemnt of whitelisting, since emails from people in your address book go through without checking.
Just my 0.02 E
What do you know about World Politic? Find out in this quiz
I received a spam once with the subject line "You're a winner!" and no body. No text, no attachments, nothing. Just "You're a winner!" I guess they thought I needed some moral support. ::shrug::
Also, 90% of all spam I receive is in Korean. I live in the United States, and have never visited Korea nor spoken Korean. I only know it is Korean because Eudora used to ask me if I wanted to install the Korean language pack whenever I'd get one (I eventually told it to stop asking).
Though nothing beats the spam I received which started with "If you are a time traveler or alien and or in procession of alien or government technology I need your help!" As far as I could tell, it was completely genuine. The guy seriously wanted alient time travel tech. He requested that responses be sent to his AOL e-mail address. Go figure. (The complete text is a page or two long, but it's pretty funny. I'll post it if anyone is curious.)
Let's think outside the (mail)box for a second.
Imagine a system where only whitelisted e-mail with a confirmed return address gets through. That would be enough to kill spam. The problem is, how can we allow previously unknown people to get on this whitelist without human intervention and gray/blacklists. Complicated? Not necessarily.
Here's the idea: suppose that we have a certifying service attached to our e-mail address. Say, my e-mail address is me@foo.com and my certifying address is certify.me@foo.com. Now I would want to send e-mail to you@bar.com but you do not know me and you are using a whitelist. No problem. I send you an electronically signed e-mail, and my mailing program, upon deciding that you are not already on my buddy list, cc:s the message (or relevant parts of it) to certify.me@foo.com. When your program receives my message and checks that I am not on your buddy list, it sends a signed query to certify.me@foo.com. The automatic service behind that address verifies that
Upon receiving the certification your program adds my address to your whitelist and accepts the original message. After all, you now know my e-mail address. Even a spammer who would be willing to reveal his identity would be pummeled to a certain death by millions of certify requests (which would make his ISP very unhappy). And should a spammer once get on your whitelist, just blacklist him.
This would not be a burden for mailing lists, because the certifying procedure is only invoked during the first contact.
This scheme would triple the initial number of e-mail messages, but because it's a one time event, the overhead is small. Considering that 95 some percent of all e-mails seem to be spam, this could actually reduce the traffic significantly after all the spammers have either been auto-spammed back for every single piece of spam that they send, or vanished into oblivion if none of their messages ever reach people.
So, anybody willing to implement this?
Existence usually comes as a surprise (Idem)
Spam filtering in mail clients is futile. The filtered messages still consume network bandwidth, CPU cycles and storage space on the MTA's and MDA's. Almost every spam message I have ever received had forged sender addresses, and were relayed through a third party MTA. An MTA should ONLY accept messages SENT BY or DESTINED TO users in their own domains. This way the spammers would be unable to hide their identities, and shutting down the offender's accounts would be easy. IMHO, blacklisting open relays is perfectly acceptable. Heck, we should even DNS-blackhole them out of existence !
"And you are dying so slowly, you believe to be living" - Bertrand Besigye
Sure, its annoying but i dont think its going to stop e-mail. Heck i even watch tv and they have chopped the damn shows up into small bits. Im more annoyed by popups and banners that any spam ive ever received.
HTTP/1.1 400
And that is without a load of "133t d00d5" speak. It is easy to dump Viagra and penis enalrgement ads automagically into the trash but misspellings and alternative representations can cause problems, even a space between letters (i.e., V I A G R A) can fool simpler filters. Also there is the problem of false positives, a problem when you discuss your visit to Scunthorpe.
See my journal, I write things there
I think the commercial software vendors are largely responsible for the massive increase in spam. IE is basically an ad delivery system; there's no way to control pop-ups, and no way to block images from ad servers. This is because from the corporate perspective our job as computer users is to view as many ads as humanly possible. Don't expect MS to be of any help. And don't expect any useful legislation either, as the DMA has a powerful and generous lobby in Washington.
But where proprietary software fails us, free software supplies the features that people actually want. Mozilla has built-in pop-up blocking and a great deal of work is going into spam filtering. On my linux box, I use spamassassin and vipul's razor for email, and filterproxy and mozilla to block ads and protect my privacy on the web. Very rarely does any spam make it into my inbox, and I almost never see ads of any kind online. However, it fills me with horror to use other peoples' computers. How can anyone stand all the flashing and blinking?
Conclusion: decent tools are the answer, not bug-eyed rants about the death of email.
Email shouldn't die. If mailserver admins do their jobs right, it should be possible to block out loads of spam.
For instance, look at www.myrealbox.com -- I've had accounts with them for over a year and never received ONE spam in them. Ever! I don't give my address out publicly or to untrusted sources. They do a damn good job of blocking spam.
You see? You see? Your stupid minds! Stupid! Stupid!
Part of the problem with ICQ is that your username is a number. Not only that, but a sequential number so a spammer can message a whole range of people with a simple broadcast. Nothing like having your boss sit next to you when your spam just pops up at you. A lot of people don't do IM whitelisting. Friends change screen names, or maybe you give it out to someone and you just don't have theirs yet.
OK i thought of a way to stop spam. It is very simple. Charge people to send e-mail. Yep, let's say you charge .0001 per e-mail that is sent out. That would be 100 e-mails for a penny. Spamming would then be unprofitable, and people would gladly pay a few cents a month to stop spam.
Now this may be a situation like the mouse putting a bell on the cat, great idea impossible implementation, but I don't understand enough about e-mail to know.
Comments as to why it wouldn't work?
The major ways of getting spam are:
1. Posting on a newsgroup with a valid e-mail address. (I use Sneakemail (www.sneakemail.com) to generate addresses for postings, and within hours of a post, I get new spam.)
2. Have a web page with your e-mail address on it in cleartext.
3. Respond to any spam, sign up for web contests, etc.
4. Have an e-mail address that is easily implied from your domain name (for example, john@johndoe.com, info@whatever.com, etc.)
5. Have a registered domain with contact info in the registration record.
i've had the same set of working email addresses for 5+ years and i get maybe 1 spam out of 1000+ legitimate emails a day. i never spam-proof my email addresses on message boards/usenet/mailing lists either.
i block mail using dsbl.org, spamcop and a few simple procmail rules (when a spam does get through, i block that company via procmail). i don't ever lose legitimate mail, and i don't get any of the "anonymous spam" i used to get from people pretending to be @hotmail.com/yahoo.com/etc.
clearly the reason that these people claim that blacklists don't work is because they're not using them.
Would your ISP have terminated their spammer if SPEWS hadn't escalated their listing to the whole /16?
Read what he said first. He clearly stated that SPEWS starts by blocking smaller IPs and notifies the ISP. If the ISP doesn't response, they block a larger range, until the ISP feels compelled to terminate the spammer's account.
If you're an ISP and want to avoid being blocked by SPEWS, it seems like all you really have to do is reply to abuse reports and terminate the offending account. See, Was THAT so hard?
How's that for a brilliant plan?
Jesus, I'd hate to see how you blow your personal problems out of proportion.
"Communism is like having one [local] phone company " - Lenny Bruce
I have had several serious misunderstandings with people when communicating over IM.
Instant messaging is a difficult medium. It as immediate as conversation, but without being as clear and concise as email or other forms of writing. With most writing you read back what you wrote to make sure that you didn't accidently write something that can be misunderstood. Since IMs happen in (almost) real time this sort of care is not generally used. Also people do not type at the same rate so the thread of the converstation is often lost.
If the subject is important I always use another medium.
http://www.filmthreat.com/GoreyDetails.asp?Id=221
I get a lot of spam at work (maybe 30 or more/day) and almost none at home. I am careful about giving out my email address, and in fact I think I've given out the home address more than the work address. It puzzled me that I was getting so much spam at work, then someone here mentioned that we should not use auto-reply with Lotus Notes because that replies to spammers and confirms your email address. Of course everyone here sets Notes to auto-reply when they are on vacation, etc. I'm convinced this courtesy is the source of my spam problem.
It's too late to do anything now. Yeesh.
...than the hotmail account is Spam Gourmet. Check out their site.
Right now the cost/benefit analysis favors spammers.
The Spammer's View:
First, it's very inexpensive to collect/buy a million email addresses and very inexpensive to send a million emails. Second, the return is sufficient: out of those million emails, all it takes is a handful of replies to make a profit. Third, the risk of being prosecuted or otherwise suffering financial damages is still practically nil, so the worst you have to fear is your ISP cutting you off -- whoop de doo, go uncover another rock and sign up with a new one.
The ISP's View:
It costs little more than a little bandwidth to send a million emails. It costs a little in reputation to be weak on busting spammers' accounts. Signing up a new customer is a profit.
The User's View:
Here's where the "cost" of spam is high, and consequently where most of the effort in fighting it has been made. Most users either just delete or have software to keep spam out of their inbox. Some people are careful about how they publish their email address. Some use blacklists or (more recently) whitelists. The cost to receive an email is fortunately low or nothing.
When the cost of spam becomes too high to ignore, for spammers to send or ISPs to relay, spam will decrease. It already has started to become more expensive: some ISPs have strong anti-spam policies and measures; some laws have been passed against spam; and there is quite a bit of software to deal with spam at the recipient end. But that's not enough, as evidenced by the continuing growth in spam.
Eventually, spam will be dealt with more strongly at the source. It has to be sufficiently painful first, and the pain is starting to be felt by ISPs and others involved in relaying email. I expect the situation to be much better a couple years from now.
-Thomas
In the trite words of a screaming Chris Tucker, "Do you understand the words coming out of my mouth?
Here's what typically happens.
1. SPAMMER gets account on your ISP
2. SPAMMER SPAMS from your ISP
3. Someone reports SPAMMER
4. SPEWS sends warning to your ISP
5. ISP does nothing
6. SPEWS blocks small IP range, sends second warning
7. ISP does nothing
8. SPEWS blocks larger IP range, sends third warning
9. YOU get blocked (It's obvious your ISP doesn't care about your connection)
10. ISP finally takes appropriate action, SPEWS unblocks ISP
If SPEWS didn't follow that procedure, then shame on SPEWS. If you're ISP didn't respond to SPEWS, then shame on your ISP.
Either way, Sounds like you need to get another ISP that actually cares about keeping the connection up for its legitimate customers.
"Communism is like having one [local] phone company " - Lenny Bruce
I was getting so much spam on my dial-up account that it sometimes took me 20 mins to download mostly useless, if not offensive, email. Sorting it automatically by client-side methods (e.g. SpamAssassin) wasn't helping the download time, since you still have to download the blasted spam before you sort it.
So I got rid of my contaminated address. I created an account on two web sites: www.spamgourmet.com (free) and www.sneakemail.com (mostly free).
Spamgourmet allows you to create an infinity of different email addresses all going to your POP3 account, by adding various prefixes. So say, to take a recent example, that your account is SpammerMaimer and you want to subscribe to, oh, MIT Technology Review's newsletter. You create an address called MITTechReview.20.SpammerMaimer (@ the SG domain). The "20" in the middle word of the address gives them 20 shots at emailing you before the address shuts itself down (and you can manually reset the counter).
Then, surprise! This stupid magazine sells your address to several spammers. On top of that, their forum system is spammer-friendly because it encourages email address collection.. You know that it's them, because you haven't given that address to anyone else. So what do you do? You go to your Spamgourmet account and shut down that MITTechReview.20.SpammerMaimer address. Problem solved.
For truly one-shot emails, I use sneakemail, which creates disposable addresses that you can disable individually.
The hardest thing is to keep the old address active for a while until all your usual correspondants have been informed of your new address. Then, when you switch your ISP email address, you just have to change the forward address in SG and Sneakemail.
Highly recommended.
--
Mad science! Robots! Underwear! Cute girls! Full comic online! http://www.girlgeniusonline.com/
What's to prevent you@bar.com from getting SPAM in his mailbox or spammers on his whitelist with this scheme? Basically, you have a box receiving an email, and then talking to the sender of the email to verify that the signature was his and correct.
But I (as a hypothetical spammer) can make a signature in any name, and I can set up any accounts on any hostname I like rather easily. So a spammer could get messages into your box and get a name (even if it's a throwaway name) onto your whitelist without any human intervention. He has his certify address always respond in the affirmative, and voila.
- Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.