Spam Archive opening FTP service December 4

Saint Aardvark writes "The FTP archives for spamarchive.org will be opening on December 4, according to this Wired article. But there already appear to be some archives available." I tried saving my spam for awhile just for giggles, but seeing that file grow to 100+ megs made me so angry I had to delete it. Currently getting ~200 spam every day, and now often they attach images so they are 100k+. Yay Internet!

I wonder

[Woogiemonger]

Wouldn't this spam archive be a form of free advertising?

Re:Sigh

[m0i]

And even whitelists are not 100% reliable: new viruses/trojans may collect emails from addressbooks and send spam with the From field altered to appear like a friend of yours (likely to be in your addressbook..). Now even your friends will spam you! (or so it will seem).
As long as there's no M(ail)T(ransport)P(rotocol) which get rid of the overly S(implistic), without true authentication of the sender, we will get spam because email is public in the first place.
Maybe something like email cookies would be a first step in trying to establish a pseudo-authentication system.

Only 200?

[nurb432]

I get that much on my PERSONAL account, and i also 'manage' spam for a 10K user base..

Somedays, ALL I get done is dealing with spam.

Too bad we cant bill them back for my salary, and lost network resources, like we can do for un-requested faxes.

And arrest them for sending porn with out verifying a person's age. Around here, you would be either fined ( bookstore ) or arrested ( individual ) for trying such a stunt in 'real life'.

Spammers attack archives with copyright threats

[Richard+W.M.+Jones]

As reported in Ask Slashdot (but it didn't make it to the front page), the Great Spam Archive (est. about 3 years ago) has just received a threat of legal action from a spammer over, of all things, copyright infringement.

Rich.

Re:Sigh

[paranoos]

I agree that for home users, who receive legitimate emails only from a (comparitively) small group of friends and family, would benifeit the most from a whitelist filter. However, this would never work for corporations, where they might be receiving many inquiries about goods and services by email. Furthermore, these email addresses are openly published on the company website, thus making them a brighter target for spammers.

The best filter for anybody who maintains a website would be a Bayesian filter, where the mails are analysed, with a database of words contained in spam and non-spam emails. This way, legitimate Nigerian money laundering offers would not be blocked out, while the pr0n stuff goes to /dev/null. I don't receive much email, and I would say that spam might only make up for 25-33% of all the mail I receive, so I can't yet report on the success I've been having with this method, but I am using Bogofilter, an opensource project. You can find it on SF.net

Smarter Spammers

[akheron1]

Of course a blacklist like this will be better than an algorithm for the one reason that if everyone has access to this algorithm to filter their mail, then spammers could possibly just keep sending an e-mail to themself and having it be filtered by all of the different filter algorithms and changing it a bit each time until he/she has custom-tailored that spam to get through all of the filters

FTP? Why not Gopher???

Gopher would be perfect for this type of thing! Why on earth are they using FTP?

Foreign spam??

[Flamesplash]

What about all the Foreign spam out there that doesn't use standard ascii like the archive seems to contain?

Almost all of my spam is from taiwan or china and sadly enough yahoo mail doesn't provide any good way to filter this out when the messages have fake headers. If I could simply filter on something in the Received path then it would help, but all they allow you to do is the From address as far as where the message came from.

Re:Foreign spam??

[PigleT]

Filter on Charset headers instead?

I was going to post my .procmailrc entry here but slashdot censored it saying "too many junk characters". So you'll have to work it out for yourself based on Content-Type headers matching

charset="?(big5|ks_c_5601-1987|iso-2022-jp|euc-k r) "?
instead.

More to the point, you never want to filter based on Received: headers, unless you can safely say that e.g. *no-one* in Korea is ever going to want to contact you. Otherwise, grab the IP# listings from IANA and see what netblocks are assigned to APNIC and score them down in your mail processing rules.

For what it's worth, I've had a lot of success using Bayesian filters to identify dodgy-charset mails - both ifile and bogofilter do a great job.

Re:just wondering

[Matts]

Switching accounts isn't always that easy. My name is Matt Sergeant, and my email address is matt@sergeant.org. I'm just not changing that because someone who lives in a million dollar home thinks my address is his public shit can.

Luckily my job is detecting spam (I'm a SpamAssassin developer too), so I'm actually quite happy to get my address harvested loads of times :-) Bring it on, spammers.

But yes, I get lots of spam. About 100 a day. Not including mailing list subscriptions I get about 5 to 10 regular pieces of email a day. That's a hell of a ratio.

Re:Sigh

[berzerke]

...If we can get the response rate from spam to drop from a quarter of one percent to maybe a tenth of that, we may start to get close to a position where spam actually becomes uneconomic. It's only by achieving that that we'll see the current volume of spam reduced...

I've been kicking around an idea to reduce the response rate, but don't know how to implement it properly (yet!). My idea is to setup what *APPEARS* to be an open relay. Spammer will try to send their garbage through it, but NOTHING will actually get delivered. That's gotta cut the response rate way down (to zero), plus saving a lot inboxes. If the response rate goes low enough, it becomes uneconomical to send spam and the spammers find a new line of work.

Anyone have any pointers for a Postfix installation?

Re:200 spam per day?

[LinuxHam]

That's why I block those accounts

I know its a throwback to the days of yore, but those accounts are required to accept mail per RFC 2142 (scroll down to #5). In this world of total non-compliance, lets offer a moment of silence in memory of how the Internet was *intended* to run. :)

Re:just wondering

[rednaxel]

As many slashdotters, I have several e-mail accounts. One of them, in a major ISP, occurs to have as username my first name (it was available at the time, I'm not so young). Well, this one is simply trashed, with 100+ spams per day. The spammers are making listings of name@isp.com at random, trying several 'name' combinations (like john, johnb, bjohn, and so on). Then repeat all the list for each major ISP and voilá, a enourmous list is created. After a few rounds of spam you know which ones are valid.

Just imagine...

[p_trinli]

...if all the thousands of man hours put into filtering, blacklists, etc., were spent creating and installing a new authenticating mail transport prococol. I know, I know, just like IPv6, it would take years to get everyone to switch over. But right now spam costs lots of money and is just plain annoying, and the situation doesn't seem to be improving much.

I say we go for it. Why not build in an easy-to-use encryption scheme too, so all the Carnivore/RIAA/etc crap won't work?