Spam Conference in Boston

bpfinn writes "Are you working on your own anti-spam solution? Would you like to compare notes with other coders? You'll get your chance at the Spam Conference in Cambridge on January 17, 2003. Among the speakers are: Paul Graham (of "a plan for spam" fame), ESR, John Graham-Cumming (of "POPFile" fame), and Matt Sergeant from MessageLabs. According to the homepage, this conference will be very informal: "no fees, sponsorships, proceedings, luncheons, contests, etc. Just a series of quick, concentrated talks, and then we all go off and get Chinese food." Slashdotters who are peeved about spam can register here."

My spam solution

[archnerd]

I use SpamAssassin, combined with some scripts available here. Since I implemented this system last month, I have gotten exactly one piece of spam, and it got through because the body contained nothing except a URL.

Trusted mail servers and TLS

[Nonesuch]

We've been talking with the Open Group on a couple of different approaches to implement the concept of "trusted servers" for SMTP.

One approach would be to use TLS with certificates signed by trusted anti-spam certification agents, and give TLS mail priority over plain-old cleartext SMTP.

Basically, nearly all current anti-spam techniques (one exception being whitelisting) work on the concept of "marking down" certain messages or sending hosts as being less trusted. Our goal is to use TLS and other approaches to apply the concept of "elevating trust", of elevating the trust level of certain hosts and messages.