Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spam Conference in Boston

Posted by michael on from the just-provide-your-email-address-to-register dept.

bpfinn writes "Are you working on your own anti-spam solution? Would you like to compare notes with other coders? You'll get your chance at the Spam Conference in Cambridge on January 17, 2003. Among the speakers are: Paul Graham (of "a plan for spam" fame), ESR, John Graham-Cumming (of "POPFile" fame), and Matt Sergeant from MessageLabs. According to the homepage, this conference will be very informal: "no fees, sponsorships, proceedings, luncheons, contests, etc. Just a series of quick, concentrated talks, and then we all go off and get Chinese food." Slashdotters who are peeved about spam can register here."

30 of 229 comments (clear)

  1. Oh I didnt know by brejc8 · · Score: 4, Funny

    What they should do is to advertise the event using popups.

    --
    Mouse powered Chips, Open source Processors and Lego
  2. Heh by Em+Emalb · · Score: 5, Funny

    "Are you working on your own anti-spam solution? Would you like to compare notes with other coders?"

    If you are, and would like the NATIONAL EXPOSURE only email can get you, call the number listed below. You will be giving MILLIONS the opportunity to receive your amazing breakthrough via email.

    To unsubscribe (suckers!!) please click the link below.

    --
    Sent from your iPad.
  3. Sweet! by intermodal · · Score: 5, Insightful

    A conference where they actually confer and (As implied by going to eat together) discuss what they're talking about rather than just visiting booths. It's about time some of that hacker-ethic efficiency made its way to the computer conference world.

    --
    In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
    1. Re:Sweet! by Zeinfeld · · Score: 3, Insightful
      A conference where they actually confer and (As implied by going to eat together) discuss what they're talking about rather than just visiting booths. It's about time some of that hacker-ethic efficiency made its way to the computer conference world.

      Well that is pretty much how conferences start. They begin as a technical session with 5 experts talking and 50 people in the audience, then the next year there are more people and the program gets longer. The year after that there is an exhibition which the year after becomes an exhibition floor. After that the whole thing goes downhill and turns into a trade show.

      That is exactly how the RSA Conference and Interop began.

      I am somewhat disappointed by the means of choosing the papers, basically the first people to propose a talk. As a result the spam conference will only be discussing filtering approaches based on identifying the spam. The alternative approaches based on authenticating the genuine signal simply won't get a hearing.

      The problem with filtering approaches is that they only work as long as the attacker does not have access to the filter. If the attacker does have access to the filter they can repeatedly test and modify their spam until it gets through. That is why the filtering built into Outlook fails, the attackers have access to the filter and can use countermeasures.

      Filtering techniques are a hacker solution, they only solve the problem for the small community of hackers that use them. Once they are used generally they fail.

      --
      Looking for an Information Security student project suggestion?
      Try http://dotcrimeManifesto.com/
  4. security? by 2MuchC0ffeeMan · · Score: 3, Funny

    umm...

    since spammers and advertisers always stay one step ahead of technology, shouldn't users register to get in?

    i know there's a few spam artists out there i'd like to keep out. any open source software or ideas they come up with and speak about may be directly spoken to the enemy.

    granted, this is worst case scenerio, but oh well

    --
    Runnin' On Empty .... I'm Still Alive
  5. Focus by The+Bungi · · Score: 5, Insightful
    I do hope they focus on the bandwidth problem. We've all seen the recent stories here about the slimeball spammer who's return rate is something to the tune of 0.000001% for 100 million messages. Or some such statistic. And yet he's swimming in $$.

    The better spam filters get, the more horsepower these fuckers are going to put into plying their trade. That 100 million herbal viagra batch didn't work? Oh, OK, let's send out 1 billion messages then.

    Their capacity to add processing power to their operations will grow exponentially as the efficiency of spam blocks increases. But there's only so much bandwidth to go around. Ergo, suffer the ISP (mine and yours, not theirs). Something's gotta give.

    I shudder to even contemplate it, but unless their revenue stream is cut off, this is going to continue. And that means educating users to NOT FUCKING BUY ANYTHING SOLD THROUGH SPAM. Until then, well...

    1. Re:Focus by MacAndrew · · Score: 4, Insightful

      I shudder to even contemplate it, but unless their revenue stream is cut off, this is going to continue. And that means educating users to NOT FUCKING BUY ANYTHING SOLD THROUGH SPAM. Until then, well...

      Yes, but ... the crowd that's buying herbal Viagra is a tough one to reason with by definition. Then there are the "get rich quick" suckers -- just try explaining basic math to them.

      There's an old saying that some people will buy anything. Spamming is about locating them. The rest of us get caught in the overspray.

    2. Re:Focus by sfe_software · · Score: 3, Insightful

      I happen to agree that the bandwidth eaten by spam is the ultimate problem...

      For me personally, bandwidth isn't an issue. I'm on DSL, my servers are locked up tight and not contributing to the problem... for me, the problem is that 95% of the time my "New Mail" alert goes off, it's all SPAM. I don't care about the bandwidth issues; doesn't affect my home connection much, and doesn't affect my server's connection at all. It's my time.

      My solution? Well, I haven't found a perfect solution, but (given that bandwidth isn't my main concert) Mozilla's bayessian (sp?) filtering is working well so far. Hopefully the next major Moz release will handle this better.

      Currently (1.3a) it marks SPAM as "Junk" mail automatically. After only a few days it easily recognized SPAM. After a week there have been NO false positives. After 2 weeks it seems to be dead-on accurate.

      Hopefully the next Moz release will let me do more with it (such as NOT playing my "New Mail" sound, marking them read, moving them to a Junk folder, etc). So far 1.3a is showing serious promise, at least in the filtering part. It uses Bayessian filtering (based on the Plan for Spam article linked above -- a good read if you haven't seen it), and is quite good so far. I would personally be happy if, using the Mozilla current implementation, I could never see mail Mozilla sees as "Junk" mail.

      My point was simply that for me, bandwidth isn't the problem -- and I run several (not open-relay) mail servers -- rather, the problem is the time I spend manually filtering SPAM from real mail (running several domains). Bayessian filtering is perfect, as it's based on the individual user. It's what got me to try Mozilla mail again in the first place (first time since M12), and already, just having it mark them as "Junk", it's saved me a ton of time.

      --
      NGWave - Fast Sound Editor for Windows
    3. Re:Focus by IntlHarvester · · Score: 3, Interesting

      You don't get it. The product being sold by spam isn't Herbal Viagra or College Diplomas -- it's the spam itself.

      It's a pyramid scheme. It's not about selling the product. It's about convincing people to pay you to sell their product through spam, to buy your address lists, or buy your spam software.

      It's not about the people stupid enough to buy, it's about the people stupid enough to think "With all this spam, someone out there must be buying."

      A large percentage of spam doesn't even have a valid contact address/url/phone. It's purely about claiming to prospective clients that you can deliver X messages or have Y valid addresses.

      So, go ahead and convince grandma not to buy any spam prodcuts. Great. Meanwhile these guys are on a sales arms-race that will eventually render standard netmail useless.

      --
      Business. Numbers. Money. People. Computer World.
  6. Spam Conference... by VistaBoy · · Score: 5, Insightful

    Because we're having a conference on spam to begin with already means that the spammers have won. Besides, what keeps spammers from attending the conference and figuring out how all the spam guarding stuff works?

    1. Re:Spam Conference... by glwtta · · Score: 5, Funny
      Besides, what keeps spammers from attending the conference and figuring out how all the spam guarding stuff works?

      We'll all talk really quietly.

      --
      sic transit gloria mundi
  7. Prevent SPAM instead of trying to deal with it.... by 8BitWimp · · Score: 5, Insightful

    Its ironic that this conference (and other discussion groups) are focusing on dealing with, filtering, and otherwise trapping SPAM. It appears that the only solution to eliminating SPAM is to develop a completely new architecture for handling email which would simply not provide mechanisms for the broadcast of SPAM, and the hijacking of mail servers. Spammers are just as ingenious as the folks valiantly trying to filter it. Until we consider a new approach, we will just be battling an ever growing volume of SPAM mail.

  8. An Anti-Spam Solution? by Lucas+Membrane · · Score: 4, Funny

    There is no such thing as anti-spam, thank goodness. If there were, and if the spammers sent it spam, the spam would be gone, but copious gamma rays and neutrinos would result, and the bystanders would all die from the radiation.

    1. Re:An Anti-Spam Solution? by geekoid · · Score: 3, Funny

      if the event took place on the spammers box, I really wouldn't have much of a problem with that... ;)

      --
      The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
  9. The only spam conference needed... by MillionthMonkey · · Score: 5, Funny

    This problem is not difficult to solve. All you need is a "conference" of enraged global villagers marching up the road to Alan Ralsky's house equipped with dynamite, pitchforks, Bayesian filters, and burning torches! We could bring some diplomas from prestigious nonaccredited universities to get the fire going. And afterwards everyone gets Chinese food.

    OK, maybe it wouldn't solve the problem, but it would make great reality TV. Wouldn't you rather watch a spammer get lynched than sit through yet another gold digger beauty pageant on FOX?

  10. where have i seen this before by Dylan_t_p · · Score: 3, Informative

    could it be here?? here?

    oh well since it's about spam only makes sense to post it more than once.
  11. Register for the conference.... via email? by NineNine · · Score: 4, Funny

    Doesn't this seem just a bit fishy to anybody else?

  12. My spam solution by archnerd · · Score: 4, Informative

    I use SpamAssassin, combined with some scripts available here. Since I implemented this system last month, I have gotten exactly one piece of spam, and it got through because the body contained nothing except a URL.

  13. How to End Spam in Four Easy Steps by mark_space2001 · · Score: 5, Funny
    1. Declare Spammers are terrorists.

    2. Fly a C130 "Ghost" Gunship over their house.

    3. Open Fire.

    4. Enjoy "Miller" brand beer in a Spam Free world.

  14. Darn by anotherone · · Score: 4, Funny
    I was hoping that this would be a conference for spammers rather than anti-spam coders...


    Then we could destroy them all in one place.


    Finally a cause the entire internet community could rally around.

    --
    Username taken, please choose another one.
  15. Re:Prevent SPAM instead of trying to deal with it. by SnakeStu · · Score: 3, Informative

    I've been promoting this notion for a couple years at least, while at the same time offering a spam filtering tutorial for Pegasus users. I've seen others also promoting the same general concept, sometimes with more details. However...

    "One's feelings waste themselves in words; they ought all to be distilled into action[s]... which bring results."
    Florence Nightingale

    To see this happen, somebody needs to do it rather than talking about it. A technical demonstration, at the very least. And if I'm missing something and there's something like this in the works, it needs publicity, development support, testing, etc. to take it "out of the lab" and moving toward common use.

    --
    No Laughing Allowed!
  16. Repeat repeat repeat article by Rik+van+Riel · · Score: 3, Funny

    If this conference is anti-spam, why are they using slashdot to spam for this conference ?

    This thing must have been featured 3 or 4 times on slashdot now...

  17. Re:Prevent SPAM instead of trying to deal with it. by 8BitWimp · · Score: 3, Insightful

    I would suggest a second and parallel email channel be introduced. Leave the current sendmail system in place. Those desiring better email and no spam will migrate to the new channel. Those who don't care can remain on the SPAM channel.

  18. Great for Spammers... by toupsie · · Score: 3, Insightful

    What could be better for a professional Spammer than attending an Anti-Spam Conference? Learn all the techniques and issues you will have to encounter in the upcoming months. I would be on the look out for people wearing too many gold chains reaking of hottub clorine wanting to make your penis larger in less than 7 days while offering you a Micro RC Car.

    --
    Strange women lying in ponds distributing swords is no basis for a system of government.
  19. Re:Prevent SPAM instead of trying to deal with it. by blamanj · · Score: 3, Interesting

    It appears that the only solution to eliminating SPAM is to develop a completely new architecture for handling email...

    Not true. The simplest solution is economic. If raise the cost of sending e-mail by as little as one penny / thousand e-mails, most spam becomes uneconomical. Poof, the spammers go out of business.

  20. Re:Repost? by dacarr · · Score: 3, Informative

    Sort of - there was an article earlier about it. Of course, now that ESR has confirmed, they had to rehash teh article. =^_^=

    --
    This sig no verb.
  21. Trusted mail servers and TLS by Nonesuch · · Score: 5, Informative
    We've been talking with the Open Group on a couple of different approaches to implement the concept of "trusted servers" for SMTP.

    One approach would be to use TLS with certificates signed by trusted anti-spam certification agents, and give TLS mail priority over plain-old cleartext SMTP.

    Basically, nearly all current anti-spam techniques (one exception being whitelisting) work on the concept of "marking down" certain messages or sending hosts as being less trusted. Our goal is to use TLS and other approaches to apply the concept of "elevating trust", of elevating the trust level of certain hosts and messages.

    --

    I do not deploy Linux. Ever.
  22. Re:Haven't heard about this for a while by littleRedFriend · · Score: 3, Interesting

    I'm sure someone came up with this idea already. But these spammers have lists of E-mail adresses, mostly coming from automatic E-mail harvesters.

    If everyone put a couple of pages with a few hundred thousand fake E-mail adresses (automatically generated) wouldn't that make these lists less valuable.

    It would increase the amount of spam at first, but given enough fake adresses, it would come down in the end. It's a number game, to put someone who "owns" 1 million real E-mail adresses out of business, you would need to post some 100 million fake ones for him to harvest. That is no more than 2.5 Gb of HTML and some coordinated effort.

    mmmm...

    --
    IANAL, but imagine a beowulf cluster of in Soviet Russia all your belong are base to us welcoming the new SCO overlords.
  23. My plan for spam by gad_zuki! · · Score: 3, Interesting

    >And that means educating users to NOT FUCKING BUY ANYTHING SOLD THROUGH SPAM

    Why the carrot and not the stick? Imagine spam honeypots luring the people who answer spam into giving up their credit cards and posting them publicly. Or listing names of people who visit honeypot sites like animalsexxxxxxx.com through a spam click. Make sure to report them to their employer if this is done during 9-5.

    Then we'll see the obligatory news articles about hackers co-opting spam. Something tells me that all the spam marketers and companies that use spam won't be much of a problem when Joe Blow is worried about hackers and losing his job over spam.

  24. slightly OT-postini spam relay by Maskirovka · · Score: 3, Interesting
    I receive about four spams per day, but as opposed to deleting them, I look at their headers, run a trace tool, and notify the service providers and upstream ISPs. This usually limits the amount of spam I get from a specific asshole for a while. There's one that keep bugging me however: exprodmx15.postini.com (the 15 changes to diff numbers periodically).

    According to the website, postini is a spam filtering company. Doesn't it seem a little bit strange that they'd host a spam relay? Exodus (postini's primary provider) doesn't seem to care too much, since postini is a well to do business. Postini sends an automated response that says "this message is only passing through postini's mailserver. it's not our problem". My first thought would be that postini is running open mail relays as a form of gaurilla advertising to spam busters, but it seems a little bit far fetched. I don't keep a list of addresses or domains, but postini is the only one that i've noticed for about a month that keeps reacuring.Is this sort of thing normal?