Slashdot Mirror

← Back to Stories (view on slashdot.org)

Aggressive Email Filtering Blocks Political Debate

Posted by CmdrTaco on from the been-there-done-that dept.

Stephen writes "Many of us have spam blockers operating on our mail. But according to this BBC article, when British members of parliament starting having their emails filtered last month, it stopped them talking about genuine political business such as the Sexual Offences Bill, and prevented them receiving some constituents' emails." This problem has bit me on the bum a few times too. About 1 message in every 250 spam is a false hit. Course thats about once a day :(

25 of 392 comments (clear)

  1. Maybe good by jhouserizer · · Score: 4, Insightful

    These types of incidents may be good in the long run - if it makes law makers "wake up" to the problem of spam.

    ...We can only hope... Perhaps we could even start bombarding law makers with spam ourselves? - that would raise their awareness!

  2. Remove all their filters by 3vi1 · · Score: 5, Insightful

    I think polititians shouldn't have any filters on their e-mail.

    After about 2 weeks of what the average person goes through, we'd see stronger anti-spam legislation/penalties.

  3. False Positive by propheci · · Score: 5, Insightful

    the problem is that just by knowing there could be a false positive, you have to examine all your filtered spam, which makes the spam filter useless in the first place.

    1. Re:False Positive by antis0c · · Score: 2, Insightful

      Not entirely. I have all my potential spam filtered into a SPAM folder. That's only potential spam, things like vbs worms are deleted by the mail server with procmail.

      I then just take a quick glance at my SPAM folder and all the subjects, I get around 400 spams a day, so it takes maybe a minute to scroll through real quick, anything that's potentially not spam, maybe 10 mail messages, I actually look at the body. If not, I just delete the entire contents of the folder immediately.

      It's not fool proof, but I have caught a number of emails that were from family that happened to have various spam-like features in the body, but the subject and from were obviously from my family. Doesn't seem so useles to me.

      --

      ..There's a-dooin's a-transpirin'
  4. The type of spam filtering? by mrs+clear+plastic · · Score: 4, Insightful

    I can easily see why this may be happening. The types of filters that use keywords can easily fall into this.

    I understand that keywords and phrases such as
    'free money' 'zero percent financing' 'win
    million dollars' 'sex xxxxx pictures!' and so
    on can trigger many filters.

    I would like to think that the better designed
    filters would use a combination of key words as
    well as suspicious domain names and/or IP
    address blocks to do filtering.

    The spam filter that is used on my email account does not filter out, but it does add the word
    'SPAM?' into the subject line of the email message. I can then see right away if it is
    really spam or is something mistaken by the filter for spam. The message is not blocked, though.

    Mark

    --
    Cleara
  5. Re:Subject line? by Carbonite · · Score: 2, Insightful

    Imagine that this system was widely used and every week/month everyone had to figure out which codes they had place in their subject line to communicate with people. Also, how many minutes do you think it would take for the spammers to write a script that scanned the bounced message and append the code to the next round of e-mail?

    --
    ich muß mehr Kuhglocke haben
  6. Re:Spam filter = Censorship by Kombat · · Score: 5, Insightful

    You're confusing the right to free speech with the privilege of being heard.

    --
    Like woodworking? Build your own picture frames.
  7. Re:Glad I don't live there by citog · · Score: 3, Insightful

    Because most of the people they should be talking to , i.e. constituents, also use this insecure system. In reality, most of the politicians I know use email aren't discussing state nuclear secrets or troop movements. If certain politicians are likely to leak sensitive information this way I would be far more concerned about what gets picked up from the far more insecure system - VoA (Voice over Air)

  8. Public email? by briancnorton · · Score: 3, Insightful
    It's truly amazing that anybody could make an attempt to use their public email for official business. In general, three accounts is all that you need to never have to read spam again.

    Specifically for the parliment, I dont see why they dont just whitelist all other parliment members.

    --

    People who think they know everything really piss off those of us that actually do.

  9. filtering is good.... by morgajel · · Score: 5, Insightful

    ...but not perfect.
    Ok, here's the situation as I see it.
    We have a problem: Spam

    We need a solution.
    So far filtering has been working good and is slowly getting better, but there's always gonna be the chance for false positives.
    so how do we stop this?
    I have no clue.
    We should probably start cracking down on open relays, even use governmental pressure if needed (on spammers in our countries and on the governments of other countries). They serve no real purpose other than facilitaing spam.
    What else can we do? Go after spammers legally. We need to make them pay. I bet if 1000 people sued ralsky for $500 a piece he'd start to take notice, but he still wouldn't learn. Some states, like washington, are doing that, and it seems to be working, or at least getting the spam recievers a little extra cash. If I lived there, I know I'd try it at least once. Hell, I might even pay for my braodband connection with the money I got from spammers:)

    I've heard people recommend opt-out lists like they use for telemarketers- that's not gonna work because spammers are much more slimy- they'll use the opt-out list as a verified list.

    We're not left with many choices, besides educating people to simply delete spam and DON'T buy from it. make it cost spammers money. if they sell even one thing, they they're winning.

    I took a slightly fun approach. I'm building a list of 'legit' companies that sell your email address to spammers. What I did was bought a domain, and whenever I signed up for something, I used the companies name@ the domain, and had it all forward to one account. so when I get spam to musiccity@mydomain.com, I know that musiccity sold my email address (which they did).

    Does anyone else have any Ideas how to stop spam? if so, save the redundant mods and reply.

    --
    Looking for Book Reviews? Check out Literary Escapism.
    1. Re:filtering is good.... by micromoog · · Score: 2, Insightful
      I've worked for a few opt-in mailers so I know the game. Trust me when I say that we don't want to send to you if you don't want it.

      This doesn't apply to spammers. It costs essentially nothing to send another 10,000 messages . . . why not send them to known verified addresses, just in case the people change their mind about wanting it.

      Spam is different from other "direct marketing". It's not a "legitimate business" in any sense of the words. With almost zero costs, even a 0.01% response rate is pure profit. I have no doubt that an opt-out (or opt-in) system wouldn't do shit.

    2. Re:filtering is good.... by Darren+Winsper · · Score: 2, Insightful

      That's wrong. While there are legitimate "spammers", I'd hesitate to even call them a spammer. If I opt-into something, then surely it's not spam because I asked for it.

      The problem is the people who send me spam and then, if I attempt to opt-out, seem to think "hmm...maybe he means 'send me 6,000,000 more spams'".

    3. Re:filtering is good.... by nycsubway · · Score: 2, Insightful

      My girlfriend showed me how she was getting off the spammers lists by clicking the "remove" links in each email. Against my better judgement, I tried it too. It worked! Those spammers stopped sending me junkmail! But... it simply confirmed that my address was valid and they sold it to other spammers. So I ended up getting more spam than before.

      On a seperate note, the best method to getting rid of spam is to get a new email address.

      --
      http://github.com/gbook/nidb
    4. Re:filtering is good.... by bovilexics · · Score: 2, Insightful

      • one could push spammers to the brink of profitability

      I guess it's my turn now to cash in on the 1, 2, 3 profit making list. According to this post you have inadvertently filled in the elusive step 2.

      1. Send spam.
      2. ???
      3. Profit!

      I am sure you meant to say "unprofitability" which is much more desirable and I think is what you were after.

      If not then may God help us all, there is someone pushing for profitability of spammers on slashdot - Noooooo!

      --
      Are you bovilexic? Moo!
  10. False positives are a fact of life by sludg-o · · Score: 4, Insightful

    We offer SpamAssassin at the college where I work. I always tell new users that any spam blocking system, no matter how good, will eventually block something that was legitimate. That's why I don't write procmail recipies that redirect mail flagged as spam to /dev/null. You gotta put it in a seperate folder and you are asking to get burned if you don't skim the subjects and senders every couple days. Also, they should be whitelisting messages from addresses in their domain.

    I don't see how this is news. It's just an example of bad system administration.

  11. Hit-and-miss filters by Xesdeeni · · Score: 5, Insightful

    By definition filters are hit-and-miss and non-deterministic. I get almost exclusively SPAM with spoofed return addresses. How about this solution:

    1. Sending mail server generates a tx content key based on the contents of an e-mail being sent.
    2. Sending mail server uses the tx content key with a private key to create a confirmation key.
    3. Sending mail server sends the e-mail, along with the confirmation key to the receiving server.
    4. Receiving mail server generates a rx content key from the e-mail contents.
    5. Receiving mail server sends the rx content key and the confirmation key back to the sending mail server.
    6. Sending mail server uses its private key plus the rx content key to re-generate the confirmation key.
    7. Sending mail server compares the confirmation keys.
    8. If the keys match, the receiving mail server allows the mail to enter the recipient's mailbox.
    9. If the keys don't match, the mail is bounced.

    The keys are in place to keep the SPAMmer from tagging along on a valid return address with mail that address didn't send. This technique also keeps the second transaction to a minimum exchange of keys. The keys add traffic, but the eliminated SPAM traffic more than makes up for the penalty. As more and more mail servers are updated with this feature, spoofing is all but eliminated. The remaining "spoofable" domains can be explicitly severed from the net or blocked.

    Xesdeeni

  12. Well.. DUH.. by Anonymous Coward · · Score: 1, Insightful

    Filters suck.. always have always will..

    Instead of actually dealing with the REAL problem they decided.. lets filter it..

    Kinda like a college kid that can't do breast cancer research at the skool library because they've got a net-nanny enabled that says the word breast is bad.. same thing goes with grandma at hte library looking up a recipe for fried chicken breasts..

    They should go after the spammers and not filter stuff.. isolating yourself from the problem isn't the same as actually fixing the problem.. hopefully they'll wake up and notice this..

    probably not though..

  13. No, That's a real problem with a democracy by intermodal · · Score: 3, Insightful

    So, maybe the UK could restrict access to just professional lobbyists, it works very well in the US.

    Works well for who? I don't see how it helps the average joe citizen who wants to get his point across unless he donates money somewhere. Corporations have tons of cash to throw at it. So if Jimmy Lobbyist has more access than Joe Sixpack, thats a problem. repetition and filtering be damned. It is the duty of a representative democracy to represent those they are representative of, and if they aren't willing to take into account every email and letter and fax and phone call they get in their decisions, then it's a stone's throw away from not having elections at all, especially when you consider that when voting the only two candidates who generally have a chance is a lesser of two evils situation.

    --
    In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
  14. Comment removed by account_deleted · · Score: 4, Insightful

    Comment removed based on user account deletion

  15. Re:Maybe Wake Up Call for "Filters" by Zeinfeld · · Score: 5, Insightful
    As stated lower in this thread, if you have to manually check your spam folder for "false positives", the filter is utterly useless since you are still checking for spam

    I attended the conference on spam at MIT. The conference would have been more accurately labelled a 'solving spam with the hammer we know about' conference since no other solutions were accepted - although several people besides myself submitted authentication based papers.

    The big problem with the Bayes approach is false positives. Lots of great statistics were quoted but the claims were simply not credible. I don't believe that Spam is such a simple problem that the performance of naive Bayesian techniques is several orders of magnitude better on that problem than any other.

    So really the trick is to swing the problem arround. START from the problem of making sure that anyone with a legitimate reason to contact me can do so without interference from statistical filtering techniques. The proper place to apply those is on the mail I cannot authenticate in that way.

    I dislike the bounce-back loop as a filter for personal correspondence. I think it is great for the purpose of a lightweight authentication mechanism for mailing list subscriptions. I get very irritated when people use it to filter email, particularly since all my email is signed. People should not substitute their ad hoc authentication mechanisms without first supporting deployed standards.

    The other problem with call back loops is that if they are used widely they will become a bigger problem than the spam, this is why I have been urging Microsoft et. al. NOT to support them. The trick that the spammers have developed to get round the callback loop is to steal addresses off mailing list archives and send forged messages to the other members of the list. So work out the effect that deployment of the naive bounceback hack would have.

    --
    Looking for an Information Security student project suggestion?
    Try http://dotcrimeManifesto.com/
  16. Re:Filtering just doesn't work by jazman_777 · · Score: 2, Insightful
    The only longterm solution to spam (that I can think of, of course ;) is to create a "new" e-mail community, where servers would only accept e-mail from a list of "trusted" servers. Any server discovered spamming would be kicked off the list in no time. We would end up with a smaller, nicer, cozier e-mail system.

    There is no solution in an open society. Look at all of our communications channels: all the open ones have lots of noise. Mail, phone, your front door, even speech. Mail, radio, TV, and press, where you have to pay to play, has lots of noise. So if you can solve email noise, you should be able to solve it all.

    --
    Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
  17. Re:Work around by AndroidCat · · Score: 4, Insightful
    Most filters don't block HTML and GIF files.

    Oh? Many people set their filters to tag'n'bag (or simply dump) any non plain-ascii email. I treat any email with HTML, base64, or an attachment of any kind as probably spam and potentially dangerous, and inspect it before reading it.

    --
    One line blog. I hear that they're called Twitters now.
  18. One solution... by Natalie's+Hot+Grits · · Score: 2, Insightful

    and one that is in use today, is to not accept any public email at all.

    The US Senate and House of Representatives have their member's websites with a contact page utilizing a web form to submit letters. Since this email address is hidden by the web server, the only spam that could possibly get to senators is someone specifically writing a program to submit information for that specific web form.

    Since no spammer would need to spam senators (unless someone tries to mail bomb them, but that is an other issue all together), nobody would spam them.

    This also solves the problem with the post office mail and anthrax problems that happened just after 9/11. The quickest way to contact your senator is by fax, but even this web form is higher priority than snail mail.

    --
    Two infinite things: your stupidity and mine. But I'm not sure about the latter. If my sig offends you, I'm sorry.
  19. A good thing! by CaptainPhong · · Score: 2, Insightful

    If governments find spam unacceptable, and resort to spam filtering, and then find that unacceptable because of false positives, the next recourse is spam legislation. Therefore, false positives are good.

    --
    ... "Give me a woman who loves beer and I will conquer the w
  20. Re:What a Sick Sales Plug!!! by zcat_NZ · · Score: 2, Insightful

    You would be surprised how many people out there don't understand the concept of just hitting "Reply" to a message. Some call, some forward, some write a dissertation.. It's kind of funny.

    I'm not really surprised. These are the same people who write excessively spam-like messages in the first place. Teaching them to write better (less spam-like) emails, and ignoring them until they can follow simple instructions and use email properly would seem to be the ideal solution to me. :)

    --
    455fe10422ca29c4933f95052b792ab2