Slashdot Mirror

← Back to Stories (view on slashdot.org)

Aggressive Email Filtering Blocks Political Debate

Posted by CmdrTaco on from the been-there-done-that dept.

Stephen writes "Many of us have spam blockers operating on our mail. But according to this BBC article, when British members of parliament starting having their emails filtered last month, it stopped them talking about genuine political business such as the Sexual Offences Bill, and prevented them receiving some constituents' emails." This problem has bit me on the bum a few times too. About 1 message in every 250 spam is a false hit. Course thats about once a day :(

11 of 392 comments (clear)

  1. Maybe good by jhouserizer · · Score: 4, Insightful

    These types of incidents may be good in the long run - if it makes law makers "wake up" to the problem of spam.

    ...We can only hope... Perhaps we could even start bombarding law makers with spam ourselves? - that would raise their awareness!

  2. Remove all their filters by 3vi1 · · Score: 5, Insightful

    I think polititians shouldn't have any filters on their e-mail.

    After about 2 weeks of what the average person goes through, we'd see stronger anti-spam legislation/penalties.

  3. False Positive by propheci · · Score: 5, Insightful

    the problem is that just by knowing there could be a false positive, you have to examine all your filtered spam, which makes the spam filter useless in the first place.

  4. The type of spam filtering? by mrs+clear+plastic · · Score: 4, Insightful

    I can easily see why this may be happening. The types of filters that use keywords can easily fall into this.

    I understand that keywords and phrases such as
    'free money' 'zero percent financing' 'win
    million dollars' 'sex xxxxx pictures!' and so
    on can trigger many filters.

    I would like to think that the better designed
    filters would use a combination of key words as
    well as suspicious domain names and/or IP
    address blocks to do filtering.

    The spam filter that is used on my email account does not filter out, but it does add the word
    'SPAM?' into the subject line of the email message. I can then see right away if it is
    really spam or is something mistaken by the filter for spam. The message is not blocked, though.

    Mark

    --
    Cleara
  5. Re:Spam filter = Censorship by Kombat · · Score: 5, Insightful

    You're confusing the right to free speech with the privilege of being heard.

    --
    Like woodworking? Build your own picture frames.
  6. filtering is good.... by morgajel · · Score: 5, Insightful

    ...but not perfect.
    Ok, here's the situation as I see it.
    We have a problem: Spam

    We need a solution.
    So far filtering has been working good and is slowly getting better, but there's always gonna be the chance for false positives.
    so how do we stop this?
    I have no clue.
    We should probably start cracking down on open relays, even use governmental pressure if needed (on spammers in our countries and on the governments of other countries). They serve no real purpose other than facilitaing spam.
    What else can we do? Go after spammers legally. We need to make them pay. I bet if 1000 people sued ralsky for $500 a piece he'd start to take notice, but he still wouldn't learn. Some states, like washington, are doing that, and it seems to be working, or at least getting the spam recievers a little extra cash. If I lived there, I know I'd try it at least once. Hell, I might even pay for my braodband connection with the money I got from spammers:)

    I've heard people recommend opt-out lists like they use for telemarketers- that's not gonna work because spammers are much more slimy- they'll use the opt-out list as a verified list.

    We're not left with many choices, besides educating people to simply delete spam and DON'T buy from it. make it cost spammers money. if they sell even one thing, they they're winning.

    I took a slightly fun approach. I'm building a list of 'legit' companies that sell your email address to spammers. What I did was bought a domain, and whenever I signed up for something, I used the companies name@ the domain, and had it all forward to one account. so when I get spam to musiccity@mydomain.com, I know that musiccity sold my email address (which they did).

    Does anyone else have any Ideas how to stop spam? if so, save the redundant mods and reply.

    --
    Looking for Book Reviews? Check out Literary Escapism.
  7. False positives are a fact of life by sludg-o · · Score: 4, Insightful

    We offer SpamAssassin at the college where I work. I always tell new users that any spam blocking system, no matter how good, will eventually block something that was legitimate. That's why I don't write procmail recipies that redirect mail flagged as spam to /dev/null. You gotta put it in a seperate folder and you are asking to get burned if you don't skim the subjects and senders every couple days. Also, they should be whitelisting messages from addresses in their domain.

    I don't see how this is news. It's just an example of bad system administration.

  8. Hit-and-miss filters by Xesdeeni · · Score: 5, Insightful

    By definition filters are hit-and-miss and non-deterministic. I get almost exclusively SPAM with spoofed return addresses. How about this solution:

    1. Sending mail server generates a tx content key based on the contents of an e-mail being sent.
    2. Sending mail server uses the tx content key with a private key to create a confirmation key.
    3. Sending mail server sends the e-mail, along with the confirmation key to the receiving server.
    4. Receiving mail server generates a rx content key from the e-mail contents.
    5. Receiving mail server sends the rx content key and the confirmation key back to the sending mail server.
    6. Sending mail server uses its private key plus the rx content key to re-generate the confirmation key.
    7. Sending mail server compares the confirmation keys.
    8. If the keys match, the receiving mail server allows the mail to enter the recipient's mailbox.
    9. If the keys don't match, the mail is bounced.

    The keys are in place to keep the SPAMmer from tagging along on a valid return address with mail that address didn't send. This technique also keeps the second transaction to a minimum exchange of keys. The keys add traffic, but the eliminated SPAM traffic more than makes up for the penalty. As more and more mail servers are updated with this feature, spoofing is all but eliminated. The remaining "spoofable" domains can be explicitly severed from the net or blocked.

    Xesdeeni

  9. Comment removed by account_deleted · · Score: 4, Insightful

    Comment removed based on user account deletion

  10. Re:Maybe Wake Up Call for "Filters" by Zeinfeld · · Score: 5, Insightful
    As stated lower in this thread, if you have to manually check your spam folder for "false positives", the filter is utterly useless since you are still checking for spam

    I attended the conference on spam at MIT. The conference would have been more accurately labelled a 'solving spam with the hammer we know about' conference since no other solutions were accepted - although several people besides myself submitted authentication based papers.

    The big problem with the Bayes approach is false positives. Lots of great statistics were quoted but the claims were simply not credible. I don't believe that Spam is such a simple problem that the performance of naive Bayesian techniques is several orders of magnitude better on that problem than any other.

    So really the trick is to swing the problem arround. START from the problem of making sure that anyone with a legitimate reason to contact me can do so without interference from statistical filtering techniques. The proper place to apply those is on the mail I cannot authenticate in that way.

    I dislike the bounce-back loop as a filter for personal correspondence. I think it is great for the purpose of a lightweight authentication mechanism for mailing list subscriptions. I get very irritated when people use it to filter email, particularly since all my email is signed. People should not substitute their ad hoc authentication mechanisms without first supporting deployed standards.

    The other problem with call back loops is that if they are used widely they will become a bigger problem than the spam, this is why I have been urging Microsoft et. al. NOT to support them. The trick that the spammers have developed to get round the callback loop is to steal addresses off mailing list archives and send forged messages to the other members of the list. So work out the effect that deployment of the naive bounceback hack would have.

    --
    Looking for an Information Security student project suggestion?
    Try http://dotcrimeManifesto.com/
  11. Re:Work around by AndroidCat · · Score: 4, Insightful
    Most filters don't block HTML and GIF files.

    Oh? Many people set their filters to tag'n'bag (or simply dump) any non plain-ascii email. I treat any email with HTML, base64, or an attachment of any kind as probably spam and potentially dangerous, and inspect it before reading it.

    --
    One line blog. I hear that they're called Twitters now.