Aggressive Email Filtering Blocks Political Debate

Stephen writes "Many of us have spam blockers operating on our mail. But according to this BBC article, when British members of parliament starting having their emails filtered last month, it stopped them talking about genuine political business such as the Sexual Offences Bill, and prevented them receiving some constituents' emails." This problem has bit me on the bum a few times too. About 1 message in every 250 spam is a false hit. Course thats about once a day :(

Maybe good

[jhouserizer]

These types of incidents may be good in the long run - if it makes law makers "wake up" to the problem of spam.

...We can only hope... Perhaps we could even start bombarding law makers with spam ourselves? - that would raise their awareness!

Regulation

[Marco_polo]

I can just imagine the outrage if this happened to the bush administation.

'what do you mean no one got my emails?'

'It seems your.. uh... last name is causing some issues with spam filters sir'

'That's it.. lets bomb the spammers'

Maybe we Slashdot can buy this filter technology..

[gpinzone]

...to eliminate all the dupe stories!

Remove all their filters

[3vi1]

I think polititians shouldn't have any filters on their e-mail.

After about 2 weeks of what the average person goes through, we'd see stronger anti-spam legislation/penalties.

False Positive

[propheci]

the problem is that just by knowing there could be a false positive, you have to examine all your filtered spam, which makes the spam filter useless in the first place.

Re:False Positive

[lessthan0]

A better solution (the one I use) includes a summary report of spam filtered each day. The report lists the number of spams from each sender and I can usually spot valid mail in the list of "From"s without having to look at a single message.

If I spot a false positive, then I dig into my spam archive for that day and check it out.

I use the spastic filter:
http://spastic.sourceforge.net

The type of spam filtering?

[mrs+clear+plastic]

I can easily see why this may be happening. The types of filters that use keywords can easily fall into this.

I understand that keywords and phrases such as
'free money' 'zero percent financing' 'win
million dollars' 'sex xxxxx pictures!' and so
on can trigger many filters.

I would like to think that the better designed
filters would use a combination of key words as
well as suspicious domain names and/or IP
address blocks to do filtering.

The spam filter that is used on my email account does not filter out, but it does add the word
'SPAM?' into the subject line of the email message. I can then see right away if it is
really spam or is something mistaken by the filter for spam. The message is not blocked, though.

Mark

That's a real problem with a democracy

[Hairy_Potter]

how to balance open access to constituents without being overwhelmed.

Perhaps Parliament could consider some of the steps that the American Congress has taken. The American Congress has a de facto filter built in to prevent Joe Random crazy from flooding their representatives with spurious requests. Most Congressional requests, letters, phone calls, faxes and emails are tossed out unless they come from certain designated people known as lobbyists. These lobbyists have worked hard to cultivate contacts in the Congress, and can get better results from one office visit than 1,000 letters from voters. In a way, they're professional access voters.

So, maybe the UK could restrict access to just professional lobbyists, it works very well in the US.

Webmail and "spamlets"

[germinatoras]

A similar problem happens with free Webmail or adversiting-supported e-mail accounts. The small advertisements attached to the bottom (I call them "spamlets") will sometimes trigger mail filters.

Watch out for this if you're sending a message from e.g. Yahoo! to Hotmail, who both attach spamlets and both filter incomming mail. They also will not send rejection notices to the sender, so you may never know if you message got through.

Re:Spam filter = Censorship

[Kombat]

You're confusing the right to free speech with the privilege of being heard.

filtering is good....

[morgajel]

...but not perfect.
Ok, here's the situation as I see it.
We have a problem: Spam

We need a solution.
So far filtering has been working good and is slowly getting better, but there's always gonna be the chance for false positives.
so how do we stop this?
I have no clue.
We should probably start cracking down on open relays, even use governmental pressure if needed (on spammers in our countries and on the governments of other countries). They serve no real purpose other than facilitaing spam.
What else can we do? Go after spammers legally. We need to make them pay. I bet if 1000 people sued ralsky for $500 a piece he'd start to take notice, but he still wouldn't learn. Some states, like washington, are doing that, and it seems to be working, or at least getting the spam recievers a little extra cash. If I lived there, I know I'd try it at least once. Hell, I might even pay for my braodband connection with the money I got from spammers:)

I've heard people recommend opt-out lists like they use for telemarketers- that's not gonna work because spammers are much more slimy- they'll use the opt-out list as a verified list.

We're not left with many choices, besides educating people to simply delete spam and DON'T buy from it. make it cost spammers money. if they sell even one thing, they they're winning.

I took a slightly fun approach. I'm building a list of 'legit' companies that sell your email address to spammers. What I did was bought a domain, and whenever I signed up for something, I used the companies name@ the domain, and had it all forward to one account. so when I get spam to musiccity@mydomain.com, I know that musiccity sold my email address (which they did).

Does anyone else have any Ideas how to stop spam? if so, save the redundant mods and reply.

False positives are a fact of life

[sludg-o]

We offer SpamAssassin at the college where I work. I always tell new users that any spam blocking system, no matter how good, will eventually block something that was legitimate. That's why I don't write procmail recipies that redirect mail flagged as spam to /dev/null. You gotta put it in a seperate folder and you are asking to get burned if you don't skim the subjects and senders every couple days. Also, they should be whitelisting messages from addresses in their domain.

I don't see how this is news. It's just an example of bad system administration.

Hit-and-miss filters

[Xesdeeni]

By definition filters are hit-and-miss and non-deterministic. I get almost exclusively SPAM with spoofed return addresses. How about this solution:

1. Sending mail server generates a tx content key based on the contents of an e-mail being sent.
2. Sending mail server uses the tx content key with a private key to create a confirmation key.
3. Sending mail server sends the e-mail, along with the confirmation key to the receiving server.
4. Receiving mail server generates a rx content key from the e-mail contents.
5. Receiving mail server sends the rx content key and the confirmation key back to the sending mail server.
6. Sending mail server uses its private key plus the rx content key to re-generate the confirmation key.
7. Sending mail server compares the confirmation keys.
8. If the keys match, the receiving mail server allows the mail to enter the recipient's mailbox.
9. If the keys don't match, the mail is bounced.

The keys are in place to keep the SPAMmer from tagging along on a valid return address with mail that address didn't send. This technique also keeps the second transaction to a minimum exchange of keys. The keys add traffic, but the eliminated SPAM traffic more than makes up for the penalty. As more and more mail servers are updated with this feature, spoofing is all but eliminated. The remaining "spoofable" domains can be explicitly severed from the net or blocked.

Xesdeeni

Re:Work around

[Cy+Guy]

create a text file [&] zip it

Unless the recipient is expecting this they should just delete the message. I routinely delete any email that has zipped attachments unless I have previously agreed with the sender to send it that way. (That's assuming the recipients mailserver doesn't routinely strip zip files off as an enterprise virus protection measure in the first place.)

But one way your suggestion could be modified that will work for anyone whose email can view HTML is to print your message to graphic file, convert it to a GIF and embed it into a simple a webpage.

The reader will open the file and see what looks like a text message, but it actually will be the GIF image of your message.

Most filters don't block HTML and GIF files.

true story

[circletimessquare]

i got in a fight with an ex-girlfriend and we ceased speaking for awhile

i became further incensed because she never contacted me after the fight

we didn't talk for 2 months

finally, i contacted her and said "why didn't you get back to me??!!"

she said, "you didn't get my email?"

i looked, and there it was, 2 months back, in my spam folder (yes, i keep all of my spam, the folder is gigantic)

although you could make a joke about emails from girlfriends being called spam, in this particular case, considering the chance at reconciliation that was lost and the feelings involved, it was definitely not funny at all ;-(

so i can say, with certainty, that my personal life has been greatly and adversely affected by spam.

you can hate spam for all sorts of reasons, but for me, it's personal.

similar has happened in US

[jdunlevy]

When the FTC decided to try filtering

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Maybe Wake Up Call for "Filters"

[Zeinfeld]

As stated lower in this thread, if you have to manually check your spam folder for "false positives", the filter is utterly useless since you are still checking for spam

I attended the conference on spam at MIT. The conference would have been more accurately labelled a 'solving spam with the hammer we know about' conference since no other solutions were accepted - although several people besides myself submitted authentication based papers.

The big problem with the Bayes approach is false positives. Lots of great statistics were quoted but the claims were simply not credible. I don't believe that Spam is such a simple problem that the performance of naive Bayesian techniques is several orders of magnitude better on that problem than any other.

So really the trick is to swing the problem arround. START from the problem of making sure that anyone with a legitimate reason to contact me can do so without interference from statistical filtering techniques. The proper place to apply those is on the mail I cannot authenticate in that way.

I dislike the bounce-back loop as a filter for personal correspondence. I think it is great for the purpose of a lightweight authentication mechanism for mailing list subscriptions. I get very irritated when people use it to filter email, particularly since all my email is signed. People should not substitute their ad hoc authentication mechanisms without first supporting deployed standards.

The other problem with call back loops is that if they are used widely they will become a bigger problem than the spam, this is why I have been urging Microsoft et. al. NOT to support them. The trick that the spammers have developed to get round the callback loop is to steal addresses off mailing list archives and send forged messages to the other members of the list. So work out the effect that deployment of the naive bounceback hack would have.

Re:Work around

[AndroidCat]

Most filters don't block HTML and GIF files.

Oh? Many people set their filters to tag'n'bag (or simply dump) any non plain-ascii email. I treat any email with HTML, base64, or an attachment of any kind as probably spam and potentially dangerous, and inspect it before reading it.