Slashdot Mirror

← Back to Stories (view on slashdot.org)

TarProxy Creates Tar Pit... For Spammers

Posted by CmdrTaco on from the feel-their-pain dept.

agravaine writes "I ran across TarProxy, which, IMHO, is one of the cleverest spammer-handling ideas I've seen yet. The gist: Early detection of incoming spam [using the statistical techniques pioneered on the client side] could be used to create an artificial scarcity of bandwidth experienced only by spammers." This project hasn't gone very far yet, but essentially is slows SMTP requests to suspected spammers. If this really works, and is installed on enough of the net, it could work. 144 spam so far today. Anything would be an improvement. CT Yup, it's a dupe. There wasn't anything better to post at 9am on a sunday, so you can just bitch about me instead ;)

9 of 164 comments (clear)

  1. Spammers could put time limit on SMTP connections by bubblegoose · · Score: 3, Insightful

    I don't see how effective this could be. How long before spammers get smart and set their SMTP program to give up after X seconds?

    Telemarketers killed the Telezapper, they would do the same here, its just a junk-busting arms race.

    --
    I hope that someday we will be able to put away our fears and prejudices and just laugh at people. - Jack Handey
  2. Brilliant by FunWithHeadlines · · Score: 4, Insightful
    What's inefficient about current spam solutions?:

    "These classifiers already come in many forms. There are POP3 proxies, IMAP proxies, mail file processors, and even classifiers built directly into mail clients. I use PopFile (a naïve Bayesian classifier in a POP3 proxy) at home with great success. Some work better than others, but with a little training, they all seem to work pretty well. Unfortunately, they have a common shortcoming: They don't cause the spammers any pain."

    What is the goal?:

    "And we all want to cause spammers pain."

    How do they want to accomplish this pain?:

    "None of these classifiers are capable of causing the spammers any pain because the spammer is long gone by the time the classifier has the opportunity to process the message. What we need is a way to use the classifier against the spammer while the spammer is still connected."

    This is brilliant. If all you do is clean up after the spammers when they are long gone, there is little motivation for them to stop. So what if they've dumped a bunch of garbage in your in-box? They don't stick around to see you clean up. But this idea hits them while they are in the process of spamming you.

    That's the key: Make it harder/more unpleasant/less cost-effective for the spammers and you discourage them from spamming. Hit the source, not the results.
    ------

  3. Interesting, but wont solve the problem by TheAB · · Score: 4, Insightful

    This is an interesting pro-active approach, but isnt most mail sent through open proxies, which have absent sysadmins? If we cant get them to lock down their mail servers, how can we get them to install this?

    1. Re:Interesting, but wont solve the problem by Fat+Casper · · Score: 2, Insightful
      If we cant get them to lock down their mail servers, how can we get them to install this?

      We don't need them to install this. They are its intended victims. If you have an open relay, the spam comes from you. TarProxy doesn't cut off or blacklist, it just makes it expensive to send spam. These "absent sysadmins" are going to have to show up at work and lock themselves down. Then they will magically stop being penalised. I don't give a damn about the spam they recieve, just that which they forward.

      --
      I spent a year in Iraq looking for WMD and all I found was this lousy sig.
  4. OpenBSD's PF? by grub · · Score: 2, Insightful


    OpenBSD has a (alpha? beta? alpha hydroxy? I dunno) anti-relay addition to the PF firewall. Theo first mentioned it here and it was carried the story here. It sounds similar in that it puts the onus of time and bandwidth waste back on the spammers.

    --
    Trolling is a art,
  5. Re:Spammers could put time limit on SMTP connectio by JanneM · · Score: 3, Insightful

    No problem. It means X seconds in which they do not send another message, and no meaasge sent through that SMTP gateway. With enough mailservers doing this, it will severely limit the number of messages they can send in a given time.

    --
    Trust the Computer. The Computer is your friend.
  6. Re:God, why do people care about duplicate stories by cowmix · · Score: 2, Insightful

    Dupes waste everyone's time. They show the lack care from the /. staff. They could either automate DUPE detection or read their own site a little more carefully. They choose to do neither.

    Arg.

  7. /. duplicate problem by Multics · · Score: 4, Insightful
    Given:

    1) the /. creaters are by-in-large the /. people that control the posting of stories

    2) Most stories contain at least one URL

    3) URL's, by in large, are unique

    Then;

    Would it be so hard to modify the actual posting code to check that the URL hadn't already been part of a story header within say the last 60 days?

    Such a check would help both /. and all others that run / code.

    Just a thought!

    -- Multics

  8. Re:Spammers could put time limit on SMTP connectio by IKEA-Boy · · Score: 3, Insightful

    I don't see how effective this could be. How long before spammers get smart and set their SMTP program to give up after X seconds?

    This doesn't matter since most spammers use open relays to send their junk. They generaly don't have control over the timers for the relays they are using. The relay will be slowed down to a crawl making it less useful for them. Of course the spammer can get around this by running his own mailserver but this means he needs to invest a lot more money in bandwidth/hardware/upkeep etc. and he will make himself much more visible to the net.