Slashdot Mirror
Building A Better Inbox (Updated)
vudujava writes "c|net is reporting that a new free (Update: not free, actually, read more for details.), web based email service is opening it's doors today. They promise to deliver "100% spam free" email to their users by using a challenge-response system to all incoming, first-time mail. Catch the entire story here. Although the idea isn't new, it shows that we are notching up the "war on spam"."
Alert reader George Hotelling points out this post on Politech which may give you pause when it comes to the new mail service's Terms of Service.
And kraksmoka writes "As reported on this article on MSNBC : 'Hotmail subscribers are now limited to sending only 100 messages a day "in an effort to prevent spammers from using Hotmail to spread spam," said Lisa Gurry, MSN lead product manager.'"
dlanod writes "In your snippet on the main page you report mailblocks.com as "a new free, web based email service". Looking at Mailblocks' site, it actually costs $9.95/year for the standard service, or $24.95/year for the expanded service with no free option listed (https://app1.mailblocks.com/register.htm)."
BTW, mailblocks.com isn't free; it's $10/yr. However, that's still only half what fastmail.fm charges annually for their spam filtering service (with SpamAssasin).
Mailblocks is not free! They charge either $9.95 or $24.95 a year depending on the file size limitation you choose.
The future isn't what it used to be.
I've been using yahoo mail for a while now and it is virtually spam free. The built in filter is great. Occasionally one makes it into my inbox, we're talking one every two or three days, otherwise they pile up in my bulk mail folder.
.Mac and I'm a os x geek.
It's so good I paid for a year of mail plus. I didn't even do that for
It really pains me to see the amount of competition *and* press coverage our competitors are getting.
We invented this system for authenticating email, and we've had a product on the market for 2 years now making use of it.
We have the most affordable service available still. It's one thing for competitors to realize our idea is the solution - it's another thing for the media to ignore the origins of the system completely.
Ace
When I go to sign up using Mozilla on Linux, I get a JavaScript pop-up that reads:
"Mailblocks may work with other browsers, but it is only tested using Internet Explorer"
Anyone tested using other browsers? This sort of thing was never anticipated when people were excited about the Internet...
I own a small business and much of my client correspondance is via email. That means, I have to run my own IMAP server and I have 200 mb of mail on the server.
Someone would do well to offer this service with your own domain (if you change your MX record), IMAP and reasonable charge for each 50mb increment of disk space. This is yet another web mail service, only this one is hosted off of a MSFT server and it implements intrusive spam blocking. SPAM Assasin works very nicely, I've found.
*yawn*
--------- Matt
1. Services. Mailblocks provides a fast, low-cost email service to its users. The Services also include online calendar and address book features, and other features may be added in the future; unless expressly stated otherwise, any new or enhanced features will be subject to the then-current version of this Agreement. In exchange for your use of the Services, you expressly permit and authorize Company, and such third parties as may be authorized by Company, to furnish to you from time to time, through the Services or any other means, with information prepared by Company or by (or on behalf of) other entities, including advertisements and solicitations (such information, "Third Party Content"). You acknowledge that such Third Party Content is an inseparable part of the Services, and that furnishing such Third Party Content to you cannot be terminated unless the Services are terminated. All such Third Party Content will be understood to be requested by you through your use of the Services. Some third parties furnishing you with Third Party Content may permit you to "opt out" of receiving such communications from them. However, Company is not responsible for any such party's failure to comply with its own "opt out" policies.
Company neither endorses nor is responsible for Third Party Content, and you may be exposed to Third Party Content that is offensive, inaccurate, misleading, deceptive, out-of-date, or incomplete. You must evaluate, and bear all risks associated with, the Third Party Content, and your use of and reliance on any such content. We are not responsible for any errors or omissions in Third Party Content, for hyperlinks embedded in Third Party Content or for any results obtained from the use of such content. Under no circumstances will we be liable for any loss or damage caused by your reliance on any such Third Party Content. Your correspondence or business dealings with, or participation in promotions sponsored by, any such third party advertisers, or any other third party providers of goods or services accessed through the Services, and any terms, conditions, warranties or representations associated with such dealings, are solely between you and such third party advertiser or provider.
We may establish limits and restrictions on the Services, including without limitation, the maximum disk space that will be allotted on your behalf, the maximum number of days that messages will be retained, the maximum number of messages that may be sent or received, the maximum size of a message that may be sent or received, and the maximum duration for which you may access the Services in a given period of time. You acknowledge that Company reserves the right to terminate accounts that are inactive for an extended period of time. You further acknowledge that Company reserves the right to change these limits and restrictions at any time, in its sole discretion, with or without notice.
COMPANY MAKES NO WARRANTIES CONCERNING, AND ASSUMES NO RESPONSIBILITY FOR, THE TIMELINESS OF DELIVERY, MISDELIVERY, DELETION, CORRUPTION, OR FAILURE TO DELIVER OR STORE ANY EMAIL MESSAGE(S) THAT YOU MAY SEND OR RECEIVE USING THE SERVICES, OR FOR ANY LOSSES THAT YOU MAY INCUR THEREBY.
Wow, definitely read the TOS info...
It reads more like they wish to charge you $10 to become your primary spam provider, oh and they will also be sharing your personal info with 'their' spammers (3rd parties), which you can't opt-out of.
Pay to go from bad to worse ? I think not !
"Whoever would overthrow the liberty of a nation must begin by subduing the freeness of speech."--Benjamin Franklin
The article here indicates that this company plans to charge $10/year for the service. Cheap, if the system proves to work, but definitely a different business model.
Further, it says that the 7 digit passwd will be sent in a "digital image"; kind of a hassle for those of us with text-only email. (long live pine)
Anecdotal evidence! I'm sold!
Service Pricing
I want the following Mailblocks service:
Standard Service -- $9.95/year
* Standard Service includes 12 megabytes of storage.
* Promotional launch offer: Buy one year of service for $9.95, receive an extra two years of service for free. That's just
Expanded Service -- $24.95/year
* Expanded Service includes 50 megabytes of storage.
* Promotion not offered for the expanded service.
* Can I upgrade later? Sure.*
Come to the University of Mars! Classes starting soon!
mailblocks says "All login information is sent securely to the Mailblocks server."... but I don't see any "https:". I tried signing in with a bogus userid/password just to see if I got a SSL response but no. Am I missing something?
I don't know the history of open relays, but I do know that I worked for a hosting company that tried unsucessfuly for almost a year to secure the mail server(s). When we finaly did get it set up, it was a support nightmare. People didn't read the emails that we sent explaining the new system and were freaked out when it was trying to authenticate them when they were sending. An important side note is that these were all nt4 boxes.....I suppose that was most of the hassle, but still, all it takes to buy a server and some bandwidth is a credit card. It takes a little more than that to set it up properly. All goes back to human error being 99 percent of the problem I suppose.
The / in
http://www.spamgourmet.com
/dev/null, and username is .. obviously your username.
Allows you to 'create' an e-mail address, consisting of x.y.username@spamgourmet.com where x=a unique identifier for the e-mail address you're creating, y is the number of times e-mail may be sent to the address before it gets forwarded into
a little complicated - but go and sign up, it's free, it works...
I cite a specific example of a challenge-response system for authenticating email dating from 1997, and you reply that since you started in 2001 you are the longest-running.
way to refute me, champ.
Sure, something has to be done about the problem, but paying for a bad system that will just sell your name to other spammers and will block legitimate e-mail isn't much of a solution and should not be accepted in a desperate I'll try anything approach. I would propose that a simple open season on spammers, with perhaps a six spammer limit so every hunter gets a chance, and even a small license fee to help pay down the national debt, would be a much better approach.
I'm an American. I love this country and the freedoms that we used to have.
If you want to try it out, you will (most likely) need your own machine handling mail (if you're a broadband or DSL user, this is easy enough, I'll assume you've made that step...)
Now, make sure Perl is installed.
Now, as root, type "perl -MCPAN -e shell" and follow the instructions to set up Perl's configuration system.
In that shell, type "install Mail::SpamAssassin".
Exit that shell and type "/etc/init.d/spamassassin start"
You will want to do what your OS prefers for making sure this starts at boot time, under Red Hat Linux, that's "/sbin/chkconfig --levels 35 spamassassin on"
Exit your root shell, and do the rest as your user account.
Assuming you use sendmail with procmail (see the SpamAssassin site for other MTA configuration steps), put:into your
SpamAssassin is now doing its job. It just marks messages that it thinks are spam. See the example procmailrc on spamassassin.org for more information on how you can move the mail to another folder, delete it, or even more complex things. Also, there's a procmail bug that the example config can help you work around.
If you're doing this on a busy site, I recommend adding "-m 20" or so to your spamd command-line to throttle periods of intense mail delivery.
You can also configure SpamAssassin to do lots of useful stuff just the way you like it. There's a FAQ on your site that will walk you through it, but after the first time spamd handles mail for you, it will create a ".spamassassin/user_prefs" file that has good comments in it that guide you through common configuration needs (like whitelisting users).
They reserve the right to release any and all infomation... from the TOS:
"Mailblocks furnishes our members, and permits third parties to furnish our
members, through the Services and otherwise, with information, promotional
materials and solicitations, from time to time. You may not "opt out" of
the receipt of such promotional materials from Mailblocks and/or its
affiliates, advertisers or other business partners if you wish to use the
Services. The receipt of such promotional materials is an inseparable part
of the Services that Mailblocks provides. If you decide that you would like
to discontinue receiving such promotional materials, you must stop your use
of the Services and terminate your account with Mailblocks."
"Mailblocks reserves the right to release any personally identifiable
registration information regarding you to third parties who provide goods
or services that we believe may be of interest to you. Some third parties
furnishing you with promotional materials may permit you to "opt out" of
receiving such communications from them. However, Mailblocks is not
responsible for any such party's failure to comply with its own "opt out"
policies."
"Mailblocks uses individual data to "target" advertising - to decide which
advertisements and sponsor messages to send to which members. As an
example, if Sponsor Co. wishes to send their advertising only to Mailblocks
members residing in California, Mailblocks uses member registration data to
ensure that Sponsor Co.'s ads are sent only to members residing in California."
"Mailblocks may use individual members' data to "pre-populate" forms which
are displayed for the purpose of collecting individual data by Mailblocks
and/or its sponsors. In no case does pre-populating a form automatically
transfer any data to any advertiser or third party. Only if the member
voluntarily requests that such data be transferred will any transfer take
place - for example, if/when a member clicks a "submit form" button or
other button."
This is exactly what spamgourmet is useful for. Spamgourmet is free, and forwards messages to your "real" address, but only as many as are specified by the address. To use Spamgourmet, you first become a member with a single user address, however you can add "sub-addresses" in a similar way to subdomains, starting with just a lame label, then a number of MAX emails to be accepted at this alias, then the username.
,br> for example, if you wanted to get a confirmation from newegg.com, but didn't trust their mailing list... you could simple fill in newegg.3.joecool@spamgourmet.com. this would give them a max of 3 emails, 1 for billing, 1 for shipping, and 1 for whatever is bound to go wrong.
Try it out today at spamourmet.com
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
Actually, you can use this approach to another end as well. If you want to buy something from indigo books, for example, create and use the email address indigobooks@yourdomain.com for the transaction. If you later find that you're getting spam to that address, you have a good idea of who sold/leaked your email. Great way to build up and work a bitch-list of slimy companies.
Talk about a blinding glimpse of the perfectly obvious
With TMDA you can make a 'dated' address which would allow anyone who uses that address to send you an email for a certain amount of time.
Example from http://tmda.net/config-client.html
jason-dated-989108708.a17f80@mastaler.com
This particular address expires on Sun, May 6 00:25:08 2001 UTC, which is exactly 5 days after it was generated. TMDA time intervals can be set in years, months, weeks, days, hours, minutes, and seconds. Once a dated address expires, messages sent there must go through the confirmation process. Use of strong cryptography insures that the timestamp can't be modified.
Let me try to explain it to you. Sometimes you need or want to get an e-mail from someone who you haven't got an e-mail from before. You might need to get a tech support response. You might need to get an order confirmation for something you bought on-line. You might subscribe to a news letter or other information that you want but don't know the exact e-mail address it will be sent from (and that might even change some day). You might receive e-mail from an old friend or classmate who is trying to track you down, and perhaps they even got your address from a common friend. You might want to use your address publicly for a legitimate reason, like in a newsgroup to request information. You simply might think that you should have the right to make yourself findable for legitimate contact without opening yourself to hundreds of vulgar and dishonest spam messages every day.
Or, you might really dislike spam, and not want to hand over your address book with your friend's valid e-mail addresses in it to a known spammer - Microsoft.
I'm an American. I love this country and the freedoms that we used to have.
Fastmail.fm has something similar. They set up a sub domain of the form yourname.fastmail.fm. Any mail sent to this sub-domain comes into your mailbox. The way this works is that you would give a mail-id like say foldername@yourname.fastmail.fm to potential spammer (website forms etc..) and all such email will come into a folder called "foldername" in your mailbox.
Though this facility is not there with the basic service it is there with the one time payment service. Pretty neat stuff.
Yes, if you're waiting for an important email with Spam Interceptor you can check your mail cache and manually add the person either before or after you receive the email. Since HR firms always send from the same email address, future correspondence isn't a problem.
Server-Client based systems ensure spammers don't know which email address is valid. The subject line is included in the email, but with minor changes so an automated strstr isn't going to find it.
Spammers do not forge legitimate email address as the sender, a very high percentage of spam emails use email addresses with no MX record attached or an MX record set to localhost (ie. doesn't exist).
The other ones use random addresses, so unless you're askdhjf@asdf.com I doubt you're going to get little micro spams. If you do, you'll receive a total of maybe.... 1.
Regards,
-Doug Styles
Ace
Hushmail has a challenge/response mechanism for quite a while now. And it works remarkably well ...
I must say, I enjoy using Mozilla 1.3 for my email. It marks and moves most of the spam that I get to my "junk" folder. As time goes on, and I mark more and more messages as spam it will only become better. Of important note is that I have been training this program since the day it was released for beta testing.
SIGFAULT