Building A Better Inbox

vudujava writes "c|net is reporting that a new free (Update: not free, actually, read more for details.), web based email service is opening it's doors today. They promise to deliver "100% spam free" email to their users by using a challenge-response system to all incoming, first-time mail. Catch the entire story here. Although the idea isn't new, it shows that we are notching up the "war on spam"." Alert reader George Hotelling points out this post on Politech which may give you pause when it comes to the new mail service's Terms of Service. And kraksmoka writes "As reported on this article on MSNBC : 'Hotmail subscribers are now limited to sending only 100 messages a day "in an effort to prevent spammers from using Hotmail to spread spam," said Lisa Gurry, MSN lead product manager.'" dlanod writes "In your snippet on the main page you report mailblocks.com as "a new free, web based email service". Looking at Mailblocks' site, it actually costs $9.95/year for the standard service, or $24.95/year for the expanded service with no free option listed (https://app1.mailblocks.com/register.htm)."

Definitely not new

[jbellis]

I've contributed code to TMDA, a python implementation of this idea that's been around for over two years. The earliest I know of though is a C implentation called mapson. It was abandonware for a while, but it's apparently been resurrected on sourceforge. I _think_ the original version dates from the '90s.

BTW, mailblocks.com isn't free; it's $10/yr. However, that's still only half what fastmail.fm charges annually for their spam filtering service (with SpamAssasin).

Not Free!

[MiTEG]

Mailblocks is not free! They charge either $9.95 or $24.95 a year depending on the file size limitation you choose.

Yahoo

[SpamJunkie]

I've been using yahoo mail for a while now and it is virtually spam free. The built in filter is great. Occasionally one makes it into my inbox, we're talking one every two or three days, otherwise they pile up in my bulk mail folder.

It's so good I paid for a year of mail plus. I didn't even do that for .Mac and I'm a os x geek.

Re:Yahoo

[Jens_UK]

The built-in filter is far from perfect. Currently, I am getting loads of messages with just a single image routed to my inbox, rather than the bulk mail folder. Thankfully, Yahoo! does let you block images, so it doesn't load them and confirm your address. Newer accounts (eg., family members) seem less prone to this, perhaps because their addresses haven't been out in the wild as much yet.

For conventional text spam, the filters are decent and route most to the bulk mail folder.

Yeah, this system was invented by SolidBlue

[Ace905]

It really pains me to see the amount of competition *and* press coverage our competitors are getting.

We invented this system for authenticating email, and we've had a product on the market for 2 years now making use of it.

We have the most affordable service available still. It's one thing for competitors to realize our idea is the solution - it's another thing for the media to ignore the origins of the system completely.

These services won't work for many of us.

[matt[0]]

I own a small business and much of my client correspondance is via email. That means, I have to run my own IMAP server and I have 200 mb of mail on the server.

Someone would do well to offer this service with your own domain (if you change your MX record), IMAP and reasonable charge for each 50mb increment of disk space. This is yet another web mail service, only this one is hosted off of a MSFT server and it implements intrusive spam blocking. SPAM Assasin works very nicely, I've found.

*yawn*

Exclusive Spam Provider ?

[Dave21212]

Wow, definitely read the TOS info...

It reads more like they wish to charge you $10 to become your primary spam provider, oh and they will also be sharing your personal info with 'their' spammers (3rd parties), which you can't opt-out of.

Pay to go from bad to worse ? I think not !

Not free according to NYTimes...

[jmiles]

The article here indicates that this company plans to charge $10/year for the service. Cheap, if the system proves to work, but definitely a different business model.

Further, it says that the 7 digit passwd will be sent in a "digital image"; kind of a hassle for those of us with text-only email. (long live pine)

secure?

[hey]

mailblocks says "All login information is sent securely to the Mailblocks server."... but I don't see any "https:". I tried signing in with a bogus userid/password just to see if I got a SSL response but no. Am I missing something?

Re:Disposable Email Addresses -- Effective?

[neilsly]

http://www.spamgourmet.com

Allows you to 'create' an e-mail address, consisting of x.y.username@spamgourmet.com where x=a unique identifier for the e-mail address you're creating, y is the number of times e-mail may be sent to the address before it gets forwarded into /dev/null, and username is .. obviously your username.

a little complicated - but go and sign up, it's free, it works...

do you have a reading comprehension problem?

[jbellis]

I cite a specific example of a challenge-response system for authenticating email dating from 1997, and you reply that since you started in 2001 you are the longest-running.

way to refute me, champ.

and I have some nice swamp land....

[frovingslosh]

Lets make sure we have the facts: Here's a free service that costs either $9.95 or $24.95 a year depending on the file size limitation you select (You want a file size limitation imposed on your e-mail, don't you?) and then they take your name and sell it to people to send you the exact thing you're paying to avoid. Sure, that makes sense, but how well will it work? I've considered the challange and response system, but how many valid e-mails will be missed from valid businesses you are doing business with? Do you think Tech Support people you are trying to get a response from will fool with this system, or just delete a validation request that comes back to them? How about rebate confirmation notices? Or adding yourself to a newsletter distribution list? I received an order confirmation for a new notebook just last Friday that came from a "do not reply to this address" e-mail address; I certainly wanted the information in the confirmation message, and I don't expect major on-line retailers will change the way they send confirmations just to suit Mailblocker. How many other important e-mails would you miss if you trusted this system?

Sure, something has to be done about the problem, but paying for a bad system that will just sell your name to other spammers and will block legitimate e-mail isn't much of a solution and should not be accepted in a desperate I'll try anything approach. I would propose that a simple open season on spammers, with perhaps a six spammer limit so every hunter gets a chance, and even a small license fee to help pay down the national debt, would be a much better approach.

SA still works

[ajs]

I've been using SpamAssassin for about a year now. It started out good, and got better. Now it's actually a little frightening how good it is.

If you want to try it out, you will (most likely) need your own machine handling mail (if you're a broadband or DSL user, this is easy enough, I'll assume you've made that step...)

Now, make sure Perl is installed.

Now, as root, type "perl -MCPAN -e shell" and follow the instructions to set up Perl's configuration system.

In that shell, type "install Mail::SpamAssassin".

Exit that shell and type "/etc/init.d/spamassassin start"

You will want to do what your OS prefers for making sure this starts at boot time, under Red Hat Linux, that's "/sbin/chkconfig --levels 35 spamassassin on"

Exit your root shell, and do the rest as your user account.

Assuming you use sendmail with procmail (see the SpamAssassin site for other MTA configuration steps), put:

:0fw
| spamc -f

into your .procmailrc.

SpamAssassin is now doing its job. It just marks messages that it thinks are spam. See the example procmailrc on spamassassin.org for more information on how you can move the mail to another folder, delete it, or even more complex things. Also, there's a procmail bug that the example config can help you work around.

If you're doing this on a busy site, I recommend adding "-m 20" or so to your spamd command-line to throttle periods of intense mail delivery.

You can also configure SpamAssassin to do lots of useful stuff just the way you like it. There's a FAQ on your site that will walk you through it, but after the first time spamd handles mail for you, it will create a ".spamassassin/user_prefs" file that has good comments in it that guide you through common configuration needs (like whitelisting users).

SpamGourmet

[Penguinoflight]

This is exactly what spamgourmet is useful for. Spamgourmet is free, and forwards messages to your "real" address, but only as many as are specified by the address. To use Spamgourmet, you first become a member with a single user address, however you can add "sub-addresses" in a similar way to subdomains, starting with just a lame label, then a number of MAX emails to be accepted at this alias, then the username.
,br> for example, if you wanted to get a confirmation from newegg.com, but didn't trust their mailing list... you could simple fill in newegg.3.joecool@spamgourmet.com. this would give them a max of 3 emails, 1 for billing, 1 for shipping, and 1 for whatever is bound to go wrong.

Try it out today at spamourmet.com