Slashdot Mirror
AOL, MS & Yahoo Unite On Anti-Spam Initiative
dilaudid writes "FT.com has an article about AOL, Yahoo and MS putting aside their differences to combat spam. An AOL VP is quoted as saying "Our customers are telling us it is the number one problem with the internet." Their intended response is "narrowly-defined federal legislation aimed at so-called "king-pin" spammers" who send the bulk of the mails. "
Finally! The Evil Empire has thought of something truly helpful to do with the 1 trillion dollars of cash. ;-)
;-)
I am concerned that when all of this is said and done, only users of a Microsoft OS will not receive spam.
You know your a scumbag when...
Slashdotters support AOL and MS when they attempt to stomp on you.
Its obvious, but something to note, that you need to have a yahoo/aol/msn email account to see all the benefits of this anti-spam initiative.
BTW - What happened to topic icons??
Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
Between this story, the Open Internet story, spammers sueing Journalists and what not...
I may have to start a betting pool.. and maybe get some popcorn as the hilarity ensues on, "Internet Deathmatch".
-
ping -f 255.255.255.255 # if only
That this puts scumshit like Ralsky out of business... I'm getting sick and tired of receiving upwards of 100 spams a day.
2 months ago less than 50% of my incoming e-mail was spam. Now it's running 65%.
Corporatism != Free Market
Microsoft drop Windows, and decide to give all money away to Linux kernel developers.
First a free internet and now this, do they realise that they're ment to be the bad guys?
Brocklesby Park Cricket Club
... but we are the dimmest bulbs...
... federal legislation ...
I feel better already.
Wanna bet that their strategy involves DRM and only accepting/sending e-mail from approved operatin systems?
All Troll + "offtopic" mods are meta moderated as "Unfair", because you abused the system.
Dogs and cats, living together...
[b]mass hysteria![/b]
WTF. MS et al joining together to resist fundamental changes to the internet, and AOL moving to stop SPAM.
What's next? The fall of communism?
....And we want the government to force other people to allow us to do that.
They are carriers & they could care less about spam other than the hardware demands the sheer volume of this stuff means for their investment cycle. If they could magically reduce their workload by 80% w/o losing one dime in revenue I swear they would turn out their children to do it.
AOL is currently using censorship to try to solve their problem. Their customers want the ISP to stop spam, and AOL interprets this as a license to censor incoming mail for "spamness".
It never occurred to them that perhaps the customer should decide what is and is not acceptable.
This form of spam-filtering is very dangerous - when someone else decides for you who can and can not send you email.
i'm worried about the outcome of this initiative. without emailed adverts how will the internet stay afloat?! the internet will become bankrupt and all my favorite sites will close down unless we pay for everything! it just isn't fair cause i am not a regular world wide web person. please reconsider this!
Did you read the article (or even the /. blurb?)
The groups said they were particularly looking for narrowly-defined federal legislation aimed at so-called "king-pin" spammers whom they believe are responsible for the largest volume and most pernicious of unwanted e-mails.
They're looking to legislate the "spam kings" to death, not block mail from them for their collective subscribers. Funny, however, that they continute to ignore "black hole" lists that are actually quite good at deleting/preventing spam.
Expensive Internet Access! Corporate Invincibility! Internet Community!
With your powers combined, I am Captain Corporate!
(chorus)
Captain Corporate,
he's our hero,
gonna take spam down to zero!
"I only speak the truth"
Karma: null(Mostly affected by an unassigned variable)
This has to be the millionth post I've read about spam on slashdot during the past few days. Anyone else sick of it?
Two stories in a row about MS doing the right thing! I think this is all part of a cunning plan. We'll soon see stories like "MS demands the DMCA is repealed", "MS releases secure OS", "MS replaces Windows EULA with GPL".
A short time later, after gaining the support of all the geeks in the world, we'll see "MS decides to take over and enslave the world", and there will no longer be any organised geek resistance to prevent this.
Its obvious, but something to note, that you need to have a yahoo/aol/msn email account to see all the benefits of this anti-spam initiative.
Nope. RTFA. It clearly says the plan includes suing the hell out of the spammers. If they can't turn a profit, everyone gets less spam.
Wait, lemme guess- that "narrowly-defined" definition of "spammer" will not include internet service providers advertising their services, nor companies the ISPs have paid to spam their subscribers?
My grandmother got porno spam within 2-3 days of her MSN "internet appliance" getting set up, and it had a very unusual account name(with numbers in it, too)- no dictionary atttack hit this one. She hadn't even figured out how to surf the web yet. Wanna guess who sold out her email address? First 3 guesses don't count.
Please help metamoderate.
Now I suppose I can expect the following in my inbox:
04/28/2003 sdogin@microsoft.com Join the fight against spam!
04/28/2003 asgasg@microsoft.com Join the fight against spam!
04/28/2003 dfjdfdsagsdg@aol.com Join the fight against spam!
etc, etc, etc.
i thought we went over this?
lookout bullow. divest in gov.va.msn?net? (VAST), before its too late.
remember the genetic korn blight.
If the number one problem with the Internet is spam, then the number two problem is all the idiots who buy products from spammers and keep them in business.
Spam will never stop. Just like junk snail-mail will never stop. The tiny percentage of below-freezing IQ's out there who fall for unsolicited "offers" are ruining it for everyone else.
of course Disney wants open access to broadband... they've already failed to dominate the net, so the next best thing is to prevent everyone else from succeeding.
Perhaps if these three got together and ran some decent television commercials which cut to the core of spam it would greatly reduce, i.e.
Would you buy questionable medications from someone who solicits you from a forged email address?
Would you consider giving your personal financial information to someone incapable of proper grammar or even good spelling?
Would you visit a site alleged to contain pr0n/child pr0n knowing your visit may be tracked?
(some percentage, like 100%) of spam is unsolicited, commits an act of trespassing, is made by people who have nothing of actual value to offer and is intent on defrauding you. Visit www.cauce.org for more information.
Sadly, these companies will trumpet how spam costs billions of dollars, but a few million on public information awareness advertising is beyond them. Hell, I don't even see anti-spam public service annoucements on MSNBC or Yahoo. Smells like more ado about nothing.
A feeling of having made the same mistake before: Deja Foobar
Great! After they've sorted out the SPAM problem maybe they can find out who the hell keeps filling my mailbox full of unwanted Internet CDs.
. . Oh.
Please read my Canon EOS tech blog at http://www.everyothershot.com
Spammers want to get your money. At this moment they are the ad-man, they advertise the wares of companies.
When the companies are made accountable for the advertisements of their wares, spamming ad agencies will find less business.
Simmilar, when accountants have to sign for money transfers and are personally responsible for the legality of their work, money laundering would not be such a problem.
Spam can be solved very, very simply. Everyone with a brain cell knows this. People need to stfu and do it right. I'll outline the basic steps of one way to do it, there's many others equally simple and valid. Actually, in this outline I'll solve not only the problem of spam, but also the problem of adult content on the web and filtering it for children. Needless to say you can combine the two to stop porn spam too. Here goes:
1) Set a technical standard for senders to classify emails in the header fields. Say, an X-header like "X-Mail-Classification: ". Give it three legal values: "UCE", "SCE", and "Personal". UCE is Spam, SCE is when you told a company explicitly that they could spam you (you really did visit their site and give them your address for future announcements or whatever), and Personal is anything else.
2) Set a similar technical standard for rating the adultness of websites. Make an HTTP header field, call it "Content-Rating", with a range of values similar to modern cable TV ratings (first a rating like PG-13, R, etc... followed by WHY (R - Violence, X - Strong Sexual Content, etc..).
3) Pass a bill in congress making it a legal requirement that all sites and emails MUST contain these headers, unless they fall in the "best" category (by that I mean, emails which actually fall in the Personal category are not required by law to state this, and websites which would have a G rating are not requried to state this). Failure to have a rating results in fines, having an obviously false rating (porn site rated PG, etc) results in even bigger fines - repeat offenses land you in a federal pound-me-in-the-ass prison.
4) Obviously once the headers are well-defined, and prevalent because of the legal requirement, software vendors need to mod email clients and web browsers to recognize these headers, which is extremely trivial. The user can then block bad sites and trash bad emails automatically or do whatever else they wish. If something makes it through the system (unwanted porn, unwanted UCE), you've got a clear case that they failed to properly label it with headers, which violates the new law above and lands them with criminal fines.
11*43+456^2
When you get one set of institutions that pretend to work for the people fighting with another set of institutions that pretend to work for the people..
We cheer and boo both at the same time... social schizophrenia ensues..
OUCH! I HATE AND LOVE MYSELF THE GOVERNMENT AND THE CORPORATIONS!
Someone pull the ripcord!
I am concerned that when all of this is said and done, only users of a Microsoft OS will not receive spam. ;-)
:)
Doesn't that give us like 95% coverage? Sounds good to me
"Not knowing when the dawn will come, I open every door." - Emily Dickinson
MS submits bid to buy AOL/Time Warner & Yahoo!.
I can't believe it until I see less and less spam on a Hotmail account. Or a useful tool to handle it.
I'm afraid I won't believe it.
http://spews.org/html/S1928.htmlg /html/S681.html
http://spews.or
aol & msn not exactly innocent either.
these idjits need to get their own houses in order before yammering about the rest of the world.
* Use existing laws: I am sure there is more than enough laws already on the books that cover "fraudulant and egregious methods to disguise and misrepresent". We don't need laws specific to spam we should use generic laws that cover communications fraud.
* Go after those that hire spammers too. If I contract someone to perform a service and I know their methods are not legal then I should be held liable too.
* Don't depend on laws to fix everything. Fix the system!
Keep the Classic Slashdot.
I do realize everyone's SPAM is at insane levels and SPAM has gone up in the last 3 quarters. That said, I have very intelligently and precisely made my 15 free filters and none of them work on Yahoo mail. Middle of last year, I decided to chunk down the money for the premium email account. I used up the free 35 extra filters pretty quick.
It is my opinion that Yahoo allows junk mail, in fact, dumps it heavily on it's customers so that they will buy a premium service.
Yell & scream & rant & rave... it's no use... you need a shaaaave ~ Bugs Bunny
The spammers will claim they all fit in the personal communications requested by the recipient, and are not required to fill in all that rigamarole.
And you're right back where you started from.
No, the solution is to inform people that
a) Your body parts aren't going to get bigger (bellies excluded)
b) You really don't want to trust your finances -- even credit bailouts -- to people who'd SPAM you
c) There are no dignitaries in Nigeria that have millions of dollars they need to launder into the US, and if they did, you'd be arrested
d) There's no need to pay for porn. Go out into the big blue room and you could find someone real. Besides, there's enough free internet porn, just look.
You get SPAM because it works. People buy this crap. If they didn't, the spammers would stop.
Design for Use, not Construction!
I just delete spam before reading my e-mail. Spam isn't that hard to detect.
/dev/random. :-)
Re:your request From: acv235fv@hotmail.com SPAM!
refinance lowest rates From: bob33010@aol.com SPAM!
If everyone just ignores them and doesn't buy anything from the spammers, then it will dry up. Another favorite is to find their real e-mail address, usually from their form, or their link, and e-mail them 2.5MB from
I want my rights back. I was actually using them when our government stole them after 9/11.
Don't let them fool you. This is not for the customer. This is so AOL, MSN, and Yahoo can save on bandwidth costs.
Has anyone here REALLY considered not using e-mail ever again because of spam? Does anyone here REALLY believe spam is going to put an end to electronic communication?
Forbidding certain companies from sending out mass e-mails could mean your mailing list is next. I am just as annoyed by spam as the next person (well, maybe not, since I seem to get a lot less than some people here complain about), but charging for or forbidding bulk e-mails will put a cramp in more peoples' style than just the spammers.
Denver Isuzu Suzuki
If you're interested in countering spam, please check these out:
- David A. Wheeler (see my Secure Programming HOWTO)
The obvious problem here is that you're a social recluse and have not been increasing the number and quality of your relationships to keep pace with the number of people who want to sell you stuff. If you had, the percentage of your email that is spam would have remained the same or perhaps even decreased.
Don't blame the spammers. Leave the house more.
paintball
This is kind of funny, the parallels between the spam wars and the so-called drug wars. I call say this because it is more appropriately labeled "war on some drugs." But that's another rant.
But isn't it interesting that they (meaning AOL et al) are going after the big offenders and not, say, THEMSELVES? After all, they are analagous to the street-level pushers of the spam. The big spammers ("kingpins") are the ones who create the spam and are the nexus for it's origin. The product is then filtered down until it reaches the local ISP of the client/user and finally handed to the target -- the customer.
You might object and say, "the difference between drugs and spam at this level is quite sharp because drug users want the drug. Spam receiptients do not." Well SOMEONE is buying. Spammers don't spam because they think their literature amounts to avant garde exercises in promotional haiku. They spam because someone pays them to. And someone pays them to because someone is buying. In other words, every nickel they spend on spam comes back to them dressed up as a dime. It's as simple as that. The only real difference between the two analogies when you consider it is that spam is less visible because of the inherant privacy and legality of spam. That's all. You still have a product, you still have a buyer and you still have a larger community that must deal with the fallout of that activity.
However, this is the point at which the analogy breaks.
The community normally goes after the street-level dealers and the users. Of course the dealers have little to lose because they're poor to begin with and there will always be someone to deal. Always. And users/buyers are always going to use/buy. So go after the source, right? This makes sense, right?
So why are over half (55%) of all federal prisoners drug offenders?
This would be like Microsoft and AOL suing themselves half to death and prosecuting the recipients of the email when they purchased wares sold by spam. Never mind the fact that buying after seeing a spam isn't illegal. That's not the point. The point is that even if it were, it is an obviously flawed and ineffective model. It just doesn't work.
My
Limekiller
Does this have anything to do with the "test" emails that Microsoft and AOL have sent out before (you know the ones that say I will get $.35 for every person who receives the message after me), I'm still waiting for my check you know!
One thing that the big ISPs could do is exert technical pressure to help deny spammers the ability to hide. I would love to see them reject all mail in which the HELO greeting is not fully qualified and resolvable (as required by the RFCs). Same thing everywhere else a domain appears in an SMTP conversation. This would force a mass cleanup of incorrectly configured mailservers and I would be able once again to include that as a requirement on my server.
Although perhaps exceeding the requirements of the RFCs, they might also consider refusing mail if the HELO/EHLO does not resolve back to the connecting IP.
In addition, they could publish via DNS info records or ?? the IPs of all their outbound mail servers (no MX won't work - that's only for inbound mail). It would be great to be able to bounce all mail "from" someone at yahoo/hotmail/aol/etc. unless the connection came from a mailserver associated with that email address (sure, for some people the mail may have been legitimately relayed before arriving at their site but that has never been the case for my servers).
~~~~~~~
"You are not remembered for doing what is expected of you." - Atul Chitnis
Come on!!!
There is spam because the system is insecure. Force AUTH based SMTP and use SSL.
Use RBL's, SpamCop and Spews to blacklist people who don't want to grow up and be secure! Big ISP's should do this, Cable & DSL providers should do this.
With wireless tech i can login to anyways network and spam away as long as i'm behind an IP address allowed by there servers.
Its LONG overdue! Use our preventative technologies to enforce some decisions for the better of the network, not the perogatives of a select few!!!!!
FDU = Federally Dependant Users
1) Make sure no ISPs/Email carriers believe how easy it is to stop this 'problem'
2) Make sure to get the government involved with your company to 'provide' a complex solution
3) ???
4) Profit!!
This is trivially easy. If you provide email services, keep an address book for your users (most have this already). If it's not in the address book, return the request with a 'not in address book message'.
1) Since -most- SPAM has an invalid reply-to addr, most spam is now gone. The SPAM marketers realize their crap isn't getting through, so they either provide valid return addrs, or switch to alternative methods.
The sender can reply with a message that would be put in a special 'status pending' folder for the user. At the recipient's leisure, they could either add the addr to their addr list, or delete them all (aka folder trash). One click, and they're all gone. The email provider could also have a preference to autodelete the non-addr book email.
2) Real money generating option proposed by Cringely (www.pbs.org). Setup 2 addr books - one for free emails, and another for everyone else. Setup a micropayment system that requires emailers -not- in the free addr book to pay the disclosed amount (shown in the reply mail from point one). The payment goes to the emailee with a portion going to the ISP/email provider. Now, marketing is paying for the server time, and the users are happy to have their connections paid for (depending on the number of ads).
SCO works for RLS and LINUS.
Who are you trying to kid? When was the last time the government passed any restriction law that was narrow and stayed narrow? Invariably someone will find a reason to broaden the scope. It's a slippery slope to being forced to get an SMTP license.
The best way to fight spam is to enforce the existing criminal laws. Spam is almost universally fraudulent at best, if not outright criminal behavior.
It's also the easit to pursue, since the money trail *will* lead to people responsible for the spam being sent and its the easiest trail to follow. I don't believe that SPAM is necessarily trackable, especially if it involves hijacked or cracked mail systems.
I thought AT&T was bad by redirecting me to "other" sites, but comcast takes the cake. Before, to get to my favorite reading site, Slashdot, I had to use the IP address. Now, I have to proxy my connection to my work's firewall to get to the site. A little scripting and everything is fine, albeit a little slower. From a marketing standpoint, I can see why companies are doing this; to generate more business and ad revenue. But from a user standpoint, it would be a real drag if I didn't have another "business" line to proxy my connection.
...policing their own mail services. 90% of my spam comes from somewordsfollowedbyrandomnumbers@(yahoo.com|aol.co m).
As the costs for this goes up, the slippery-slope endgame will be that email addresses are registered (like DNS), and mail servers and intermediate systems will have to reject email with unknown endpoints. Actually, this could be cool in a carbomite maneuver sort of way - all 'illegal' email is directed back to the sender along with an additional message saying why it was rejected.
On a personal note, I have a problem with my ISP right now where spam actually chokes my inbound download (because of invalid headers, etc.), so I have to use POP3 Scan Mailbox to roto-rooter the queue before all my mail can download. Major pita. But, I'm hoping to make mods to Thunderbird to allow me to do this in one swell foop, as it were.
"Stop whining!" - Arnold, as Mr. Kimble
Far too broad. MS only does the right thing that best fits their plans for more profit. Everything else is smoke and mirrors. It may be right for them, but long-term (unless you hold their stock or work there), it isn't going to be right for you except by sheer coincidence.
I get upwards of 100 legit emails a day, with 4 ! very public addresses that are years old, and I never get more than 5 spams a day.
WTF are you doing to get that much spam? I just don't get this. And I don't do a whole lot to combat it, though my ISP does use Brightmail.
Maybe you should use an ISP that uses a filtering service, any will do.
I find it hilarious that MS and AOL is bitching about spam, their open relays enable most of it. My spam originates from MSN, sHotMail, AOL, Yahoo, some from Korea and China. I'd like to see MS follow its own rules.
Big-time spammers get their money up front from the spamvertiser, not piecemeal from individual suckers. If nobody falls for whichever scam is being promoted, that's just too bad for the spamvertiser -- the spammer has the money, and rigorously follows the First Law of Acquisition.
Yes, individual spamvertisers will give up if they get burned often enough, but there are always new sleaze artists to take their place.
/. If the government wants us to respect the law, it should set a better example.
'splain please?
Despite reading well-intentioned articles on anti-spam measures every week it never seems to translate into anything real. I check my Yahoo, Hotmail and Earthlink accounts and see the old spam every day, it never seems to end. The use of mail filters, blocks and reporting of spam seem to have little effect against the torrent.
I hate to admit it (and I really do), because it admits one of the greatest (and there are many) attributes of my race (the human one) that constantly inhibits progress in the true sense.
As other posters have pointed out, people buy it. Spammers wouldn't be making the money if the business weren't getting making the money, if the people weren't responding to the ads.
So what was the point of my post? The punchline:
Get to the REAL root of the problem. As Budda would suggest, all human suffering is derived from desire. As I would suggest, as the population grows (both in numbers and more importantly DIVERSITY), so will the suffering.
This diversity in human conditions also characterizes the types of suffering and fuels the diversity of desires, that in turn motivates people to deliver suffering on others in search of relieving their own suffering (most of this has to do with greed, wealth and money. What else is new).
Is there a solution? Is there a point to this? Yes. Education. Upbringing. Teaching our young to live a better way. Teaching our young to chase the dollars will always conclude in propagating all this suffering. Now all I see is the "gimme gimme gimme" generation. What the hell are we teaching them? Until we address this, we won't ever resolve this, or any other human "ailment".
This is the solution. Plain and simple. It doesn't take a genius to figure this one out. I'm not a genius. Just spend more time than the average Joe thinking about it. But if you figure this one out, EVERYTHING makes sense. You'll never need to ask why things suck.
As for MS/AOL/whoever, business is ALWAYS about agendas. And their agendas are ALWAYS about money. Anyone tell you different, please smack them some sense.
As for the gvermnint, we are now putting into law that which does not concern the law. Laws were instituted by people to prevent a minority of people that ruin it for the rest of them. Religion and philosphy (and thoughtfullness) was to prevent the majority of people who unintentionally (or intentionally with a result of guilty conscience) from ruining it. Spammers are a minority that allow the majority to ruin it for everyone. We've been slowly removing religion (I don't mean Church) and philosphy on good behavior and social conduct. Is there a correlation?
It is too late for our generation. It's probably too late for our children's generation. However, if a few of our children's generation can be educated to see the real truth and evaluate clearly, then perhaps they may be able to teach their children to begin correcting it.
To think we can correct this in any fraction of one generation is to submit to our desire to want a better place so badly, for ourselves, for our generation (more than we want for our successors), to cover our eyes and let these institutions (more precisely, a few executives that reap the profits) take us for a ride.
Remember one thing if all this is lost on you. Corporations, Institutions, gvermnint don't MAKE decisions. PEOPLE in executive positions IN THEM do. It is preposterous for the law to treat "collections of individuals" as A PERSON. That is what our laws do. And that is how our laws protect these executives.
My two dollar's worth.
"Last one in is a rotten goblin!" - Kepp
The Washington Post is carrying their own version of this story. I think it's actually a better take on the subject - more complete and evenly written; it omits the ridiculous, apocryphal, quasi-religious quotes re: the epic crisis of faith in email.
This is the only thing it could be. Trojan fucking Horse. I wanna know whats hiding inside.
Finally! The Evil Empire has thought of something truly helpful to do with the 1 trillion dollars of cash.
Well, enough spammers seem to use IIS... Maybe they could "extend" the HTTP protocol to detect whether the referring website URL was received in a spam, and use it to disable the server... :)
Until then, my little script works well enough:
#!/bin/bashI _WILL_DO_THE_SAME_TO_YOUR_WEBLOGS
COUNT=0
while [ $COUNT -lt 2000 ]; do
lynx -dump $1?YOU_FILL_MY_MAILBOX_WITH_UNSOLICITED_CRAP_AND_
let COUNT=COUNT+1
echo $COUNT
done
Note that my website includes a warning about what happens to unsolicited e-mail. Apparently, the "Order Viagra, Diet Pills & more with NO PRESCRIPTION!" people wanted to stress-test their IIS server at Beijing Telecom.
284
Please try the following:The page cannot be displayed
There are too many people accessing the Web site at this time.
* Click the [1]Refresh button, or try again later.
* Open the home page, and then look for links to the information you want.
HTTP 403.9 - Access Forbidden: Too many users are connected
Internet Information Services
Technical Information (for support personnel)
* Background:
This error can occur if the Web server is busy and cannot process your request due to heavy traffic.
* More information:
[2]Microsoft Support
References
1. javascript:location.reload()
2. http://www.microsoft.com/ContentRedirec
Poor spammer. But then again, I'm only fulfilling his wish...
Fire and Meat. Yummy.
Narrowly-defined legislation? Too bad that no matter how limited, it will find an application or loophole that will probably be served to limit free speech in an unintended fashion. Corporate culture has a record in legislation like Germany has records in peace initiatives. Does AOL really just need a little more "elbow room"?
Seriously though, do we really need a law for this written by the geniuses over at AOL-TW?
I feel better already.
More to the point, what are American laws going to do to stop the spam I get?
Most of the spam is sent from open relays in shitholes like Brazil and Japan. Most of it points to websites on hosting providers in China and Korea.
You're not gonna tell me that some ulgy fuck like Alan Ralsky isn't gonna go and simply register a company offshore?
His spamming organization can work offshore and hire another company to fulfill the orders in the USA. That way, the spammer is offshore (immune to US laws), and the company delivering the product to the gullible consumer is not doing any spamming.
My tactic is to refuse any SMTP from any third-world country. I don't know anyone in China or Korea. I accept e-mail from only USA, Canada, UK and Israel. Anything else is a third-world country. This tactic cut my spam over 50%.
Fire and Meat. Yummy.
Such as Australia?
This has to be the millionth post I've read about spam on slashdot during the past few days. Anyone else sick of it?
To avoid revinue loss from any unauthorized opting out of reading these articles, Slashdot will now start emailing every post containing the word "spam" to all members.
Fear not, everyone will still get spam. Only those using M$ OS will be able to send it or any other kind of email as far as that goes. I sure am glad M$ says it does not want to change the structure of the internet, now if only they would foreswear spamming instead of trying to own the dredful stuff.
The simple solution is to make all spam against the law and fine the senders. All other changes are suspect. M$, AOL involvement doubles reasonable fears.
Friends don't help friends install M$ junk.
CA has a new don't call list, where's the don't spam list? I am so tired of spam, I think its time for a new email protocol that prevents unwanted email. My spam filters only catch about 75% of the spam coming in. I wish mozilla could do regular expressions in their email filter. I also wish I knew how their not in address book feature worked.
Only 'flamers' flame!
Well, I don't sue AOhelL, so correct me if I'm wrong...but don't they give you the option of using the filter or not? And as far as I understand, they're blocking commercial email, not email containing words like "penis" or something. And when customers ask AOL to stop spam, it's not like AOL is "interpreting" this as a license to "censor" for spam. It's a literal directive. They're giving the consumers what they want. Now, don't get me wrong, I wouldn't use AOL if my life depended on it, but I think you're barking up the wrong tree here.
Another article on the same subject at the New York Times [Registration required].
... grumble, grumble, grumble, mutter, mutter, Millenium... Hand... Shrimp, I tol' 'em, I tol' 'em.
What really scares them is an anti-spam law with teeth.
Iff the US can get its house in order legally wrt to spam, then it becomes feasible to proposal international email agreements. Consider snail mail. For a few pennies a letter sent from Boston will make it to Hanoi. Mail is such a powerful tool it was worth creating international agreements to make it worth amazingly well. The same is true with the phone system.
The Internet appeared to have already "solved" the international communication problems through simple open RFCs. At one point we all naively thought that governments would not, should not and could not get involved with it's legislation.
However spamming is like any other antisocial behavior, and if society decides universally that we will not accept a certain behavior then we will legislate against it as we have with any other universally unacceptable behavior.
Remember countries do control the pipes. If Vietnam refused to agree to international spam laws, the rest of the world could embargo them digitally. No email in or out of Vietnam. No access to Google from Vietnam. Seems extreme, and perhaps spam will never be an extreme enough problem to warrant this. However consider the war on terrorism. International hacking attempts to bring down infrastructure in the US will probably happen, and the response to those may well be as severe as the responses to 9/11.
Clearly we need better technology as well. Answer-phones and caller-id mean that I never listen to telemarketers. Digital signatures would be an enormous step in the right direction. Email is far too easy to forge, and the fact that organizations such as banks do not sign their email is ridiculous. Digital signatures are too expensive currently to generate from such services as Hotmail and AOL, but Moore's law and/or entrepreneurs will solve this.
Centralized signing authorities will also be needed, and again this is where the government will have to step in again. Like it or not they are the common root of trust in all stable countries. It may take 10 years for these international agreements to be worked out and enforced, but like it or not the governments of the world will be involved.
I thought I was the #1 problem with the internet! Way to hit me hard guys...
Speaking at Defcon 12 - Credit Card Networks Revisted: Pen
"There is no single magic bullet in dealing with this menace," said Mr Graham. lol...yeah....its gonna take a WHOLE lot of bullets!
AOL, Microscum and Yahoo! banding together against spam? I always thought AOL, Microscum and spam were The Axis of Evil?
"By the prickling of my thumbs, something goofy this way comes.
It's all fun and games until someone loses the key to the handcuffs.
AOL is the biggest hypocrite i've ever seen. Most of the time when you sign onto AOL, they give you pop-up ads that won't let you sign on/off untill you click "no thanks!" It's like spam that you have to read! They only "fight spam" because the spam that they are fighting isn't making them any money. If they get rid of other spam, they can focus on their own more!
I find it funny that AOL and MSN are fighting e-mail based spam, when using their clients to connect to the internet pops up more spam windows than anywhere else. Hell, you have to dismiss ads on AOL just to sign off.
Not that that bothers me. I dialup through earthlink. ^_^;;
- Cloud
Screw AOL, MSN, and Yahoo! This is obviously a job for Spiderman, The Punisher, and Daredevil. ;)
/*drunk.. fix later*/
jeebuz, c'mon gimme a break, what kinda bullock is this anyways?
the gigz of spam i get everyday dont originate from abused hotmail/aol/webmailers out there.
they rather originate from fucking asian, brazil and other moronish networks and countries.
fuck them spammers bigtime.
another louzy initiative by the giants to get some press coverage.
fuck microsloth
legal solutions will not work -- too much of the internet is outside the US for any laws we pass to do much good. it might help in the short term, but the spammers will just move offshore b/c the profit will still be there.
the only way to get rid of spam is to make it unprofitable. you can either charge money for the receipt of each message (even $0.01 per msg would make spamming unprofitable), or you can require passing a turing test or performing some computationally-difficult operations.
-esme
Because spammer use forged headers they don't get the no such users bounches so it could be that your grandmother get picked a UID that was getting spam even before it existed. Kinda like getting a phone call from a bill collector for the person that had the phone number before you.
Of course it is possible that the account name was stolen or sold; I get a lot of MSN messenger spam on the new XP Machine, mostly from blockmessenger.com
Apocalypse Cancelled, Sorry, No Ticket Refunds
The three domains my company gets the most spam from are...
AOL.com
hotmail.com
Yahoo.com
Seems to me if these three companies would clean up their own free mail systems 80% of the spam problem would take care of itself. No need for federal legislation so far as I can see. Just enact policy and enforce it on your current users. Fine yourself when you fail to keep spam out.
Apple free since 1990!
IMHO
ulterior motives are at work...
if AOL was serious about stopping spam, they'd catch it on the way out. I had 4 this morning that ANY decent filter would have caught (it's at work, so I am stuck with a krap filter).
if aol/msn seek legislation, better read the fine print, cause the real meat isn't in the title/stated intent.
If more people were to use PGP and X.509 signatures, would we have this problem? In a PGP-style universe, if we only accepted e-mail from signatures that were trusted (even in a distant way), you could reasonably count on people not signing for someone else's signature if they thought that someone else was going to spam with it. And if they did it more than once, you could just blacklist the signer.
X.509 is a bit trickier, since the CA's aren't exactly picky about who they sell a certificate to. But there could always be a contractual provision in that when you sell someone a certificate, you have enough legal contact information that if they *are* using it to spam, the CA can go after them for mega-penalties.
The proposed technical standard would be aimed at identifying "good" from "bad" e-mails on any platform.
So whether you're running Win98, Win2000, or WinXP, you'll be certain to meet the technical standards! Oh, and open source need not apply: you're all terrorists and communists anyway, and obviously a part of the problem.
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?
The number of spammers is irrelevant. It's the people PAYING the spammers that cause the spam to show up. It's quite possible for the number of businesses willing to send spam to increase, the amount of spam to increase, and the number of assholes willing to send spam on behalf of those businesses to remain relatively constant or even decrease. Maybe spammers are subject to the same economic forces that favor consolidation as everyone else and in a couple years there will only be a handful of kingpin spammers who are just REALLY GOOD at it.
paintball
But there are a couple of areas where US Federal laws could do as much good as harm, if they're written carefully enough to be effective as well as doing minimal collateral damage.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Most spam arrives with forged return addresses
Forged return addresses harm the reputation of the person or entity whose address was forged
Forged return addresses are attempt to deceive filters based on "from" addresses, the most effective "opt-out" for most users of email (especially non-experts)
Forged return addresses harm the reputation of the forged email providers, making their services unattractive to legitimate users who don't want to have a "spam domain" address If using forged headers was a criminal and civil offense, and if penalties for those offenses were actively enforced, that would send a strong message to all spammers that they cannot hide behind a stolen email address. Here I do make a distinction between anonymous mail (return address is an anonymous remailing service, used with their knowledge and permission) and a forged one (an address used without authorization). You lose little by blocking remailers, but you lose a lot by blocking aol, msn, and yahoo!
There are two fundamentally different things that ISPs can do with suspected spam
- Whole-ISP solutions that refuse to let it in the door at all (e.g. blocking all mail from open relays and suspected spamhausen, or using adaptive DNS responses so known relays think you live at 127.0.0.2 and don't even bother your sendmail.)
- Per-customer solutions such as tagging or discarding suspected spam once it's in the door. This gives the customer a lot more choices, but it takes a lot more resources from the ISP, including bandwidth and CPU. The first approach lets them get rid of most of the high-volume dreck cheaply.
I'm not bothered by either of these approaches; as I said, you can pick whatever kind of ISP you like. What is more of a problem is ISPs that block incoming mail without proper error messages. If you're sending legitimate email and it gets spam-filtered and the user never sees it, that's annoying, but at minimum, anything that gets rejected by the ISP's SMTP server should get an RFC-compliant reject response so you know to try contacting the recipient again using your hotmail account or whatever.Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
One of the focus areas of the joint statement against spam by AOL, MS & Yahoo is the redesign of commercial email standards. It is critically important that the Open Source community rises to the challenge, and forms an alliance to ensure that the new measures for fighting spam are incorporated in open standards for mail delivery. It is the unofficial policy of Microsoft (see the "Halloween documents") to "enrich" open standards to combat open source software. The "war on spam" declared today is an important initiative, but poses the threat of ending the availability of open source email solutions. This could mean the end of free email if AOL, Microsoft and Yahoo are left in charge of email standards.
"repeat offenses land you in a federal pound-me-in-the-ass prison." That's a pretty disturbing visual, but you definitely are a wordsmith......... I agree completely with your solution but accountability hasn't been or ever will be a big concern for many big businesses. It's a pretty sad commentary on the current state of affairs/business in the US
I don't know what everyones' problem with spam is. Honestly. Spam sucks, sure, I understand that, but I'll say this - I've had the same Hotmail account since time was time - we're talking about Julius Caesar era here...it's damn old - how much spam does it get? Maybe 5 or 10 spam emails a week. Tops. Sometimes 0, sometimes 10 or 12...but never more.
...mmm...spam=0. It's like heaven.
I have another email address, my school account, that gets 0 spam messages. I routinely register for software, hardware, etc. etc. etc. with my school account. Spam? Zero. Zilch. I can honestly say that I have never received spam in my school account.
I have yet ANOTHER email address that I use for business. Yet again, spam=0.
I don't filter anything, I don't have junk mail settings in hotmail (and I still only get 5-10 a week, if that), I don't use rules in Outlook, etc.
Maybe being taught how to properly and safely install software (uncheck the spyware/"allow us to send you mail!" stuff!), how to correctly register for promos and rebates and the like through snail mail (write on the postcard "You may not sell this information", etc), etc. would solve all of the bitching.
Spam today = 0. Hotmail included. Most of those 5 to 10 junk emails that I receive in my hotmail account are received on Friday nights - the spammers must figure I'm actively checking my email at the "start of the typical US weekend" - sorry, but I'm usually out with the woman.
I honestly don't get what anyone's deal is with spam. Even my MOTHER only gets 5-10 spam emails a week, and she not only USES AOL but also hardly knows a damn thing about the internet and staying secure and spamfree while connected!
Education can save you, provided you allow it to.
Some german going by the name Tels has made an in-depth study of his spam levels going back to Oct. 1998. The daily graph is most interesting. In the last six months his daily total has been growing faster than his average total, indicating that he is receiving spam at an increasingly faster rate. Of course, his experience is completely anecdotal, but it does jibe nicely with what the MS-AOL-Disney folks are saying, and it provides a nice visual. If their word is to be believed, and I think it is in this case, then the problem is getting worse faster and faster. Tels' data certainly suggests that it is.
I also found a good study by the Center for Democrocy & Technology. They created several hundred email accounts and used them in ways that would reveal how spammers discover them. They found that the most common method spammers used to discover valid email addresses is eploying spiders to crawl the web for them.
This suggests a simple measure that could be immediately effective in the short run if it were widely implemented. The CDT suggests that when you would like to post your email address to a website you should post it using HTML numeric entities. Webmasters can go even further. Encode the email addresses for your users before saving them to the database or a file. This is easy to do and will, in some small part, save your patrons from email hell.
Apparently, the vast majority of email harvesters use a plain text search for parsing web pages and do not evaluate html entities. This is why the above method can only work in the short term. If websites start implementing the above method en masse, the spiders will start parsing for HTML entities and the method will no longer work. Same with human readable forms that the study mentioned.
This is why we must have legislation to deal with spam. Technical solutions just won't work effectively in an environment as open as the Internet. It will inevitably be an arms race between the spammers and the spam fighters, resulting in an internet that may be more secure, but less usable. Therefore, we must look in another direction. If our nation were to legislate effective deterrents for spammers operating in the U.S., other countries would follow suit. As it becomes increasingly difficult for spammers to hide overseas, it becomes increasingly viable to sanction governments that allow spammers to operate within their borders. Cutting them off at the net-block level also becomes increasingly viable as the number of net blocks that harbor spammers decreases.
(Score: -1, Stupid)
At a penny a hit, your script nets the spammer an extra $20.
And what about, if I accept only emails that are signed and certified by some company I trust ? With this I may easily identify sender, or just apply filter, that will reply with standart message to all senders of unsigned mails.
Bad think is, that if I dont use firm certification (paying $ for it), everyspammer can do its certificate and send again. But this depends on every single man, if he accepts or does not unsigned emails.
My phone company gets complaints every day about their crappy service. They do not care, neither does Time Warner, the Water company, the Gas company or my nuclear fueled electric utility.
All they are after is a manageable predictable cash flow.
Ever noticed how many other countries play catch-up to the US as far as media, etc?
/. article about US gov't trying to circumvent the great firewall of China, because they don't like it blocking their political messages)
How much US culture insidiously infiltrates others (see old
If the US and close-friend countries adopted such a functionality, it would eventually catch and and spread elsewhere.
Now, if only they would unite on instant messaging protocols...
What we need to do is get every system admins on Slashdot to convince their legal department to join in w/ the lawsuits. Estimate the number of spam messages your company gets per day and put a price tag on each one. Then join the fight!
Oh, see, in your original post you seemed to imply that it was AOL's customers you were afraid for. Not so, eh? You're afraid for businesses that would like to send email TO AOL customers. Right there you lose the censorship argument - AOL customers can send email to anyone they want!
So is this a business site you run? If so, I would recommend something a bit more professional. Pay the $20/year or whatever for light domain hosting. God knows I'd never do business with anyone hosting off their DSL line.
Second, a most people who run their own server from DSL are spammers. So sorry for the collateral damage, but that's life. But cutting off DSL-"servers" has cut AOL's spam bill by a lot. So I would do exactly what they do.
If you've honsestly never sent an unsolicited email from that business of yours, then I would recommend taking measures to ensure that you aren't perceived as a scumbag by people and mailservers alike.
Third, this still isn't censorship - you don't have any relationship with AOL, and they aren't required to operate their server open to anyone. That's a privilege, not a right.
Spam filtering MUST be based on the email recipient deciding how the filter will work, and not super-imposed from the ISP without consideration from the user.
Like hell. "MUST" for you to be able to spam AOL customers, but the rest of us could really give a shit. No, mail servers MUST cut off crappy and un-maintained servers because they are the most frequent source of spam, either because their owners are spammers or because (as in the far east) they don't know how to maintain their server, and the "administrators" (I use the term loosely) leave the relays open. Accepting mail from a DSL line would be like having unprotected sex with a crackwhore. You just don't do it.
When I open a spam message I can see "This the spam" link, so I can help Yahoo to update their anti-spam filters. But on some spam messages I don't see such a link. Why? Because they are Yahoo partners!
So? So Yahoo is covering spammers!
Less is more !
Is spam a pyramid scheme that will collapse once it consumes itself? What I mean is this: I suspect that nobody is actually buying this crap that is offered in spam.
I suspect the primary spammers (the ones who do the dictionary attacks) are making money by selling their lists of validated email addresses.
I suspect the secondary spammers (the ones who buy the lists) are making money from click-thru payments, or by selling targeted lists of people who have actually bought some crap.
Neither of these models seems sustainable.
The bigger they are (MSN, Yahoo, AOL, etc) the harder they're hit with brute force tactics. Two of which are very large ISPs, it makes total sense to me that spammers would see this as a goldmine, a huge cache of users. As with goldmines, it takes more work to get the goods out, but it's well worth it to their profit margins.
Never under-estimate the power of spammers.
A Penny for my thoughts? Here's my two cents. I got ripped off!
I hate spam just as much as the next guy, but I'd rather live with spam than watch GW start another 'war'. And I feel it coming. Ugh.
But who knows, maybe North Korea will be 'liberated' this time around.
Shit I know people who bitched ceaslessly about them for a decade. They won't move, never.
Tracing back from the mail server to the spammer is more the goal of Larry Lessig's proposal which Zoe Lofgren is putting into a Federal anti-spammer bounty bill. This initiative seems to be more targeted at doing something to the spammers once you've caught them, though the details aren't particularly clear.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
BSD FROM THE ASHES!!!!
No sig for you!!
FT.com does an article on spam and how bad it is. FT.com uses Exactis, a spam house to send out their own bulk mail to subscribers.
you sold your grandma's email?!!! You are dispicable.
There are two reasons why I consider charging unethical. First; who is to receive that money why and for what. Second; with the current wave of spam proxies it is not necessaraly the spammer who is paying but the victim. At this moment a victim pays for the online charges and for the nuisance. Thanks, Gerard
Of COURSE you should pre-filter your kid's e-mail. YOU should pre-filter your kid's e-mail, not MSN, AOL, or Yahoo.
Denver Isuzu Suzuki
http://www.cbc.ca/stories/2003/04/29/spam_03042
I don't think most of the spam is controllable by these 3 companies, although we do know that most AOLiens are dung-heads.
Why slashdot? Why not?