Slashdot Mirror
AOL, MS & Yahoo Unite On Anti-Spam Initiative
dilaudid writes "FT.com has an article about AOL, Yahoo and MS putting aside their differences to combat spam. An AOL VP is quoted as saying "Our customers are telling us it is the number one problem with the internet." Their intended response is "narrowly-defined federal legislation aimed at so-called "king-pin" spammers" who send the bulk of the mails. "
Finally! The Evil Empire has thought of something truly helpful to do with the 1 trillion dollars of cash. ;-)
;-)
I am concerned that when all of this is said and done, only users of a Microsoft OS will not receive spam.
You know your a scumbag when...
Slashdotters support AOL and MS when they attempt to stomp on you.
Between this story, the Open Internet story, spammers sueing Journalists and what not...
I may have to start a betting pool.. and maybe get some popcorn as the hilarity ensues on, "Internet Deathmatch".
-
ping -f 255.255.255.255 # if only
That this puts scumshit like Ralsky out of business... I'm getting sick and tired of receiving upwards of 100 spams a day.
2 months ago less than 50% of my incoming e-mail was spam. Now it's running 65%.
Corporatism != Free Market
Microsoft drop Windows, and decide to give all money away to Linux kernel developers.
First a free internet and now this, do they realise that they're ment to be the bad guys?
Brocklesby Park Cricket Club
... federal legislation ...
I feel better already.
Dogs and cats, living together...
[b]mass hysteria![/b]
WTF. MS et al joining together to resist fundamental changes to the internet, and AOL moving to stop SPAM.
What's next? The fall of communism?
....And we want the government to force other people to allow us to do that.
They are carriers & they could care less about spam other than the hardware demands the sheer volume of this stuff means for their investment cycle. If they could magically reduce their workload by 80% w/o losing one dime in revenue I swear they would turn out their children to do it.
AOL is currently using censorship to try to solve their problem. Their customers want the ISP to stop spam, and AOL interprets this as a license to censor incoming mail for "spamness".
It never occurred to them that perhaps the customer should decide what is and is not acceptable.
This form of spam-filtering is very dangerous - when someone else decides for you who can and can not send you email.
Did you read the article (or even the /. blurb?)
The groups said they were particularly looking for narrowly-defined federal legislation aimed at so-called "king-pin" spammers whom they believe are responsible for the largest volume and most pernicious of unwanted e-mails.
They're looking to legislate the "spam kings" to death, not block mail from them for their collective subscribers. Funny, however, that they continute to ignore "black hole" lists that are actually quite good at deleting/preventing spam.
Expensive Internet Access! Corporate Invincibility! Internet Community!
With your powers combined, I am Captain Corporate!
(chorus)
Captain Corporate,
he's our hero,
gonna take spam down to zero!
"I only speak the truth"
Karma: null(Mostly affected by an unassigned variable)
This has to be the millionth post I've read about spam on slashdot during the past few days. Anyone else sick of it?
Two stories in a row about MS doing the right thing! I think this is all part of a cunning plan. We'll soon see stories like "MS demands the DMCA is repealed", "MS releases secure OS", "MS replaces Windows EULA with GPL".
A short time later, after gaining the support of all the geeks in the world, we'll see "MS decides to take over and enslave the world", and there will no longer be any organised geek resistance to prevent this.
Its obvious, but something to note, that you need to have a yahoo/aol/msn email account to see all the benefits of this anti-spam initiative.
Nope. RTFA. It clearly says the plan includes suing the hell out of the spammers. If they can't turn a profit, everyone gets less spam.
Wait, lemme guess- that "narrowly-defined" definition of "spammer" will not include internet service providers advertising their services, nor companies the ISPs have paid to spam their subscribers?
My grandmother got porno spam within 2-3 days of her MSN "internet appliance" getting set up, and it had a very unusual account name(with numbers in it, too)- no dictionary atttack hit this one. She hadn't even figured out how to surf the web yet. Wanna guess who sold out her email address? First 3 guesses don't count.
Please help metamoderate.
Now I suppose I can expect the following in my inbox:
04/28/2003 sdogin@microsoft.com Join the fight against spam!
04/28/2003 asgasg@microsoft.com Join the fight against spam!
04/28/2003 dfjdfdsagsdg@aol.com Join the fight against spam!
etc, etc, etc.
If the number one problem with the Internet is spam, then the number two problem is all the idiots who buy products from spammers and keep them in business.
Spam will never stop. Just like junk snail-mail will never stop. The tiny percentage of below-freezing IQ's out there who fall for unsolicited "offers" are ruining it for everyone else.
Perhaps if these three got together and ran some decent television commercials which cut to the core of spam it would greatly reduce, i.e.
Would you buy questionable medications from someone who solicits you from a forged email address?
Would you consider giving your personal financial information to someone incapable of proper grammar or even good spelling?
Would you visit a site alleged to contain pr0n/child pr0n knowing your visit may be tracked?
(some percentage, like 100%) of spam is unsolicited, commits an act of trespassing, is made by people who have nothing of actual value to offer and is intent on defrauding you. Visit www.cauce.org for more information.
Sadly, these companies will trumpet how spam costs billions of dollars, but a few million on public information awareness advertising is beyond them. Hell, I don't even see anti-spam public service annoucements on MSNBC or Yahoo. Smells like more ado about nothing.
A feeling of having made the same mistake before: Deja Foobar
Great! After they've sorted out the SPAM problem maybe they can find out who the hell keeps filling my mailbox full of unwanted Internet CDs.
. . Oh.
Please read my Canon EOS tech blog at http://www.everyothershot.com
Spam can be solved very, very simply. Everyone with a brain cell knows this. People need to stfu and do it right. I'll outline the basic steps of one way to do it, there's many others equally simple and valid. Actually, in this outline I'll solve not only the problem of spam, but also the problem of adult content on the web and filtering it for children. Needless to say you can combine the two to stop porn spam too. Here goes:
1) Set a technical standard for senders to classify emails in the header fields. Say, an X-header like "X-Mail-Classification: ". Give it three legal values: "UCE", "SCE", and "Personal". UCE is Spam, SCE is when you told a company explicitly that they could spam you (you really did visit their site and give them your address for future announcements or whatever), and Personal is anything else.
2) Set a similar technical standard for rating the adultness of websites. Make an HTTP header field, call it "Content-Rating", with a range of values similar to modern cable TV ratings (first a rating like PG-13, R, etc... followed by WHY (R - Violence, X - Strong Sexual Content, etc..).
3) Pass a bill in congress making it a legal requirement that all sites and emails MUST contain these headers, unless they fall in the "best" category (by that I mean, emails which actually fall in the Personal category are not required by law to state this, and websites which would have a G rating are not requried to state this). Failure to have a rating results in fines, having an obviously false rating (porn site rated PG, etc) results in even bigger fines - repeat offenses land you in a federal pound-me-in-the-ass prison.
4) Obviously once the headers are well-defined, and prevalent because of the legal requirement, software vendors need to mod email clients and web browsers to recognize these headers, which is extremely trivial. The user can then block bad sites and trash bad emails automatically or do whatever else they wish. If something makes it through the system (unwanted porn, unwanted UCE), you've got a clear case that they failed to properly label it with headers, which violates the new law above and lands them with criminal fines.
11*43+456^2
When you get one set of institutions that pretend to work for the people fighting with another set of institutions that pretend to work for the people..
We cheer and boo both at the same time... social schizophrenia ensues..
OUCH! I HATE AND LOVE MYSELF THE GOVERNMENT AND THE CORPORATIONS!
Someone pull the ripcord!
I am concerned that when all of this is said and done, only users of a Microsoft OS will not receive spam. ;-)
:)
Doesn't that give us like 95% coverage? Sounds good to me
"Not knowing when the dawn will come, I open every door." - Emily Dickinson
The topic icons appear to work for me - have you checked your settings? There is a flag to turn these on and off IIRC.
Nope. The topic icons have disappeared for me as well, and the 'No icons' option in my preferences is unchecked. This wreaks of yet more 'live' SLASH development.
== Jez ==
Do you miss Firefox? Try Pale Moon.
* Use existing laws: I am sure there is more than enough laws already on the books that cover "fraudulant and egregious methods to disguise and misrepresent". We don't need laws specific to spam we should use generic laws that cover communications fraud.
* Go after those that hire spammers too. If I contract someone to perform a service and I know their methods are not legal then I should be held liable too.
* Don't depend on laws to fix everything. Fix the system!
Keep the Classic Slashdot.
I do realize everyone's SPAM is at insane levels and SPAM has gone up in the last 3 quarters. That said, I have very intelligently and precisely made my 15 free filters and none of them work on Yahoo mail. Middle of last year, I decided to chunk down the money for the premium email account. I used up the free 35 extra filters pretty quick.
It is my opinion that Yahoo allows junk mail, in fact, dumps it heavily on it's customers so that they will buy a premium service.
Yell & scream & rant & rave... it's no use... you need a shaaaave ~ Bugs Bunny
The spammers will claim they all fit in the personal communications requested by the recipient, and are not required to fill in all that rigamarole.
And you're right back where you started from.
No, the solution is to inform people that
a) Your body parts aren't going to get bigger (bellies excluded)
b) You really don't want to trust your finances -- even credit bailouts -- to people who'd SPAM you
c) There are no dignitaries in Nigeria that have millions of dollars they need to launder into the US, and if they did, you'd be arrested
d) There's no need to pay for porn. Go out into the big blue room and you could find someone real. Besides, there's enough free internet porn, just look.
You get SPAM because it works. People buy this crap. If they didn't, the spammers would stop.
Design for Use, not Construction!
I just delete spam before reading my e-mail. Spam isn't that hard to detect.
/dev/random. :-)
Re:your request From: acv235fv@hotmail.com SPAM!
refinance lowest rates From: bob33010@aol.com SPAM!
If everyone just ignores them and doesn't buy anything from the spammers, then it will dry up. Another favorite is to find their real e-mail address, usually from their form, or their link, and e-mail them 2.5MB from
I want my rights back. I was actually using them when our government stole them after 9/11.
Don't let them fool you. This is not for the customer. This is so AOL, MSN, and Yahoo can save on bandwidth costs.
Has anyone here REALLY considered not using e-mail ever again because of spam? Does anyone here REALLY believe spam is going to put an end to electronic communication?
Forbidding certain companies from sending out mass e-mails could mean your mailing list is next. I am just as annoyed by spam as the next person (well, maybe not, since I seem to get a lot less than some people here complain about), but charging for or forbidding bulk e-mails will put a cramp in more peoples' style than just the spammers.
Denver Isuzu Suzuki
If you're interested in countering spam, please check these out:
- David A. Wheeler (see my Secure Programming HOWTO)
The obvious problem here is that you're a social recluse and have not been increasing the number and quality of your relationships to keep pace with the number of people who want to sell you stuff. If you had, the percentage of your email that is spam would have remained the same or perhaps even decreased.
Don't blame the spammers. Leave the house more.
paintball
This is kind of funny, the parallels between the spam wars and the so-called drug wars. I call say this because it is more appropriately labeled "war on some drugs." But that's another rant.
But isn't it interesting that they (meaning AOL et al) are going after the big offenders and not, say, THEMSELVES? After all, they are analagous to the street-level pushers of the spam. The big spammers ("kingpins") are the ones who create the spam and are the nexus for it's origin. The product is then filtered down until it reaches the local ISP of the client/user and finally handed to the target -- the customer.
You might object and say, "the difference between drugs and spam at this level is quite sharp because drug users want the drug. Spam receiptients do not." Well SOMEONE is buying. Spammers don't spam because they think their literature amounts to avant garde exercises in promotional haiku. They spam because someone pays them to. And someone pays them to because someone is buying. In other words, every nickel they spend on spam comes back to them dressed up as a dime. It's as simple as that. The only real difference between the two analogies when you consider it is that spam is less visible because of the inherant privacy and legality of spam. That's all. You still have a product, you still have a buyer and you still have a larger community that must deal with the fallout of that activity.
However, this is the point at which the analogy breaks.
The community normally goes after the street-level dealers and the users. Of course the dealers have little to lose because they're poor to begin with and there will always be someone to deal. Always. And users/buyers are always going to use/buy. So go after the source, right? This makes sense, right?
So why are over half (55%) of all federal prisoners drug offenders?
This would be like Microsoft and AOL suing themselves half to death and prosecuting the recipients of the email when they purchased wares sold by spam. Never mind the fact that buying after seeing a spam isn't illegal. That's not the point. The point is that even if it were, it is an obviously flawed and ineffective model. It just doesn't work.
My
Limekiller
One thing that the big ISPs could do is exert technical pressure to help deny spammers the ability to hide. I would love to see them reject all mail in which the HELO greeting is not fully qualified and resolvable (as required by the RFCs). Same thing everywhere else a domain appears in an SMTP conversation. This would force a mass cleanup of incorrectly configured mailservers and I would be able once again to include that as a requirement on my server.
Although perhaps exceeding the requirements of the RFCs, they might also consider refusing mail if the HELO/EHLO does not resolve back to the connecting IP.
In addition, they could publish via DNS info records or ?? the IPs of all their outbound mail servers (no MX won't work - that's only for inbound mail). It would be great to be able to bounce all mail "from" someone at yahoo/hotmail/aol/etc. unless the connection came from a mailserver associated with that email address (sure, for some people the mail may have been legitimately relayed before arriving at their site but that has never been the case for my servers).
~~~~~~~
"You are not remembered for doing what is expected of you." - Atul Chitnis
Come on!!!
There is spam because the system is insecure. Force AUTH based SMTP and use SSL.
Use RBL's, SpamCop and Spews to blacklist people who don't want to grow up and be secure! Big ISP's should do this, Cable & DSL providers should do this.
With wireless tech i can login to anyways network and spam away as long as i'm behind an IP address allowed by there servers.
Its LONG overdue! Use our preventative technologies to enforce some decisions for the better of the network, not the perogatives of a select few!!!!!
Who are you trying to kid? When was the last time the government passed any restriction law that was narrow and stayed narrow? Invariably someone will find a reason to broaden the scope. It's a slippery slope to being forced to get an SMTP license.
The best way to fight spam is to enforce the existing criminal laws. Spam is almost universally fraudulent at best, if not outright criminal behavior.
It's also the easit to pursue, since the money trail *will* lead to people responsible for the spam being sent and its the easiest trail to follow. I don't believe that SPAM is necessarily trackable, especially if it involves hijacked or cracked mail systems.
As the costs for this goes up, the slippery-slope endgame will be that email addresses are registered (like DNS), and mail servers and intermediate systems will have to reject email with unknown endpoints. Actually, this could be cool in a carbomite maneuver sort of way - all 'illegal' email is directed back to the sender along with an additional message saying why it was rejected.
On a personal note, I have a problem with my ISP right now where spam actually chokes my inbound download (because of invalid headers, etc.), so I have to use POP3 Scan Mailbox to roto-rooter the queue before all my mail can download. Major pita. But, I'm hoping to make mods to Thunderbird to allow me to do this in one swell foop, as it were.
"Stop whining!" - Arnold, as Mr. Kimble
Big-time spammers get their money up front from the spamvertiser, not piecemeal from individual suckers. If nobody falls for whichever scam is being promoted, that's just too bad for the spamvertiser -- the spammer has the money, and rigorously follows the First Law of Acquisition.
Yes, individual spamvertisers will give up if they get burned often enough, but there are always new sleaze artists to take their place.
/. If the government wants us to respect the law, it should set a better example.
Finally! The Evil Empire has thought of something truly helpful to do with the 1 trillion dollars of cash.
Well, enough spammers seem to use IIS... Maybe they could "extend" the HTTP protocol to detect whether the referring website URL was received in a spam, and use it to disable the server... :)
Until then, my little script works well enough:
#!/bin/bashI _WILL_DO_THE_SAME_TO_YOUR_WEBLOGS
COUNT=0
while [ $COUNT -lt 2000 ]; do
lynx -dump $1?YOU_FILL_MY_MAILBOX_WITH_UNSOLICITED_CRAP_AND_
let COUNT=COUNT+1
echo $COUNT
done
Note that my website includes a warning about what happens to unsolicited e-mail. Apparently, the "Order Viagra, Diet Pills & more with NO PRESCRIPTION!" people wanted to stress-test their IIS server at Beijing Telecom.
284
Please try the following:The page cannot be displayed
There are too many people accessing the Web site at this time.
* Click the [1]Refresh button, or try again later.
* Open the home page, and then look for links to the information you want.
HTTP 403.9 - Access Forbidden: Too many users are connected
Internet Information Services
Technical Information (for support personnel)
* Background:
This error can occur if the Web server is busy and cannot process your request due to heavy traffic.
* More information:
[2]Microsoft Support
References
1. javascript:location.reload()
2. http://www.microsoft.com/ContentRedirec
Poor spammer. But then again, I'm only fulfilling his wish...
Fire and Meat. Yummy.
That seems hard to believe. If you have domain names registered with your email address, you'll get spam. If your email has been around more than a few years, you'll get spam.
My email has been active since 1994 and while I don't plaster it everywhere I don't make huge efforts to hide it since I feel that being able to send me email is what my email address is for. I get about 100 per day, although with my Bayesian filter now operating I only see one every couple of days.
I find it hilarious that MS and AOL is bitching about spam, their open relays enable most of it. My spam originates from MSN, sHotMail, AOL, Yahoo,
Me thinks you don't know much about spam. Most spam doesn't originate or go through MSN or Hotmail, they just claim to originate there so people like you are fooled into believing that MSN and Hotmail are the cause of the problem.
I feel better already.
More to the point, what are American laws going to do to stop the spam I get?
Most of the spam is sent from open relays in shitholes like Brazil and Japan. Most of it points to websites on hosting providers in China and Korea.
You're not gonna tell me that some ulgy fuck like Alan Ralsky isn't gonna go and simply register a company offshore?
His spamming organization can work offshore and hire another company to fulfill the orders in the USA. That way, the spammer is offshore (immune to US laws), and the company delivering the product to the gullible consumer is not doing any spamming.
My tactic is to refuse any SMTP from any third-world country. I don't know anyone in China or Korea. I accept e-mail from only USA, Canada, UK and Israel. Anything else is a third-world country. This tactic cut my spam over 50%.
Fire and Meat. Yummy.
Well, I don't sue AOhelL, so correct me if I'm wrong...but don't they give you the option of using the filter or not? And as far as I understand, they're blocking commercial email, not email containing words like "penis" or something. And when customers ask AOL to stop spam, it's not like AOL is "interpreting" this as a license to "censor" for spam. It's a literal directive. They're giving the consumers what they want. Now, don't get me wrong, I wouldn't use AOL if my life depended on it, but I think you're barking up the wrong tree here.
What really scares them is an anti-spam law with teeth.
AOL, Microscum and Yahoo! banding together against spam? I always thought AOL, Microscum and spam were The Axis of Evil?
"By the prickling of my thumbs, something goofy this way comes.
It's all fun and games until someone loses the key to the handcuffs.
Screw AOL, MSN, and Yahoo! This is obviously a job for Spiderman, The Punisher, and Daredevil. ;)
/*drunk.. fix later*/
IMHO
ulterior motives are at work...
if AOL was serious about stopping spam, they'd catch it on the way out. I had 4 this morning that ANY decent filter would have caught (it's at work, so I am stuck with a krap filter).
if aol/msn seek legislation, better read the fine print, cause the real meat isn't in the title/stated intent.
The proposed technical standard would be aimed at identifying "good" from "bad" e-mails on any platform.
So whether you're running Win98, Win2000, or WinXP, you'll be certain to meet the technical standards! Oh, and open source need not apply: you're all terrorists and communists anyway, and obviously a part of the problem.
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?
There are two fundamentally different things that ISPs can do with suspected spam
- Whole-ISP solutions that refuse to let it in the door at all (e.g. blocking all mail from open relays and suspected spamhausen, or using adaptive DNS responses so known relays think you live at 127.0.0.2 and don't even bother your sendmail.)
- Per-customer solutions such as tagging or discarding suspected spam once it's in the door. This gives the customer a lot more choices, but it takes a lot more resources from the ISP, including bandwidth and CPU. The first approach lets them get rid of most of the high-volume dreck cheaply.
I'm not bothered by either of these approaches; as I said, you can pick whatever kind of ISP you like. What is more of a problem is ISPs that block incoming mail without proper error messages. If you're sending legitimate email and it gets spam-filtered and the user never sees it, that's annoying, but at minimum, anything that gets rejected by the ISP's SMTP server should get an RFC-compliant reject response so you know to try contacting the recipient again using your hotmail account or whatever.Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
One of the focus areas of the joint statement against spam by AOL, MS & Yahoo is the redesign of commercial email standards. It is critically important that the Open Source community rises to the challenge, and forms an alliance to ensure that the new measures for fighting spam are incorporated in open standards for mail delivery. It is the unofficial policy of Microsoft (see the "Halloween documents") to "enrich" open standards to combat open source software. The "war on spam" declared today is an important initiative, but poses the threat of ending the availability of open source email solutions. This could mean the end of free email if AOL, Microsoft and Yahoo are left in charge of email standards.
At a penny a hit, your script nets the spammer an extra $20.