Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trustic Anti-Spam Service To Close

Posted by simoniker on from the people-can't-be-trusted? dept.

An anonymous reader writes "I recently received an email from the anti-spam service Trustic saying: "We have decided to close the Trustic service. We have determined that the system as it currently is designed will not achieve the level of accuracy that we require, and an inaccurate system is worse than no system."" We covered Trustic's anti-spam service, which billed itself as "a community-based block list that prevents untrusted servers from sending spam", as recently as a couple of weeks ago.

20 of 173 comments (clear)

  1. Bad Philosophy by FortKnox · · Score: 5, Insightful

    inaccurate system is worse than no system

    I think any blocking is better than no blocking. The only 'bad' thing is false-positives. If you lower your blocking to prevernt false-positives, you still have a service that is desired even if you don't catch them all...

    --
    Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
    1. Re:Bad Philosophy by diospadre · · Score: 2, Insightful

      It's possible that by lowering the blocking that Trustic's service would block less spam than other services. Couple this with another possibility, them being unable to justify the resources to fix/improve the service to the level of quality they want, and their best bet is to make available their work to others and axe it.

    2. Re:Bad Philosophy by dissy · · Score: 2, Insightful

      > I'm annoyed with spam-blocking lists because my range of IPs has been
      > blacklisted, even though I'm totally innocent.

      You are giving money to an ISP that is spam friendly.
      You are directly at fault for them being in business still.
      You are not at all innocent.

      Change ISPs. Tell your current ISP why you are changing.
      Give your money to an ISP that actually cares about the spam problem, and isnt itself the spam problem.

      The blame falls not just on the spammers, but the people that keep spammers in business.

    3. Re:Bad Philosophy by Czmyt · · Score: 2, Insightful

      Dropping your ISP is not an option when they are the only affordable high-speed Internet provider in the area. I'm guessing that the people at AOL Time Warner/Roadrunner care more about ridding their network of spammers than they care about losing a few customers who don't want to be associated with the same netblock as bunch of spammers who have already moved on. I think lists like SPEWS Level 2 give blocklists a bad name.

    4. Re:Bad Philosophy by Frymaster · · Score: 4, Insightful
      these are the ways we can stop spam:
      1. at the source: make it unprofitable for the spam to be sent in the first place. this can be done by either:
        1. fines or other state sanctions.
        2. lack of market.
        1. is faster in the short term - but as long as spam is profitable, there will be those willing to risk sanctions. 2. takes longer and is a bit pie-in-the-sky, but eliminating the market is the only permanent solution.
      2. at the tansmissionn level: get rid of those relays! if it is technically too difficult to send spam, the amount will drop accordingly.
      3. at the recipient level: this is where filtering fits. really this is just a subset of 1.1 - removing the market. if no one sees the spam because of the filter, they won't buy and spam becomes unprofitable.
      looking at this analysis, it seems that 3. is the best option because it helps acheive a lack of market and profitiablity which is the only permananent solution...

      however, an imperfect filtering system defeats this formula. consider: if a filtering system can be bypassed with some effort on behalf of the spammer then those spammers who have the kung fu to get their mail through acheive a distinct competitive advantage over their competitors. if there are 10 spammers sending you 10 messages a week, you have 100 spams. that's a lot of "noise". if you filter these spams but one spammer can get through the filter, you are only getting 10 spams. that's "good" but - and this is a big but - that spammer now has way less competition. the signal to noise ratio goes way up for that one spammer and his/her individual messages become more effective because there are no competitors in the inbox!

      the result is that imperfect filtering may put nine spammers out of business, but the one remaining will make a killing. eventually that one spammer will pick up the other nine's contracts and, boom, you're back to 100 spams. new spam agencies will rise to the new level to cash in on this profitable venture and the cycle starts all over again.

      and that's bad.

      --

      2 1337 4 u!

  2. How does this rate against other filtering? by Comatose51 · · Score: 2, Insightful

    Anyone with experience with this system and the Bayesian filtering know how they rate against each other? Can one conceivably combined the two?

    --
    EvilCON - Made Famous by /.
    1. Re:How does this rate against other filtering? by Im-no-orangutan · · Score: 2, Insightful

      Sure you can combine them, as you can see here http://www.trustic.com/help/dns You could set up spam assasin (among others) to use the Trustic DNS block list.

  3. Why technology alone is not the answer by Rathian · · Score: 5, Insightful

    Personally I think it would be wonderful if technology alone could create the silver bullet and kill this annoying problem dead. But sadly as quickly as filters evolve, spammers are constantly looking for ways around them. All too often they find ways.

    Even Earthlink's vaunted SpamBlocker is not bullet proof, in spite of using it, I still get some spam that slips in through it.

    This is one of the reasons why we need some decent laws on the books so we can either force spammers to cease or prosecute the bastards.

    1. Re:Why technology alone is not the answer by Arker · · Score: 4, Insightful

      Technology alone isn't the answer.

      Getting government involved won't help, however. You're going to kill the good and let the bad live going that road.

      Spam can be stopped, with the current technology (with 10-15 year old technology, actually) with a little social and economic help.

      Ask yourself, how do spammers make any money out of being pains in the ass?

      Mostly by scamming their employers, of course. They tell regular small business folk they'll do 'legitimate marketing' and get them to pay for it before the results of that marketing, a swarm or pissed off people who want the poor folk to die and will certainly never buy from them, appear. Those sources won't last forever, people wise up after getting burned like that.

      No, to have a stable source of income. The serious spammers are hooked up with contracts with BIG ISPs. Small ones won't work, because when we find out who they are we threaten them with the black hole and they fold quick.

      But there are a handful of really huge providers that threat doesn't work on. It's just not realistic to blackhole someone that provides backbone service, someone that has so many legitimate users you do more harm than good when you cut them off. They know that, so if a spamhaus offers them a sizeable premium they feel safe hosting them. That is the big reason that current efforts like MAPS haven't practically eliminated spam already.

      The key is to distribute the infrastructure. If there weren't any companies owning a large enough chunk of the infrastructure to fancy themselves immune to consequences, spammers would never be able to make a reliable profit and they would die out.

      --
      =-=-=-=-=-=-=-=-=-=-=-=-=-=-
      Friends don't let friends enable ecmascript.
  4. Re:Whitlisting alternative by grogglefroth · · Score: 5, Insightful

    The problem wtih this solution is that legitimate mail from new contacts never reaches you - because it was a machine that sent it in the first place. Bill notifications and software registration keys etc would all fall victim to this, as you will often not know ahead of time what to whitelist. The greylisting approach seems *safer* in this regard than the challenge/response systems like port995.

    --
    Good, Fast, Cheap - Pick any two. - RFC 1925
  5. The problem by Anonymous Coward · · Score: 3, Insightful

    Spammers flooded the system with valid adresses to ruin the system. There was no way to combat this problem.

  6. Re:Whitlisting alternative by jonfelder · · Score: 2, Insightful

    Bzzzzt! Wrong!

    Try reading the comment again:

    "Bill notifications and software registration keys etc would all fall victim to this, as you will often not know ahead of time what to whitelist."

    The problem illustrated here is that often times you don't know what address to whitelist, and hence can't add it ahead of time.

  7. Re:Whitlisting alternative by AKnightCowboy · · Score: 2, Insightful
    The problem illustrated here is that often times you don't know what address to whitelist, and hence can't add it ahead of time.

    And before someone says "just whitelist their domain", often times messages come from a completely different domain than the one you've signed up on. Personally that pisses me off, but it's a fact of life of outsourcing I suppose.

  8. So thats why by Lemuel · · Score: 3, Insightful
    Trustic wasn't replying to my submissions anymore. Now I know why.


    While I did my part to contribute to the Trustic database, I wasn't real sure about their methods. I submitted spam messages as they requested, but I had to tell them which address to consider to be a spam gateway. The addresses above that are marked positive. I always picked the first address outside of rr.com, but for all I know the nearest Roadrunner smtp system is a spam forwarder and I should have flagged it as negative. Pooling lots of people's ignorance won't necessarily provide good information.

  9. Because customers tend to dislike it by jobugeek · · Score: 2, Insightful

    Tell me how I am going to look at the hundreds of senders a day and verify they are OK to let through? I can't. Therefore, something needs to be there to filter it. Are filters tons better? No, but they atleast keep some of the crap out.

    --
    I'm not drunk, I just have a speech impediment. And a stomach virus. And an inner ear infection.
  10. Trustic is good by Anonymous Coward · · Score: 1, Insightful

    Trustic is a good service, The author is trying to save the world and his giving up when he feels he cannot.

    I didn't think his service was all that bad, it just needs some shaping up.

    1) Pos query was a bad idea, since all emails are trusted by default and were overriding negative trust on real spam which results in way too many false positives.

    A good solution would to create multi trust levels with a no status default query.

    Example:

    I enable trustic query on my mail server, then i login, i see all the mail servers that tried emailing me, now i look at which ones spammed me based on complaints or un-expected email i receive and set a blocking bit with the reason I think i should block this mail server with proof of an email.

    Then set a 3-day wait period on this mail server
    to see if it becomes a legit repetitive offender and then, if it received a lot of attention, and the reason's are valid, the operators block it from ever coming through.

    Right now their pretty weak but if they had a good attentive user base, they could poke mad holes in spam.

  11. Can be a server operators nightmare... by Sim9 · · Score: 5, Insightful

    For small server operators, getting falsely listed in a central blacklist can be a long and painful process. Inheriting a 'bad' IP address (one that was previously used for spamming, and is now recycled to a new owner) or getting banned as part of a range for the datacenter hosting you essentially blocks you permanently. Few people running these are concerned about false-positives, as everyone that tries to get themselves unlisted /must/ be a spammer. Perhaps this isn't true of the majority, but I've had horrible experiences with at least a minority.

    Mod me down if you must, but if there's going to be a central blacklist, there should be checks and balances to its system.

  12. Re:On blocking spam by mumblestheclown · · Score: 5, Insightful
    Shortsighted, shortsighted, shortsighted.

    Statistical anti-spam methods work NOW because they are at the bleeding edge of the spam game. Only a few of us have bayesian filters going, and so the spammers haven't caught up.

    Meanwhile, when the spammers catch on, that is to say, once enough ISPs or individuals install bayesian filters that they notice that their spam isn't getting through, they'll compensate, just like they have with EVERY other anti-spam "technology" out there. In fact, I suspect it's already happening - my SpamBayes Outlook add-in is catching less now than ever before. It still does a good job, yet, but false positives are up as are uncaught spam--all this despite 100,000+ "training" spams (I get about 700-1000 spams a day). Why? Spammers catch on. Email looks more innocuous. There are more clever tricks.

    I suggest, therefore, that statistical methods are EXACTLY THE WRONG SOLUTION in the long run, therefore, because their net effect is that SPAM will look more like regular email, thus disrupting email service in the long run even more. Yes, it makes sense for an individual on the bleeding edge like you or me to run statistical stuff, but the ultimate answer to SPAM is:

    Law, litigation, jail, and accountability.

    that's it. it works in other countries, and it could work in yours and mine too. yes, there's that sticky problem that the internet is global, but fortunately there is no government in the world that is ideologically "pro spam." At best, there are ignorant governments that can be manipulated into stupid net tricks as tuvalu and turkmenistan were with their country suffixes, but that's a temporary thing.

    SENSIBLE REGULATION OF THE NET TODAY, PLEASE.

    not big brother, not slashdot-esque slippery-slope arguments of how once a government gets their hand on anything they can't stop, just reasonable law enforcement and law. if you show a stranger's 7 year old a picture of a man sucking off a donkey in almost any city in the world, you will go to jail. Yet on the internet this happens daily and nobody is punished OR EVEN SOUGHT.

  13. Re:On blocking spam by MS · · Score: 2, Insightful
    You don't need to define 'spam' *.

    In the EU, privacy laws protect people's privacy by forbidding to use personal information (e-mail address included) about persons which didn't give explicit written consent to do so, or which do not already have a business-relationship with you. The privacy-laws were not written to protect against spam, but they work perfectly in stopping spam.

    If only those other countries outside Europe would also enact similar laws, spammers would all be fined into oblivion and the Internet would be a better place. But as long as countries like the US spit on peoples privacy, there's no hope.

    ms
    --
    *) there's a simple definition of spam (= unsolicited and bulk), I agree with: http://www.spamhaus.org/definition.html

  14. Re:On blocking spam by grahamm · · Score: 2, Insightful

    The address does not have to have already gotten onto the internet in order for it to receive spam. Spammers use dictionary attacks etc to send to 'random' users at a domain, and if one of these happens to be that of a 7-year-old ......