Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trustic Anti-Spam Service To Close

Posted by simoniker on from the people-can't-be-trusted? dept.

An anonymous reader writes "I recently received an email from the anti-spam service Trustic saying: "We have decided to close the Trustic service. We have determined that the system as it currently is designed will not achieve the level of accuracy that we require, and an inaccurate system is worse than no system."" We covered Trustic's anti-spam service, which billed itself as "a community-based block list that prevents untrusted servers from sending spam", as recently as a couple of weeks ago.

48 of 173 comments (clear)

  1. On blocking spam by Anonymous Coward · · Score: 5, Informative

    Say what you want about statistical anti-spam methods implemented server-side or locally, but they work. Either SpamAssassin or SpamPal do their job at above average level.

    1. Re:On blocking spam by OMEGA+Power · · Score: 5, Informative
      Either SpamAssassin or SpamPal do their job at above average level.

      Agreed, I've been using SpamAssassin and would say it averages about 2 missed spams per 1,000 messages and almost no flase positives (I don't have a exact number but I would estimate about 1 in 20,000)

    2. Re:On blocking spam by Czmyt · · Score: 2, Informative
      One trick is to use all of its features. Use its auto-whitelist feature, use its bayes filtering, use its blocklist recommendations (sign-up for spamcop.net and/or mail-abuse.org if possible), and use the collaborative spam message databases (Razor2, DCC, etc.), in addition to SpamAssassin's built-in pattern-based rules.

      I use SpamAssassin for one of my clients who lives and dies by e-mail, and it is pretty effective for them. There is an ISP who I deal with sometimes and they also use SpamAssassin. They must not have it tweaked because their scores are much lower than the scores that my client's SpamAssassin installation assigns to the same messages, so there is a lot of variation depending on how you configure its optional components.

      In order for the bayes filtering to work well, SpamAssassin needs to have a database of a few thousand messages. I am not sure how well this would work for a large ISP where their customers have such a wide range of non-spam messages, and I'm not sure that the bayes filtering scales very well to large system-wide SpamAssassin installations.

    3. Re:On blocking spam by mumblestheclown · · Score: 5, Insightful
      Shortsighted, shortsighted, shortsighted.

      Statistical anti-spam methods work NOW because they are at the bleeding edge of the spam game. Only a few of us have bayesian filters going, and so the spammers haven't caught up.

      Meanwhile, when the spammers catch on, that is to say, once enough ISPs or individuals install bayesian filters that they notice that their spam isn't getting through, they'll compensate, just like they have with EVERY other anti-spam "technology" out there. In fact, I suspect it's already happening - my SpamBayes Outlook add-in is catching less now than ever before. It still does a good job, yet, but false positives are up as are uncaught spam--all this despite 100,000+ "training" spams (I get about 700-1000 spams a day). Why? Spammers catch on. Email looks more innocuous. There are more clever tricks.

      I suggest, therefore, that statistical methods are EXACTLY THE WRONG SOLUTION in the long run, therefore, because their net effect is that SPAM will look more like regular email, thus disrupting email service in the long run even more. Yes, it makes sense for an individual on the bleeding edge like you or me to run statistical stuff, but the ultimate answer to SPAM is:

      Law, litigation, jail, and accountability.

      that's it. it works in other countries, and it could work in yours and mine too. yes, there's that sticky problem that the internet is global, but fortunately there is no government in the world that is ideologically "pro spam." At best, there are ignorant governments that can be manipulated into stupid net tricks as tuvalu and turkmenistan were with their country suffixes, but that's a temporary thing.

      SENSIBLE REGULATION OF THE NET TODAY, PLEASE.

      not big brother, not slashdot-esque slippery-slope arguments of how once a government gets their hand on anything they can't stop, just reasonable law enforcement and law. if you show a stranger's 7 year old a picture of a man sucking off a donkey in almost any city in the world, you will go to jail. Yet on the internet this happens daily and nobody is punished OR EVEN SOUGHT.

    4. Re:On blocking spam by the-build-chicken · · Score: 4, Interesting

      SENSIBLE REGULATION OF THE NET TODAY, PLEASE.

      I remember reading once that responsibility is the flip side of freedom...when you ask someone to take care of something (e.g. regulation), you give up the responsibility, and therefor have no right to complain about the loss of freedom. Because we are only free to the level that we are willing to take personal repsonsibility for our lives and the society we live in.

    5. Re:On blocking spam by MS · · Score: 2, Insightful
      You don't need to define 'spam' *.

      In the EU, privacy laws protect people's privacy by forbidding to use personal information (e-mail address included) about persons which didn't give explicit written consent to do so, or which do not already have a business-relationship with you. The privacy-laws were not written to protect against spam, but they work perfectly in stopping spam.

      If only those other countries outside Europe would also enact similar laws, spammers would all be fined into oblivion and the Internet would be a better place. But as long as countries like the US spit on peoples privacy, there's no hope.

      ms
      --
      *) there's a simple definition of spam (= unsolicited and bulk), I agree with: http://www.spamhaus.org/definition.html

    6. Re:On blocking spam by AntiOrganic · · Score: 2

      if you show a stranger's 7 year old a picture of a man sucking off a donkey in almost any city in the world, you will go to jail.

      Not to sound like a troll here, but how would your 7-year-old's email address get on the Internet in the first place without him/her violating the Children's Online Privacy Protection Act (COPPA)?

      I think you made some very valid points, though.

    7. Re:On blocking spam by grahamm · · Score: 2, Insightful

      The address does not have to have already gotten onto the internet in order for it to receive spam. Spammers use dictionary attacks etc to send to 'random' users at a domain, and if one of these happens to be that of a 7-year-old ......

    8. Re:On blocking spam by Ed+Avis · · Score: 2

      The answer is to *make it cost* to send a message. For as long as sending thousands of messages costs next to nothing, spammers will continue to do it.

      There are two reasonable ways to make it cost money to send messages. One is to charge a tiny postage fee (say one cent, or even 0.1 cents) for each message you read. The other is to demand 'payment' in terms of CPU cycles, by getting the spammer to compute something before constructing a valid message.

      Jail for spammers is one way to 'make it cost', but it would be tricky to implement, since every country in the world would need to adopt antispam laws and enforce them. I think you underestimate just how difficult this would be to arrange, and how long it would take. But requring 'payment' before reading a message can be done end-to-end, without requiring intervention by ISP or government.

      --
      -- Ed Avis ed@membled.com
  2. This is really too bad. by MrLint · · Score: 2, Interesting

    This appeared to be really one of the few spam handling i have seen in a long time with a lot of potential. Im hoping that it will comeback in a different form someday.

  3. Bad Philosophy by FortKnox · · Score: 5, Insightful

    inaccurate system is worse than no system

    I think any blocking is better than no blocking. The only 'bad' thing is false-positives. If you lower your blocking to prevernt false-positives, you still have a service that is desired even if you don't catch them all...

    --
    Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
    1. Re:Bad Philosophy by diospadre · · Score: 2, Insightful

      It's possible that by lowering the blocking that Trustic's service would block less spam than other services. Couple this with another possibility, them being unable to justify the resources to fix/improve the service to the level of quality they want, and their best bet is to make available their work to others and axe it.

    2. Re:Bad Philosophy by Anonymous Coward · · Score: 5, Funny
      I think any blocking is better than no blocking.

      Then block all mail from odd-numbered IP addresses. A full half of all spam comes from those addresses!

      The only 'bad' thing is false-positives.

      Oops!

      If you lower your blocking to prevernt false-positives, you still have a service that is desired even if you don't catch them all...

      Ah, change it to only block prime-numbered IP addresses. Much fewer false-positives, and you are still blocking some spam.

      Seriously, I'm really impressed that Trustic had the ethics to back off when they determined that the system didn't work. I hope they'll be back with a better system.

    3. Re:Bad Philosophy by kmak · · Score: 5, Funny

      I agree.

      This reminds me of a story:
      A guy was speeding along many others along a highway. He was later pulled over by a policeman. The guy cracked, "But everyone was speeding, why did you get me?" The police then asked, "Have you ever gone fishing?" "Sure.." "Have you ever caught them all?"

      --

      I'm not the devil.. just his advocate.
    4. Re:Bad Philosophy by dissy · · Score: 2, Insightful

      > I'm annoyed with spam-blocking lists because my range of IPs has been
      > blacklisted, even though I'm totally innocent.

      You are giving money to an ISP that is spam friendly.
      You are directly at fault for them being in business still.
      You are not at all innocent.

      Change ISPs. Tell your current ISP why you are changing.
      Give your money to an ISP that actually cares about the spam problem, and isnt itself the spam problem.

      The blame falls not just on the spammers, but the people that keep spammers in business.

    5. Re:Bad Philosophy by Czmyt · · Score: 2, Insightful

      Dropping your ISP is not an option when they are the only affordable high-speed Internet provider in the area. I'm guessing that the people at AOL Time Warner/Roadrunner care more about ridding their network of spammers than they care about losing a few customers who don't want to be associated with the same netblock as bunch of spammers who have already moved on. I think lists like SPEWS Level 2 give blocklists a bad name.

    6. Re:Bad Philosophy by Frymaster · · Score: 4, Insightful
      these are the ways we can stop spam:
      1. at the source: make it unprofitable for the spam to be sent in the first place. this can be done by either:
        1. fines or other state sanctions.
        2. lack of market.
        1. is faster in the short term - but as long as spam is profitable, there will be those willing to risk sanctions. 2. takes longer and is a bit pie-in-the-sky, but eliminating the market is the only permanent solution.
      2. at the tansmissionn level: get rid of those relays! if it is technically too difficult to send spam, the amount will drop accordingly.
      3. at the recipient level: this is where filtering fits. really this is just a subset of 1.1 - removing the market. if no one sees the spam because of the filter, they won't buy and spam becomes unprofitable.
      looking at this analysis, it seems that 3. is the best option because it helps acheive a lack of market and profitiablity which is the only permananent solution...

      however, an imperfect filtering system defeats this formula. consider: if a filtering system can be bypassed with some effort on behalf of the spammer then those spammers who have the kung fu to get their mail through acheive a distinct competitive advantage over their competitors. if there are 10 spammers sending you 10 messages a week, you have 100 spams. that's a lot of "noise". if you filter these spams but one spammer can get through the filter, you are only getting 10 spams. that's "good" but - and this is a big but - that spammer now has way less competition. the signal to noise ratio goes way up for that one spammer and his/her individual messages become more effective because there are no competitors in the inbox!

      the result is that imperfect filtering may put nine spammers out of business, but the one remaining will make a killing. eventually that one spammer will pick up the other nine's contracts and, boom, you're back to 100 spams. new spam agencies will rise to the new level to cash in on this profitable venture and the cycle starts all over again.

      and that's bad.

      --

      2 1337 4 u!

    7. Re:Bad Philosophy by daeviltwin · · Score: 3, Funny

      I do support Columbian death squads. So I only buy pot from Columbia.

    8. Re:Bad Philosophy by sjames · · Score: 2, Interesting

      Change ISPs

      If only it were all that simple. Some blacklists make an honest effort, others are far too broad. In cases I have seen, people have found themselves on a blacklist because:

      1. A long time ago, in a galaxy far away, a spammer used the block, but got terminated the same day
      2. ISP has strict no spam policy, but has had several spammers come onboard (and get quickly terminated), they're more than willing, and quite strict, but it's like playing whack-a-mole.
      3. A dialup bank exists in the same class C, or did at one time
      4. Someone not connected with the company once exploited a hole in a colo machine on the same class C and got some spam out. The hole is closed or the customer is gone, but the blacklist remains.
      5. A server in the same class C runs a mailing list. Some dummy signed up for it, confirmed it, then forgot all about it. Sure enough, the first mail that came out of it in a month was reported as spam.
      6. The list is one of the new breed of shakedowns and someone on the class C didn't choose to pay the 'consulting fee' to 'verify that the relay is closed' after the 'spam' was reported.
      7. The list maintainer is pissed off at someone in the same class C for completely unrelated reasons

      I WISH that blacklists were all well run and free of politics and other non-spam issues with good criteria for inclusion, but many simply aren't.

    9. Re:Bad Philosophy by Tackhead · · Score: 2, Informative
      > I'm guessing that the people at AOL Time Warner/Roadrunner care more about ridding their network of spammers than they care about losing a few customers who don't want to be associated with the same netblock as bunch of spammers who have already moved on.

      I think we'll have to agree to disagree here.

      You see, judging from the metric fuckloads of spam coming from 24.0.0.0/8, I'd guess that AOL-TW cares more about the pubic hair on Ted Turner's soap bar than ridding their network of (clueless residential broadband lusers with open proxies abused by) spammers.

      Granted that still puts them ahead of 4.0.0.0/8 (now Verizon DSL) and 12.0.0.0/8 (all of AT&T) and the sewer that Comcast calls an ISP.

  4. One can dream! by borgdows · · Score: 5, Funny

    I recently received an email from Microsoft saying:
    "We have decided to stop distributing Windows. We have determined that the system as it currently is designed will not achieve the level of reliability and security that we require, and an unreliable and insecure system is worse than a non-MS system like Linux or MacOSX."

  5. How does this rate against other filtering? by Comatose51 · · Score: 2, Insightful

    Anyone with experience with this system and the Bayesian filtering know how they rate against each other? Can one conceivably combined the two?

    --
    EvilCON - Made Famous by /.
    1. Re:How does this rate against other filtering? by Im-no-orangutan · · Score: 2, Insightful

      Sure you can combine them, as you can see here http://www.trustic.com/help/dns You could set up spam assasin (among others) to use the Trustic DNS block list.

  6. Why technology alone is not the answer by Rathian · · Score: 5, Insightful

    Personally I think it would be wonderful if technology alone could create the silver bullet and kill this annoying problem dead. But sadly as quickly as filters evolve, spammers are constantly looking for ways around them. All too often they find ways.

    Even Earthlink's vaunted SpamBlocker is not bullet proof, in spite of using it, I still get some spam that slips in through it.

    This is one of the reasons why we need some decent laws on the books so we can either force spammers to cease or prosecute the bastards.

    1. Re:Why technology alone is not the answer by Hayzeus · · Score: 4, Funny

      Hmmm. You need to mass-market your idea to the internet public at large. EMail is ideal in this regard. Our database of 500 million guaranteed fresh email addresses is sure to net you internet gold at the speed of electrons!

      --

      Roving Web-Teleoperated Robot
    2. Re:Why technology alone is not the answer by Arker · · Score: 4, Insightful

      Technology alone isn't the answer.

      Getting government involved won't help, however. You're going to kill the good and let the bad live going that road.

      Spam can be stopped, with the current technology (with 10-15 year old technology, actually) with a little social and economic help.

      Ask yourself, how do spammers make any money out of being pains in the ass?

      Mostly by scamming their employers, of course. They tell regular small business folk they'll do 'legitimate marketing' and get them to pay for it before the results of that marketing, a swarm or pissed off people who want the poor folk to die and will certainly never buy from them, appear. Those sources won't last forever, people wise up after getting burned like that.

      No, to have a stable source of income. The serious spammers are hooked up with contracts with BIG ISPs. Small ones won't work, because when we find out who they are we threaten them with the black hole and they fold quick.

      But there are a handful of really huge providers that threat doesn't work on. It's just not realistic to blackhole someone that provides backbone service, someone that has so many legitimate users you do more harm than good when you cut them off. They know that, so if a spamhaus offers them a sizeable premium they feel safe hosting them. That is the big reason that current efforts like MAPS haven't practically eliminated spam already.

      The key is to distribute the infrastructure. If there weren't any companies owning a large enough chunk of the infrastructure to fancy themselves immune to consequences, spammers would never be able to make a reliable profit and they would die out.

      --
      =-=-=-=-=-=-=-=-=-=-=-=-=-=-
      Friends don't let friends enable ecmascript.
    3. Re:Why technology alone is not the answer by letxa2000 · · Score: 2, Interesting
      Personally I think it would be wonderful if technology alone could create the silver bullet and kill this annoying problem dead. But sadly as quickly as filters evolve, spammers are constantly looking for ways around them... This is one of the reasons why we need some decent laws on the books so we can either force spammers to cease or prosecute the bastards.

      Spam filtering has always been a catch-up game in the past. However, with Bayesian filtering it seems that anti-spammers have deployed a solution proactively rather than reacting to the spammers. And, as of yet, I have yet to see any spam that has implemented any kind of countermeasures to get around Bayesian, and I'm skeptical they will be able to get around it. The few spams that get through to me get through because they happened to to use words very similar to my real email or because it's in a foreign language. No spams have gotten through because the spammer made an effort to get around Bayesian filtering.

      Nothing is 100% successful at blocking spam, and I think if 100% is the definition of a "silver bullet" we'll NEVER find it--neither with technology or through legislation. But with current Bayesian filtering catching upwards of 99.5% of spam, that's close enough to a silver bullet for me.

      I would personally approve of legislation that makes it clear that theft of services, including the unacceptable use of email services, is actionable. But I don't think legislation that specifically targets spam is going to be useful or enforced, and will probably raise more questions than it answers.

    4. Re:Why technology alone is not the answer by iabervon · · Score: 2, Interesting

      Filtering technology alone is not the answer. But an authentication scheme where the sender demonstrates the ability to use the From address would eliminate almost all of the spam that forges that information and make filtering or litigating the rest easy.

      The issue is that, while weak recipient authentication was built into SMTP, corresponding sender authentication was not; this means that everyone is always anonymous (except for name tags they write themselves), there is no accountability, and people behave badly. Trying to apply technology at the level of behavior is obviously going to be ineffective.

      Solution: add a "XM" DNS record type (MX backward), which specifies the hosts which are expected to send emails with the given return address. If a sending machine doesn't have the right XM, MX, or A record, flag the message as likely spam (if it's not spam, the sender should get the DNS updated or their mail routed better).

  7. It takes Balls to admit that you're wrong. by _Sambo · · Score: 4, Interesting

    These folks had a dream. They tried to make it work. When it became apparent that their solution was not viable, they had the honor to admit to it.

    The hope of finding a solution to spam is expressed in the final line of their current site welcome screen:
    We remain confident that the problem of spam is a solvable problem. Thank you for your help with this great experiment.

    God bless them for trying.

  8. Whitlisting alternative by Marcus+Green · · Score: 4, Interesting

    I have been using an outfit that supplies a whitelisting service (port995.com). The idea being that the first time anyone sends you an email, it gets put into a queue and they get a response asking them to reply. Once they reply they get put on the whitelist, the message goes through and all future messages pass through without further messing.

    As only a teeny tiny percentage of spammers supply genuine return addressess or read the responses the upshot in my case seems to be "new spray on no more spam"..

    Inevitably some people don't read the first response or cannot be bothered to respond, but I guess those folks didn't want to contact me that badly anyway, so I don't want to read their messages that badly.

    Marcus

    1. Re:Whitlisting alternative by grogglefroth · · Score: 5, Insightful

      The problem wtih this solution is that legitimate mail from new contacts never reaches you - because it was a machine that sent it in the first place. Bill notifications and software registration keys etc would all fall victim to this, as you will often not know ahead of time what to whitelist. The greylisting approach seems *safer* in this regard than the challenge/response systems like port995.

      --
      Good, Fast, Cheap - Pick any two. - RFC 1925
    2. Re:Whitlisting alternative by trala · · Score: 3, Interesting

      Now if they would just develop something like this for telemarketing calls...

      "Hello. You have reached my house automated answering filter service. Please leave your name and number and a brief message and I will call you back if I feel like it. Once I call you then you will be able to freely call me from this number at any time."

      --
      What fun is being "cool" if you can't wear a sombrero? (Hobbes of Calvin & Hobbes)
    3. Re:Whitlisting alternative by jonfelder · · Score: 2, Insightful

      Bzzzzt! Wrong!

      Try reading the comment again:

      "Bill notifications and software registration keys etc would all fall victim to this, as you will often not know ahead of time what to whitelist."

      The problem illustrated here is that often times you don't know what address to whitelist, and hence can't add it ahead of time.

    4. Re:Whitlisting alternative by AKnightCowboy · · Score: 2, Insightful
      The problem illustrated here is that often times you don't know what address to whitelist, and hence can't add it ahead of time.

      And before someone says "just whitelist their domain", often times messages come from a completely different domain than the one you've signed up on. Personally that pisses me off, but it's a fact of life of outsourcing I suppose.

  9. It really wasn't very accurate by sgifford · · Score: 5, Informative

    I've been doing some research about the accuracy of different spam-blocking solutions, and Trustic had a huge false-positive rate. It misidentified 8% of my personal non-spam mail as spam, including mail from my Mom (it blocked our local cable ISP completely), my aunt (it blocked some AOL MX's), my insurance company (who the hell knows why), security warnings from CERT, and the NANOG mailing list.

    It did have a good blocking rate---65%---but using a combination of other RBLs (the most optimal I found was DSBL + SpamHaus + Blitzed) it's possible to block nearly 75% of spam with only a .02% false positive rate (a single mailing list correspondent with an Argentinian ISP that has open relays was blocked).

    It really is probably best that they laid this project to rest.

    --
    My Web Page
    1. Re:It really wasn't very accurate by Hayzeus · · Score: 5, Interesting
      65%? Seems low compared to something that scans content, like spamassassin. I get around 90% blocked, with a relatively low (maybe 1% false positive after a week of tweaking on and off).

      The biggest problem spam assassin has as far as false positives appears to occur when people attach text from a commercial web page rather than a URL pointer. This invariably causes the email to get identified as spam, particularly if the page text contains any references to commerce.

      --

      Roving Web-Teleoperated Robot
    2. Re:It really wasn't very accurate by Czmyt · · Score: 2, Informative

      I had very similar results when I tried it last Friday. I ran it for about an hour before deciding that what it did block (AOL) was going to cause a lot of false positives.

  10. Just needed more customers... by Anonymous Coward · · Score: 5, Funny

    If they had only had more customers, I'm sure they could have held on longer.

    If only they had found a quick, easy, inexpensive way to solicit hundreds of thousands of new customers using the Internet they could have stayed alive!

  11. Why technology nor the law is the answer by mobileskimo · · Score: 2, Interesting

    This is one of the reasons why we need some decent laws on the books so we can either force spammers to cease or prosecute the bastards.

    This is one of the reasons why we need to get to the root of the problem so we can neuter parents to preclude them from having these children.

    Seriously, there's a problem with attitudes. What the hell happened in their childhood that promotes these people to ignore their conscience and annoy millions of people for the name of $? Once they're in their adulthood, no laws or technology will fix their behavior. Gotta fix it while its fresh in their impressionable minds.

    --
    "Last one in is a rotten goblin!" - Kepp
  12. Ironic by Root+Down · · Score: 5, Funny

    Alas, it could not even filter out their own mass email...

  13. The problem by Anonymous Coward · · Score: 3, Insightful

    Spammers flooded the system with valid adresses to ruin the system. There was no way to combat this problem.

  14. So thats why by Lemuel · · Score: 3, Insightful
    Trustic wasn't replying to my submissions anymore. Now I know why.


    While I did my part to contribute to the Trustic database, I wasn't real sure about their methods. I submitted spam messages as they requested, but I had to tell them which address to consider to be a spam gateway. The addresses above that are marked positive. I always picked the first address outside of rr.com, but for all I know the nearest Roadrunner smtp system is a spam forwarder and I should have flagged it as negative. Pooling lots of people's ignorance won't necessarily provide good information.

  15. Market For Spammers by heli0 · · Score: 4, Funny

    How about we set up a market for spammers, modeled after the Iowa Electronic Markets. Except instead of buying futures in political candidates, you buy futures in a spammer dying. If people stand to make millions from a certain spammer biting the dust then the market forces will apply themselves naturally.

    --
    Whenever the offence inspires less horror than the punishment, the rigour of penal law is obliged to give way...
  16. SpamAssassin by aclarke · · Score: 2, Interesting
    Agreed. SpamAssassin with the Bayes filtering turned on (and properly trained) is a wonderful thing. It is amazingly accurate and the other good thing is that it's not obnoxiously intrusive like IP blacklists.

    Of course, it's not exactly a trivial install for your typical Windows/Outlook user, but the fetchmail/procmail/spamassassin/IMAP combo I have running now is hard to beat for a well oraganized email system.

    --

    www.clarke.ca
  17. Because customers tend to dislike it by jobugeek · · Score: 2, Insightful

    Tell me how I am going to look at the hundreds of senders a day and verify they are OK to let through? I can't. Therefore, something needs to be there to filter it. Are filters tons better? No, but they atleast keep some of the crap out.

    --
    I'm not drunk, I just have a speech impediment. And a stomach virus. And an inner ear infection.
  18. Can be a server operators nightmare... by Sim9 · · Score: 5, Insightful

    For small server operators, getting falsely listed in a central blacklist can be a long and painful process. Inheriting a 'bad' IP address (one that was previously used for spamming, and is now recycled to a new owner) or getting banned as part of a range for the datacenter hosting you essentially blocks you permanently. Few people running these are concerned about false-positives, as everyone that tries to get themselves unlisted /must/ be a spammer. Perhaps this isn't true of the majority, but I've had horrible experiences with at least a minority.

    Mod me down if you must, but if there's going to be a central blacklist, there should be checks and balances to its system.

  19. The problem with Trustic by waynemcdougall · · Score: 2, Informative
    The problem faced by Trustic was a lack of positive recommendations. People were quick to complain about spam, but slow to make any positive recommendations.

    The effect of this was that large mail servers (eg cable gateways, etc) which let through a very small percentage of spam but s detectable quantity, would get a host of negative recommendations and the server would become untrusted.

    I don't think this was an unsolvable problem - it requires dealing with trust, and positive versus negative recommendations, and volume assessments. But it should be possible to come up with a function that would give meaningful responses even in an inherent;y untrustworthy system of recommendations, and disproportionately few positive recommendations.

    For one thing an inappropriate listing of untrusted would provoke a host of positive recommendations.

    And of course you could/should whitelist your Mum's cable based SMTP server anyway.

    There are people who want to pick up the Trustic idea (or keep Trustic going if possible), and I wish them every success and will support any such efforts.

    I think there is a place for cooperative based recommendations estabishing a trust network. It will just take time and thought to determine how to balance the positive and negative recommendations.

    What I particularly like about Trustic is that I can make recommendations based on IP address alone - if a mail server tries to send email to clearwater@codeworks.gen.nz I KNOW it is sending spam - I could reject the recipient, and report the IP without incurring the time and bandwidth of accepting the mail message.

    --
    Recycle PCs and build a wireless community network www.hillsborough.org.nz
  20. Innocent victim of anti-spam systems by Cogneato · · Score: 5, Interesting

    Over the past few months I have been through a lot fighting anti-spam ip lists, primarily relays.osirusoft.com and spews. For all those saying that false-positives are rare or not that much harm compared to the need to stop spam, I think if you were in my shoes, you would feel differently.

    The whole thing started when a spammer signed up for service at the hosting company that I have been with for several years. I have a server there with many of my clients websites on it (I am a web designer). So, the spammer purchased service at the same host as me, and happened to fall within the same IP block as I did. He was soon discovered and shut down, but the damage had already been done... spews and relays.osirusoft.com both put the ENTIRE ip block in their system.

    Think about it this way: what can the host really do? The spammers come in, pay the setup fees, get one good night of spamming in, and then move on.

    It took me several days to track down why some of my emails were not going through and who I had to contact to get removed from these lists. relays.osirusoft.com had some tools that is supposed to re-check, but it did no good... as far as I know, the thing doesn't even work.

    In reading through these two websites, the self-righteous bastards that put together these lists really don't take any responsibility for their actions. They are quick to add entire IP blocks and take weeks to remove them even after the host has contacted them to inform them that the spammer has been shut down. These anti-spam lists apply fault to the host or to the isp implementing the list, but never to themselves, while at the same time preacing the wonders of the services they provide. If they don't want to take responsibility, then they should print more warnings about the mass amounts of false-positives that actually happen.

    In addition to the anti-spam lists, the isps really need stop relying on these lists as the first defense to stopping spam. I had a chance to talk to one of them that a client of mine was going through and they told me that there was no way they could add me as a trusted ip because the anti-spam list comes in front of the exceptions list as a first line of defense. Even after we finally got removed from the anti-spam lists, many ISPs did not update their copies of the lists for weeks afterwards, causing more blocked emails even after we were off the list.

    So, after hours and hours of frustration, fielding support calls, yelling, long distance phone calls, writing emails, reading page after page of self-righteous dribble, and trying desparately to explain that I just happened to have an IP address that was a coupled dozen numbers off of that of a spammer, as far as I am concerned, the more anti-spam lists that die, the better the place the world will be.

    I hate spam. I cuss every fifth time I have to delete one (making that about 20 or 30 nasty words a day)... but the people who have really cost me the most time, money, and headaches are the anti-spam lists. Good riddance.