Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trustic Anti-Spam Service To Close

Posted by simoniker on from the people-can't-be-trusted? dept.

An anonymous reader writes "I recently received an email from the anti-spam service Trustic saying: "We have decided to close the Trustic service. We have determined that the system as it currently is designed will not achieve the level of accuracy that we require, and an inaccurate system is worse than no system."" We covered Trustic's anti-spam service, which billed itself as "a community-based block list that prevents untrusted servers from sending spam", as recently as a couple of weeks ago.

26 of 173 comments (clear)

  1. On blocking spam by Anonymous Coward · · Score: 5, Informative

    Say what you want about statistical anti-spam methods implemented server-side or locally, but they work. Either SpamAssassin or SpamPal do their job at above average level.

    1. Re:On blocking spam by OMEGA+Power · · Score: 5, Informative
      Either SpamAssassin or SpamPal do their job at above average level.

      Agreed, I've been using SpamAssassin and would say it averages about 2 missed spams per 1,000 messages and almost no flase positives (I don't have a exact number but I would estimate about 1 in 20,000)

    2. Re:On blocking spam by mumblestheclown · · Score: 5, Insightful
      Shortsighted, shortsighted, shortsighted.

      Statistical anti-spam methods work NOW because they are at the bleeding edge of the spam game. Only a few of us have bayesian filters going, and so the spammers haven't caught up.

      Meanwhile, when the spammers catch on, that is to say, once enough ISPs or individuals install bayesian filters that they notice that their spam isn't getting through, they'll compensate, just like they have with EVERY other anti-spam "technology" out there. In fact, I suspect it's already happening - my SpamBayes Outlook add-in is catching less now than ever before. It still does a good job, yet, but false positives are up as are uncaught spam--all this despite 100,000+ "training" spams (I get about 700-1000 spams a day). Why? Spammers catch on. Email looks more innocuous. There are more clever tricks.

      I suggest, therefore, that statistical methods are EXACTLY THE WRONG SOLUTION in the long run, therefore, because their net effect is that SPAM will look more like regular email, thus disrupting email service in the long run even more. Yes, it makes sense for an individual on the bleeding edge like you or me to run statistical stuff, but the ultimate answer to SPAM is:

      Law, litigation, jail, and accountability.

      that's it. it works in other countries, and it could work in yours and mine too. yes, there's that sticky problem that the internet is global, but fortunately there is no government in the world that is ideologically "pro spam." At best, there are ignorant governments that can be manipulated into stupid net tricks as tuvalu and turkmenistan were with their country suffixes, but that's a temporary thing.

      SENSIBLE REGULATION OF THE NET TODAY, PLEASE.

      not big brother, not slashdot-esque slippery-slope arguments of how once a government gets their hand on anything they can't stop, just reasonable law enforcement and law. if you show a stranger's 7 year old a picture of a man sucking off a donkey in almost any city in the world, you will go to jail. Yet on the internet this happens daily and nobody is punished OR EVEN SOUGHT.

    3. Re:On blocking spam by the-build-chicken · · Score: 4, Interesting

      SENSIBLE REGULATION OF THE NET TODAY, PLEASE.

      I remember reading once that responsibility is the flip side of freedom...when you ask someone to take care of something (e.g. regulation), you give up the responsibility, and therefor have no right to complain about the loss of freedom. Because we are only free to the level that we are willing to take personal repsonsibility for our lives and the society we live in.

  2. Bad Philosophy by FortKnox · · Score: 5, Insightful

    inaccurate system is worse than no system

    I think any blocking is better than no blocking. The only 'bad' thing is false-positives. If you lower your blocking to prevernt false-positives, you still have a service that is desired even if you don't catch them all...

    --
    Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
    1. Re:Bad Philosophy by Anonymous Coward · · Score: 5, Funny
      I think any blocking is better than no blocking.

      Then block all mail from odd-numbered IP addresses. A full half of all spam comes from those addresses!

      The only 'bad' thing is false-positives.

      Oops!

      If you lower your blocking to prevernt false-positives, you still have a service that is desired even if you don't catch them all...

      Ah, change it to only block prime-numbered IP addresses. Much fewer false-positives, and you are still blocking some spam.

      Seriously, I'm really impressed that Trustic had the ethics to back off when they determined that the system didn't work. I hope they'll be back with a better system.

    2. Re:Bad Philosophy by kmak · · Score: 5, Funny

      I agree.

      This reminds me of a story:
      A guy was speeding along many others along a highway. He was later pulled over by a policeman. The guy cracked, "But everyone was speeding, why did you get me?" The police then asked, "Have you ever gone fishing?" "Sure.." "Have you ever caught them all?"

      --

      I'm not the devil.. just his advocate.
    3. Re:Bad Philosophy by Frymaster · · Score: 4, Insightful
      these are the ways we can stop spam:
      1. at the source: make it unprofitable for the spam to be sent in the first place. this can be done by either:
        1. fines or other state sanctions.
        2. lack of market.
        1. is faster in the short term - but as long as spam is profitable, there will be those willing to risk sanctions. 2. takes longer and is a bit pie-in-the-sky, but eliminating the market is the only permanent solution.
      2. at the tansmissionn level: get rid of those relays! if it is technically too difficult to send spam, the amount will drop accordingly.
      3. at the recipient level: this is where filtering fits. really this is just a subset of 1.1 - removing the market. if no one sees the spam because of the filter, they won't buy and spam becomes unprofitable.
      looking at this analysis, it seems that 3. is the best option because it helps acheive a lack of market and profitiablity which is the only permananent solution...

      however, an imperfect filtering system defeats this formula. consider: if a filtering system can be bypassed with some effort on behalf of the spammer then those spammers who have the kung fu to get their mail through acheive a distinct competitive advantage over their competitors. if there are 10 spammers sending you 10 messages a week, you have 100 spams. that's a lot of "noise". if you filter these spams but one spammer can get through the filter, you are only getting 10 spams. that's "good" but - and this is a big but - that spammer now has way less competition. the signal to noise ratio goes way up for that one spammer and his/her individual messages become more effective because there are no competitors in the inbox!

      the result is that imperfect filtering may put nine spammers out of business, but the one remaining will make a killing. eventually that one spammer will pick up the other nine's contracts and, boom, you're back to 100 spams. new spam agencies will rise to the new level to cash in on this profitable venture and the cycle starts all over again.

      and that's bad.

      --

      2 1337 4 u!

    4. Re:Bad Philosophy by daeviltwin · · Score: 3, Funny

      I do support Columbian death squads. So I only buy pot from Columbia.

  3. One can dream! by borgdows · · Score: 5, Funny

    I recently received an email from Microsoft saying:
    "We have decided to stop distributing Windows. We have determined that the system as it currently is designed will not achieve the level of reliability and security that we require, and an unreliable and insecure system is worse than a non-MS system like Linux or MacOSX."

  4. Why technology alone is not the answer by Rathian · · Score: 5, Insightful

    Personally I think it would be wonderful if technology alone could create the silver bullet and kill this annoying problem dead. But sadly as quickly as filters evolve, spammers are constantly looking for ways around them. All too often they find ways.

    Even Earthlink's vaunted SpamBlocker is not bullet proof, in spite of using it, I still get some spam that slips in through it.

    This is one of the reasons why we need some decent laws on the books so we can either force spammers to cease or prosecute the bastards.

    1. Re:Why technology alone is not the answer by Hayzeus · · Score: 4, Funny

      Hmmm. You need to mass-market your idea to the internet public at large. EMail is ideal in this regard. Our database of 500 million guaranteed fresh email addresses is sure to net you internet gold at the speed of electrons!

      --

      Roving Web-Teleoperated Robot
    2. Re:Why technology alone is not the answer by Arker · · Score: 4, Insightful

      Technology alone isn't the answer.

      Getting government involved won't help, however. You're going to kill the good and let the bad live going that road.

      Spam can be stopped, with the current technology (with 10-15 year old technology, actually) with a little social and economic help.

      Ask yourself, how do spammers make any money out of being pains in the ass?

      Mostly by scamming their employers, of course. They tell regular small business folk they'll do 'legitimate marketing' and get them to pay for it before the results of that marketing, a swarm or pissed off people who want the poor folk to die and will certainly never buy from them, appear. Those sources won't last forever, people wise up after getting burned like that.

      No, to have a stable source of income. The serious spammers are hooked up with contracts with BIG ISPs. Small ones won't work, because when we find out who they are we threaten them with the black hole and they fold quick.

      But there are a handful of really huge providers that threat doesn't work on. It's just not realistic to blackhole someone that provides backbone service, someone that has so many legitimate users you do more harm than good when you cut them off. They know that, so if a spamhaus offers them a sizeable premium they feel safe hosting them. That is the big reason that current efforts like MAPS haven't practically eliminated spam already.

      The key is to distribute the infrastructure. If there weren't any companies owning a large enough chunk of the infrastructure to fancy themselves immune to consequences, spammers would never be able to make a reliable profit and they would die out.

      --
      =-=-=-=-=-=-=-=-=-=-=-=-=-=-
      Friends don't let friends enable ecmascript.
  5. It takes Balls to admit that you're wrong. by _Sambo · · Score: 4, Interesting

    These folks had a dream. They tried to make it work. When it became apparent that their solution was not viable, they had the honor to admit to it.

    The hope of finding a solution to spam is expressed in the final line of their current site welcome screen:
    We remain confident that the problem of spam is a solvable problem. Thank you for your help with this great experiment.

    God bless them for trying.

  6. Whitlisting alternative by Marcus+Green · · Score: 4, Interesting

    I have been using an outfit that supplies a whitelisting service (port995.com). The idea being that the first time anyone sends you an email, it gets put into a queue and they get a response asking them to reply. Once they reply they get put on the whitelist, the message goes through and all future messages pass through without further messing.

    As only a teeny tiny percentage of spammers supply genuine return addressess or read the responses the upshot in my case seems to be "new spray on no more spam"..

    Inevitably some people don't read the first response or cannot be bothered to respond, but I guess those folks didn't want to contact me that badly anyway, so I don't want to read their messages that badly.

    Marcus

    1. Re:Whitlisting alternative by grogglefroth · · Score: 5, Insightful

      The problem wtih this solution is that legitimate mail from new contacts never reaches you - because it was a machine that sent it in the first place. Bill notifications and software registration keys etc would all fall victim to this, as you will often not know ahead of time what to whitelist. The greylisting approach seems *safer* in this regard than the challenge/response systems like port995.

      --
      Good, Fast, Cheap - Pick any two. - RFC 1925
    2. Re:Whitlisting alternative by trala · · Score: 3, Interesting

      Now if they would just develop something like this for telemarketing calls...

      "Hello. You have reached my house automated answering filter service. Please leave your name and number and a brief message and I will call you back if I feel like it. Once I call you then you will be able to freely call me from this number at any time."

      --
      What fun is being "cool" if you can't wear a sombrero? (Hobbes of Calvin & Hobbes)
  7. It really wasn't very accurate by sgifford · · Score: 5, Informative

    I've been doing some research about the accuracy of different spam-blocking solutions, and Trustic had a huge false-positive rate. It misidentified 8% of my personal non-spam mail as spam, including mail from my Mom (it blocked our local cable ISP completely), my aunt (it blocked some AOL MX's), my insurance company (who the hell knows why), security warnings from CERT, and the NANOG mailing list.

    It did have a good blocking rate---65%---but using a combination of other RBLs (the most optimal I found was DSBL + SpamHaus + Blitzed) it's possible to block nearly 75% of spam with only a .02% false positive rate (a single mailing list correspondent with an Argentinian ISP that has open relays was blocked).

    It really is probably best that they laid this project to rest.

    --
    My Web Page
    1. Re:It really wasn't very accurate by Hayzeus · · Score: 5, Interesting
      65%? Seems low compared to something that scans content, like spamassassin. I get around 90% blocked, with a relatively low (maybe 1% false positive after a week of tweaking on and off).

      The biggest problem spam assassin has as far as false positives appears to occur when people attach text from a commercial web page rather than a URL pointer. This invariably causes the email to get identified as spam, particularly if the page text contains any references to commerce.

      --

      Roving Web-Teleoperated Robot
  8. Just needed more customers... by Anonymous Coward · · Score: 5, Funny

    If they had only had more customers, I'm sure they could have held on longer.

    If only they had found a quick, easy, inexpensive way to solicit hundreds of thousands of new customers using the Internet they could have stayed alive!

  9. Ironic by Root+Down · · Score: 5, Funny

    Alas, it could not even filter out their own mass email...

  10. The problem by Anonymous Coward · · Score: 3, Insightful

    Spammers flooded the system with valid adresses to ruin the system. There was no way to combat this problem.

  11. So thats why by Lemuel · · Score: 3, Insightful
    Trustic wasn't replying to my submissions anymore. Now I know why.


    While I did my part to contribute to the Trustic database, I wasn't real sure about their methods. I submitted spam messages as they requested, but I had to tell them which address to consider to be a spam gateway. The addresses above that are marked positive. I always picked the first address outside of rr.com, but for all I know the nearest Roadrunner smtp system is a spam forwarder and I should have flagged it as negative. Pooling lots of people's ignorance won't necessarily provide good information.

  12. Market For Spammers by heli0 · · Score: 4, Funny

    How about we set up a market for spammers, modeled after the Iowa Electronic Markets. Except instead of buying futures in political candidates, you buy futures in a spammer dying. If people stand to make millions from a certain spammer biting the dust then the market forces will apply themselves naturally.

    --
    Whenever the offence inspires less horror than the punishment, the rigour of penal law is obliged to give way...
  13. Can be a server operators nightmare... by Sim9 · · Score: 5, Insightful

    For small server operators, getting falsely listed in a central blacklist can be a long and painful process. Inheriting a 'bad' IP address (one that was previously used for spamming, and is now recycled to a new owner) or getting banned as part of a range for the datacenter hosting you essentially blocks you permanently. Few people running these are concerned about false-positives, as everyone that tries to get themselves unlisted /must/ be a spammer. Perhaps this isn't true of the majority, but I've had horrible experiences with at least a minority.

    Mod me down if you must, but if there's going to be a central blacklist, there should be checks and balances to its system.

  14. Innocent victim of anti-spam systems by Cogneato · · Score: 5, Interesting

    Over the past few months I have been through a lot fighting anti-spam ip lists, primarily relays.osirusoft.com and spews. For all those saying that false-positives are rare or not that much harm compared to the need to stop spam, I think if you were in my shoes, you would feel differently.

    The whole thing started when a spammer signed up for service at the hosting company that I have been with for several years. I have a server there with many of my clients websites on it (I am a web designer). So, the spammer purchased service at the same host as me, and happened to fall within the same IP block as I did. He was soon discovered and shut down, but the damage had already been done... spews and relays.osirusoft.com both put the ENTIRE ip block in their system.

    Think about it this way: what can the host really do? The spammers come in, pay the setup fees, get one good night of spamming in, and then move on.

    It took me several days to track down why some of my emails were not going through and who I had to contact to get removed from these lists. relays.osirusoft.com had some tools that is supposed to re-check, but it did no good... as far as I know, the thing doesn't even work.

    In reading through these two websites, the self-righteous bastards that put together these lists really don't take any responsibility for their actions. They are quick to add entire IP blocks and take weeks to remove them even after the host has contacted them to inform them that the spammer has been shut down. These anti-spam lists apply fault to the host or to the isp implementing the list, but never to themselves, while at the same time preacing the wonders of the services they provide. If they don't want to take responsibility, then they should print more warnings about the mass amounts of false-positives that actually happen.

    In addition to the anti-spam lists, the isps really need stop relying on these lists as the first defense to stopping spam. I had a chance to talk to one of them that a client of mine was going through and they told me that there was no way they could add me as a trusted ip because the anti-spam list comes in front of the exceptions list as a first line of defense. Even after we finally got removed from the anti-spam lists, many ISPs did not update their copies of the lists for weeks afterwards, causing more blocked emails even after we were off the list.

    So, after hours and hours of frustration, fielding support calls, yelling, long distance phone calls, writing emails, reading page after page of self-righteous dribble, and trying desparately to explain that I just happened to have an IP address that was a coupled dozen numbers off of that of a spammer, as far as I am concerned, the more anti-spam lists that die, the better the place the world will be.

    I hate spam. I cuss every fifth time I have to delete one (making that about 20 or 30 nasty words a day)... but the people who have really cost me the most time, money, and headaches are the anti-spam lists. Good riddance.