Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Next Step In Spam Filtering

Posted by CmdrTaco on from the brace-yourself-for-impact dept.

simeonbeta2 writes "Paul Graham (of "A Plan for Spam" fame) has a couple of new articles up. The first one details the success of Bayesian spam filters despite various circumvention techniques by spammers. While the success of Bayesian spam filtering is encouraging, it certainly hasn't seemed to stem the flow of spam in the last year or so. His second article, however, suggests finally taking the anti-spam battle to the spammers! Paul proposes that spam filtering packages automatically spider links contained in probable spam. Not only will this increase the accuracy of filters (by running the retrieved content through the spam filter as well) but this would effectively be a massive distributed DOS attack on spammers. This isn't a new idea nor is it without its problems but I think it's definitely an idea whose time has come."

13 of 349 comments (clear)

  1. DoS Filter Circumvention by inertia187 · · Score: 3, Insightful

    We've seen first hand how the early Bayesian filters were circumvented. Remember the images instead of text, then the HTML Entities (like A instead of the letter 'A')? The second and third generations of the Bayesian filters had to account for them. I can just see how a DoS filter would be circumvented early: redirects and browser scripts.

    If a filter spiders a spam, all the spammer needs to do is use a redirect or, for smart filters, a small page with javascript that the browser would understand, but would confuse the filter. So yes, the DoS would work at first, but the spammers would realize what was going on and adapt.

    I'm sure meta refresh tags would work in the beginning, but it's simple enough to get a filter to look for those. Eventually, a good filter will have to mimic what the browser does very closely. Maybe it'd be better to actually use a browser that the user can't see.

    --
    A programmer is a machine for converting coffee into code.
  2. Grr Spam. by Muerto · · Score: 3, Insightful

    I think we're on the right track with fining people large amounts of money for being associated with the spam. If you not only go after the people who send the spam, but the people whose products are being advertised, then I think we'll get some results.

    1. Re:Grr Spam. by NineNine · · Score: 2, Insightful

      If you not only go after the people who send the spam, but the people whose products are being advertised, then I think we'll get some results

      Um no. There are plenty of companies that have affiliate programs with thousands of members. There's no way to keep track of how each of your members are advertising. The results you'll get will be putting lots of innocent companies out of business.

    2. Re:Grr Spam. by Mannerism · · Score: 4, Insightful

      Um no. There are plenty of companies that have affiliate programs with thousands of members. There's no way to keep track of how each of your members are advertising. The results you'll get will be putting lots of innocent companies out of business.

      I think I speak for millions when I say, "too fucking bad."

      Seriously, to suggest that these companies are "innocent" is ridiculous. They're downright complicit.

      --
      Please donate your spare CPU cycles to help fight cancer and other diseases
  3. Silly by ^ · · Score: 3, Insightful

    Then all I need to do to launch a DoS attack is send a piece of spam?

  4. Could be evil. by grub · · Score: 5, Insightful


    Imagine a Joe-Job where an EvilDoer wants to knock someone else offline and sends out bogus spam with the victim's website.. Think before you jump.

    --
    Trolling is a art,
  5. Stop wrecking the Internet. by Sheetrock · · Score: 5, Insightful
    Spam alone chews up more than enough bandwidth.

    Having every recipient spider the links in the spam they get will not only make spamming inefficient, but web browsing as well. Enough with anti-spam cures that are worse than the disease -- the last almost killed SomethingAwful, and this might knock off the rest of the websites.

    --

    Try not. Do or do not, there is no try.
    -- Dr. Spock, stardate 2822-3.




    1. Re:Stop wrecking the Internet. by tessaiga · · Score: 4, Insightful
      Exactly. Whoever was responsible for writing such anti-spam software would be the first person to get hit with a massive lawsuit the first time some spammer found a way to "aim" this sort of scheme at an innocent bystander. If that bystander happens to be a big company with deep pockets, the programmer could be looking at some serious pain. Knowing that such a risk exists, it would be interesting to see if anyone would still be willing to develop such software.

      The article tries to combat false positives with blacklists. A couple of problems with this come to mind right away. The first is that centrally-maintained blacklists are easy to take offline via DDOS, as we've already seen with sites like SPEWS. The second, and IMHO more serious, problem is that this would give the blacklist maintainers huge power over the rest of the internet -- if you ever got on their bad side, or if they were just plain inefficient/not conscientious about accidentally listing innocent bystanders, your site could potentially be shut down until they felt like taking you off the blacklist, just by some spammer spoofing you. Given the poor history of responsiveness that many blacklist maintainers have shown historically, I don't think giving them more power is the answer. Bad enough not being able to send people email if you accidentally get blacklisted -- imagine not being able to get net access at all.

      --
      The bold print giveth, and the fine print taketh away ...
    2. Re:Stop wrecking the Internet. by Anonymous Coward · · Score: 1, Insightful
      I'd like to see a lawyer arguing that his client sent out a million emails containing a link, and that someone else is liable for crashing his server because everybody clicked on the link. If you didn't want people to click the link, why'd you send it?

      Multiple hits as punishment might be a bit dicey, but just hitting it once to see what's there would, I think, be easily defensible.

  6. What about... by Misch · · Score: 4, Insightful

    What about the case where the spammer puts a uniquely identifier into the URL. Sure, he may not get a sale from the clickthrough, but he gets verification that your e-mail address is good.

    Then, you get more spam.

    --

    --You will rephrase your request for me to go to hell. Goto statements are not acceptable programming constructs
    1. Re:What about... by mengel · · Score: 2, Insightful

      Acutally, no. If the spam filter is in front of the valid-recipient check on your email system, then all the spam message attempts yeild web-hits, meaning they get "verification" of lots of invalid email addresses. Soon the belief that a web hit from an email address makes it more valuable goes the way of the dodo bird...

      --
      - "History shows again and again how nature points out the folly of men" -- Blue Oyster Cult, 'Godzilla'
  7. This is a horrible idea by image · · Score: 2, Insightful

    Malicious virus and trojan authors spend a lot of time and energy writing code that can infect host machines across the internet and wait for incoming instructions to launch a DDOS attack against a target.

    And there is actually a proposal for people to voluntarily install this on their machines? And the trigger is simply an email?

    Sick of yahoo.com today? Take them down -- just spam the net with junk mail that points their site. Have a vendetta against a guy that hosts his own email over a DSL line? No problem -- you won't even need to spam that many people before their auto-crawling DDOS boxes take his server down.

    Yikes.

  8. Re:Who the hell?! by andih8u · · Score: 4, Insightful

    This woman at my wife's work got an email where they were selling Photoshop for $40. Quite the bargain, eh? So of course she went and got the director of the company's credit card # and went ahead and ordered it. Amazingly enough, five months later, Photoshop still hasn't come in the mail.

    So, in answer to your questions, stupid people make it worth while, and there's no shortage of those.

    --


    slashdot, news for crazed liberal socialist zealots