Slashdot Mirror
You've Got Spam: AOL Blocks 1/2 Trillion Spam
yohaas writes "Yahoo! News is reporting that AOL blocked more than 500 billion spam messages for its users in 2003. That comes to 40 messages a day per user. The company regularly blocks 75-80% of all incoming mail as spam! The article also lists the top 10 spam phrases for the year, including such come-ons as: 'Viagra online', 'Online pharmacy', 'Get out of debt' and 'Get bigger'."
AOL has been losing email for over a decade now.
(is this another dupe story?)
Is this truly the only Earth I can live on?
It's been suggested in nanae that as a brutal display of the efficacy of spam-fighting and, most importantly, blocklisting, major ISPs all simultaenously turn off their spam defenses for a day to show users just how much UCE spew is clogging the internet every day.
Of course, the idea is repeatedly turned down for its utter lack of pragmatism.
But damn, 500 billion spams, and that's only to AOL.
Just imagine.
The instant clogging of mail-servers around the world and subsequent technological disruption might actually get the general computer-using public to take more of an interest in the fact that around 200 gangs of people are effectively raping and pillaging the Internet right under their eyes.
But then again, what can one do when faced with the Tragedy of the Commons?
Now if they'd only block going outbound too!
I know AOL bashing is a treasured hobby of many Slashdotters, but based on those numbers it seems that they're doing a fairly good job at blocking spam. Especially since they're a huge ISP who has to be conservative with their spam blocking techniques.
. . . to make a crack about the Post Office blocking the shipment of trillions of AOL CDs. I prefer to work for my karma. :)
Instead of sending the mails to the bitbucket AOL should do something about the abuse. They've got the IP addresses of half a trillian zombies and open proxies. Where's the AOL goon squad? They should be kicking down doors, not writing press releases.
I hate Paris Hilton a lot. She is now around 70% of my spam which is currently at about 20 a day. I use spamassassin though and I don't see spam unless I go to my spam folder. I'm at 100% accuracy for positives, negatives. I love bayes and AWL.
Chris
I can almost gurantee that about 95% of all AOL users will be thrilled. I'm a supervisor for a broadband services department and we often get customer's who switch from AOL only to find that spam/pop-ups/porn/etc on the unfiltered internet is so anonying that they want to go back to AOL immediately. Those people love to have their hand held through everything and want AOL to protect them from the internet. Almost anyone that actually uses net send probably isn't on AOL, they have a true ISP.
Karma karma karma karma karma chameleon, you come and go, you come and go.
if they block 500 billion spam messages if a couple trillion spams are sent around in a year? Despite how large that number sounds, I still see client AOL inboxes stuffed with all sorts of junk, and see this more as a publicity stunt on AOL's part. I read the article, and no where in it does it say how much spam total there was in 2003. 500 billion may sound impressive by itself, but if it's 500 billion blocked out of 50 trillion, it's not such a big deal.
They may block a lot of garbage, but they also refuse to admit that my email to my mother is not spam.
Maybe there is something she's not telling me.
Mom!
If you think deeply enough, you will have no single direction for your outrage.
They bounce back ALL mail to addresses that don't exist, and if some spammer users YOUR domain or YOUR email address, you get all the bounces. They also don't respond when you try to get them to stop. It's incredibly frustrating.
I think the phrase "stop spam now" should be added to the list of top 10 spam phrases.
seriously, I get 5-10 spam email / day telling me how to stop receiving spam emails.
Consensus is good, but informed dictatorship is better
I just took a gander at my logs on my postfix-amavisd-spamassassin front ends for one of my smaller ISP's and after doing the math, it's blocking ~36 spam/user/day on average (with spamassassin only blocking at score 9+). It doesn't surprise me that AOL is getting somewhere around ~40spam/user/day as it is more widely visible and the userbase as a whole is generally a lot more likely to do things that would encourage spammers . . .
that was nowhere near 581%.
HOW'S MY POSTING? CALL 1-800-POSTING
When they started blocking "unknown relays" they dropped a pile of legitimate email
comment directly in my journal
It has nothing to offer me since I work from home using my degree (obtained online) in pharmaceuticals. I have a huge cock, am quite rich, get my insurance for free and own my home outright. I do have to use viagra occasionally because it is sometimes hard to get it up for some good Oprah XXX action but I can get it through the pharmacy which I run online.
AOL blocks a lot of legitimate email as well, however. If you prefer to run your own email server (for example, about half of all the Linux broadband users on Slashdot) then you cannot send to an AOL user... same goes for SWBell users too I think. Sure they block a lot of email and I can kinda understand their purpose in blocking "dynamic" or "residential" IPs... but that is collateral damage.
If they're blocking that much spam, makes me wonder how much of the mail that was NOT spam is being blocked. Maybe AOL users are not getting all the email they should be getting.
On the other hand, I get spam from AOL and they dont seem to be doing anything about it, maybe they should be concetrating on blocking their outgoing spam too.
In 2003 Spamprobe blocked just over 12000 on my personal domain, which is low compared to many others.
If tits were wings it'd be flying around.
I'm not sure if it has to do with the new United States anti-spam law or not, but I have received the same amount of spam in 48 hours as I would have in 12 hours in 2003. About 45 emails.
Of that half trillion emails, I wonder how many of them originated inside aol itself.
All those 1000 hour free CDs being put to use in the wrong hands...
=9,765.6 petabytes [I guessed at the average size of a spam email]
I wonder how much that costs AOL?
failed to mention that 250 billion of the spam messages came from aol...
Cynicism is an unpleasant way of saying the truth. Lillian Hellman (1905 - 1984), The Little Foxes, 1939
Hey. I get a fair amount of spam, but I am not afraid. It is all filtered. You can see some recent ones at drpa.us/spam.html. Try to send me an email, and check if it gets through! You can also see a plot of my daily spam frequency for the last 400 days or so at drpa.us/spam0.jpg. Advice to all: start saving all your spam and good mail in separate folders. The more you save, the easier it is for a smart filter to automatically identify them. And many thanks to Paul Graham for teaching us all the Bayesian solution (we just need to listen).
iiNet is one of the largest ISPs in Australia (third or fourth now, I think). I got an advisory yesterday saying AOL and RR had both blocked all inbound mail from iinet as 'spam' They can crow about 500 billion mails all they like, but if a lot of it involves turning off mail from whole slabs of legitimate users, then it's not much of a service. The other thing is, if spammers are using trojans to create spam relays, then it's a bit hard to blame a particular ISP if a bunch of their users have been infected with this stuff. iiNet has a policy of advising users when they appear to be infected, they're cluey people too, they run everything on Debian as far as I can tell, and they have local mirrors for many Linux distros etc. I guess what I'm saying is that if you're going to block an ISP's mail you'd start with clueless behemoths who don't give a damn. Anyway, they appear to have a work-around in place, but RR is still blocking. Simon
Hal Spacejock: Science Fiction with Nuts
A less deceptive way of phrasing it is that AOL has blocked 500 billion emails from reaching the intended recipients. I doubt very much that this figure takes into account the ridiculous rate of false positives that AOL's rather loose definition of "spam" results in.
what're you gonna do? Seriously, hasn't anyone noticed that the spam is comming mostly from countries that have a technology infrastruction combined with lots of really poor people (China, India, etc.)? In a lot of those countries life is harsh. It's no wonder people turn to rather unpleasant means to better their standard of living. Sure spamming sucks, but it beats the hell out of 16 hrs/day making Nike shoes in a sweatshop. If you want spam to go away, do something about the general standard of living in the rest of the world. There are just too many desparate people around right now.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
They block email from all sorts of people (read FRIENDS) that are mailing from some ISP that RR has a woody for. I think RR is doing it just to strongarm the little ISP's into folding. As those users get blocked, they get pissed and drop that ISP. The BIG ISP's are forcing the little ISP's out of business by exclusion.
I'm pissed at RR over it and emailed them but they say "too bad, your friends need to contact their ISP and have their ISP stop violating OUR policies. Either that or they can switch ISP's"
What bullshit...
I don't need a baby sitter. Stop blocking email to my account and quit virus scanning my email.
Hell, I would be thrilled to get some viruses sent to me so I could LAUGH MY LINUX USING ASS OFF!
Damn I hate this nanny mentality and these pathic people that wring their hands "Oh woe is me, what shall I do about all this spam?" and beg someone for a solution because they are too damn stupid to deal with it themselves.
MOST people in the world have no business using computers. That AOL exists is proof of that.
The proxypot operators who are also capturing spam that would have been deliverable to AOL addresses but didn't. I ran a proxypot for a couple of months, back about July-August 2003. I trapped *gigabytes* of spam that would have gotten to AOl users, almost exclusively in some instances, most of it from Internet Video Networks hosted on C&W's sewer network. I took it down after posting too many messages to nanae and had it identified by spammers and no longer used. It's comin' nigh up on getting it back up and on the network. I'm gonna *cash in*, PRAISE "BOB"!
...bought the Post Office.
With those stacks of AOL disks laying around and the Post lady bringing you one every week, I thought it was obvious.
"That comes to 40 messages a day per user" Wow, anyone who gets 40 spam emails a day must not be very smart. Or their friends must not be very smart and put peoples names on those "Tell your freinds" things (You know, you see a short clip or something and it has like 10 slots underneath for friends e-mail address') If anybody gets a lot of spam, it is usually their fault. I get on average 2 spam emails per day (The most i have gotten in a long time is about 5), and i dont even use any sort of spam blocker/filter. For those of you who get mass spam, here is a hint. For things where you have to enter your e-mail address (Aside from shopping from legit sites or other highly legitimate things), but you dont have any use for mail from them, enter the address of a secondary account you set up for that purpose. That way, if there is confirmation required, you can sign on your secondary account, do any verification required, and never have to read any other spam you may get from that company and/or any companies that may buy your address from the original company.
Perhaps it just demonstrates how ineffective laws are around this issue. One, the feds decide to nullify a rather decent law with their CAN-SPAM abortion, and two, the laws in VA that could have been used aren't employed. Wasn't it worth it to drop criminal complaints on the 100 or so worst offenders?
I'd have been happier if there was a PS. on that story that AOL had referred the lot for criminal prosecution. But I suppose it's a little hard to bring Chinese and Brazilian spammers to justice in Virginia or in the US. Maybe we could get DOD to serve warrants and do the extraditions...
Until we replace SMTP, I don't know why we should expect any different...
While were talking spam, has anyone else noticed a considerable improvement in Hotmail's handling of it? Is Hotmail's "Report Junk Email" option similar to community based spam fighting technologies like Spamnet?
Here is the obligatory reference to my spammeter. It is definitely growing, although, interestingly enough there appears to be a drop from a peak in mid-december. Don't know if this can be attributed to recent anti-spam efforts by the governments, more likely it's just the spammers taking christmas vacations....
The fact that AOL blocks 500 million spam messages is kind of ironic considering that some of the most intrusive junk mail I get at home is those damn AOL cd's!
Money not found! A)bort, R)etry, D)eclare Bankruptcy
And how did they manage to block so many? Simple, they don't give a damn about generating false positives. I know several people who've tried emailing friends who use AOL, only to have the message bounced based solely on the senders domain. And these aren't spamhausen they're sending from, they all use major, reputable ISPs. As an added bonus, blocking all that legitimate email just increases the amount of 'spam' they supposedly blocked, thus giving them better numbers for their ad campaigns. Typical AOL... Shittiest service and best advertising in the business. The perfect way to stay afloat by milking the uneducated.
Spam is like phone solicitation and junk mail. If it didn't work they wouldn't do it. The only real way to perminately stop it is to encourage everyone to not respond. If no one responded it would dry up overnight. Unfortunately there is a percentage that are gullible so we all pay the price. I've encouraged people for years to hang up on phone solicitors. The same must be done with spammers. There really needs to be a grass roots movement to educate people to avoid junk mail of all forms. Personally I boycote products that send junk mail and spam. I also try to avoid sites that use multiple pop-ups. If it starts costing them business they'll stop. If they loose ten customers for everyone they gain the junk mail/e-mail will vanish.
Spammers increased their spam by 500 billion
Note: I did some thinking earlier on spam, and I figured I would post this the next time slashdot does a story on spam... You can find a link to this at:
http://sillygoth.com/journal/21669
This is my writing... I just want some feedback on it from the slashdot crowd.
Okay...
One of the things that I've been tired of recently is dealing with lots and lots of spam in my inbox. I've become even more tired of hearing about how there's a lack of solutions for dealing with it. It's one of the things that slashdot has been endlessly parading about.
To me, the primarily problem with spam is that emails are too easily spoofable. Solve this, and spam will become *much* more managable.
So, what technology is there right now that deals with certifying legitimacy?
Digital Certificates!
When you go to a site that's protected with https, the owners of the site usually have to get a certificate from a trusted source (Verisign, Thawte, etc) signifying that the site is legitimate (so that you don't end up giving credit card information to someone fronting for that company).
You actually *can* get a digital certificate for your email, but it costs money. Plus, to make something like that mandatory, each user would have to set up a certificate individually. Evil.
Why not move authentication to the domain itself? When accounts are setup on a user's machine, create an RSA public / private key per account. Simple enough.
When a user sends an email, force this user to relay the email through the mail server rather than directly from his/her computer. Force the user to authenticate their email / password to send the message. Some servers already force this, I believe.
When the user authenticates him/herself, encode a confirmation id using some elements of the email (first xx characters of message, subject, date, etc) using the RSA private key and attach it to the message.
Here's what should change with the receiving server... When a mail server receives the message, the mail server should initiate a separate connection that looks up the domain's MX server, and communicates with it.
This MX server should then provide the RSA public key for the account listed. The public key will then be used to decrypt the stamp that the MX server included with the message. If the stamp is legitimate, deliver the message to the inbox.
If a stamp is not legitimate, or there's no stamp, simply don't deliver the message. Simple enough.
This method has its series of strengths:
There would be absolutely no point in spammers taking over people's machines with viruses in order to send email if email must be sent through a qualified mail server. It's possible that worms could be written to auto-send messages through these relays, but at least then the mail server could detect it and shut the person out.
If mail sent is authenticated from a domain, people would then have the option to blacklist domains that aren't responsible for keeping tabs on its users.
Mail *will* come from where it says it's coming from. If not from the exact user on the domain, it'll come from that particular machine.
Of course, there are possible weaknesses to this strategy too.
If the mail server is hacked, hackers would be able to still send mail from it using the private key. Fortunately, they would only be able to send from email addresses listed under domains they own.
Spam software like SpamCop / Spamassassin / etc would be able to keep tabs on servers that exhibit hacked behavior, and temporarily blacklist these servers until resolved.
This doesn't necessarily stop users with legitimate email addresses from sending spam. Someone with a legitimate email address can still be spammed.
But at least when you block their email address or domain, it'll be a real email address, and a real domain name.
This method is not 100% in eliminating spam. But it's a damn good start.
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
They should make this spam readily available for everyone to use that wants it
:)
That'd make for one hell of a bayesian filter.
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
Whitelisting makes sense--trusting certain mailservers more and not bothering with intense heuristics on mail coming from them. But blacklisting anyone you don't know makes none. The Internet is too vast to really implement something like this without huge costs and huge losses; I think solutions like this likely do far more to Balkanize the Internet than to protect it.
The solution mentioned in a previous Slashdot article a few days ago of making SMTP servers run a small computation per e-mail makes much more sense. This allows you to impose restrictions on non-whitelisted servers without completly ignoring them, either.
But when you talk about the anonymity preferred by the spammers, you ignore the fact that they are, in fact, selling a product. Forget the spammers. Track down their clients, the ones paying for the ads. Problem solved.
Nice advice on spammers.
Have any regarding trolls?
Mod parent down!
...why AOL users have such small penises and breasts.
Why the hell is AOL going around whoring the fact that there customers get the most spam. You might have blocked a 1/2 trillion but another trillion has gotten through.
I send mail from my mailserver to a couple friends on AOL at least once a week.
Static IP DSL from Speakeasy via Covad. I had them configure rDNS when I heard AOL started their aggressive blocking, but never had a problem before or since having that done.
It seems like the latest attack on Bayes-based filters is to throw misspellings and random characters into the message. I'm surprised the major Bayes tools haven't linked to a standard spell-checker and consider really bad spelling a sign of spam...
This is how it would work:
You have an agreement between major ISPs in which ISPs have some cryptographic method of making sure that the person (most likely) isn't a spammer. This can be done through hash puzzles or signatures. Then, the person's emails automatically get a low spam score (as in SpamAssassin) if it verifies that they are a real person. The ISPs would have certificates or some key system. This hybrid network would last for a while, and as more and more people learn that they get blacklisted if they don't use this system, more and more people will join in. Eventually, you could make an easy transition and just have people denying service to older users.
Forget trackable, what do foreigners care about U.S. lawyers?
That's why my geriatric father never got the messages I sent him telling him how to buy performance enhancing drugs from online pharmacies so he could "get bigger" while trying to save money to stay out of debt!!! I figured he just didn't care anymore.
-----
Make Love not [Browser] War!
they simply want everyone to use AOL. if you cant email your friend on AOL, its your fault, and you gotta use AOL to fix it. maybe one day they will block mail from any non-AOL members. i could see it happening.
http://ipod.fresh27.net/
Whenever something asks me for my E-Mail for any use other than shopping, I just put in support@microsoft .com and that works great, I don't get any spam.
why dont they just use mozilla. i havent been gettin spam for ages now (mail client mind you). Then you could use some real ISP.
cat /etc/passwd | mail test
if you couldn't send anonymous snail mail.
Or anonymous e-mail. That's where this "signed" e-mail crap is going.
Imagine every message you send being tracible right back to you.
But hey, what's the trashing of rights in the name of convienience.
If you can send e-mails without being traced, so can spammers.
If spammers can't send e-mails without being traced, neither can you.
"Spammers are most afraid of being tracked and identified. "
Yeah, and nobody has a legitimate reason to not want to be traced.
I spent all of 2 hours modifying RinetD to do proper logging in between senders and my mail server. I spent another 3 hours writting a simple program to parse that log pulling out who a message is from, who it's going to, the subject line and what links it contains and the domains of those links.
Any entry "to" entry that isn't one of my e-mail addresses is deleted. The remaining are then examined for spam domains by looking at the froms and subject lines and the domains themselves.
A short list:
If expression both matches "*imgehost.com*" Delete ""
If expression both matches "*mydailyoffer.com*" Delete ""
If expression both matches "*topofferz.net*" Delete ""
If expression both matches "*adweawen.biz*" Delete ""
If expression both matches "*divineprice.com*" Delete ""
If expression both matches "*stamps.com*" Delete ""
And poof, no more ads from those companies and nobody's right to privacy is infringed. If they happen to have multiple domains for the same campaign I'll catch them as they come.
I will not support a means to subvert my right to privacy over some stupid ads.
How much are your rights worth to you? Not much apparently.
Terrorists blow up buildings and we get the patriot act. "terrorists" flood inboxes and you demand tracable e-mail.
Get bent.
Ben
Work Safe Porn
What will happen to my Personal Bill Board?
...those companies would probably prefer to deal with legit businesses. They're still poor, relative to the equivalent American or European, just a little less poor. Moreover, as someone already pointed out, the government's pretty corrupt. Also, let's not forget Nigeria. I seem to remember during the 90's they got a whole bunch of computers and network infrastruction from some well meaning idiots (they don't have food or schoolbooks, but by god they'll have the internet) with predictable results.
It's not that I think people are basically honest, it's just that most would rather not bother with the consequences of shady dealings. I think given the chance, the hosting companies would be happy to tell spammers to shove off, and the local police would be more than happy to enforce laws. That's just not going to happen the way things are right now. Until something changes (I'm holding out for a massive plague and/or war to kill off the surplus population, either that or world peace) you're just treating symptoms of a disease, not the disease itself.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
I work for a company that does payment processing for websites, sorta like PayPal. AOL customers don't get any of our e-mail receipts which end up causing SO many problems. Even when they e-mail our support address they don't get any of our replies so they end up thinking we're a scam and go to their credit card to issue chargebacks. I know we're not the only company to have this problem, the fact that AOL customers make up about 40% of our transactions you can imagine the lost revenue.
the cryptographic overhead is too high.
moreover, what about companies legitimately sending mass mailings? bugtraq, nasdaq/nyse bell reports, etc.
"It is seldom that liberty of any kind is lost all at once." -David Hume
So THAT's why my friends never get my messages about where to get Viagra and penis extensions from.
at spam filtering if not at anything else. You've got to try this crap to believe it.
"You actually *can* get a digital certificate for your email, but it costs money"
Yeah, you can get those in your BIOS and media files and anywhere else. "Trusted Computing" EVIL. "Trusted E-Mail" GOOD.
What is wrong with you people?
You know what I do to block spam?
I filter out links contained in e-mails and block the COMPANIES.
I don't care how forged the header is. If the e-mail contains a link to spam domain it doesn't get through.
Nobody's right to privacy is infringed and it's 100% effective and 100% accurate. Nobody is going to be sending a legtimate e-mail with a link to and/or an image from www.topofferz.com or with an affiliate link to click-com
I'm not going to regurgitate the whole system I use here, you can find it talked about in older posts of mine and it will be posted on my site this weekend along with all the source code for the programs I use to automate some of the process.
I can't believe how quick and eager people are to burry their rights over nothing more than ADVERTISMENTS.
Ben
Work Safe Porn
the web-provider which has this article on it (Yahoo!, no big surprise there) has many of the same type of annoying/insulting multi-colored advertisments that the article talks about AOL working so hard to stop?
Seems ironic and amusing to me.
.
uR iGn0ranc3, Their Power
Almost half the spam originated from AOL.
talk to any IT department of an TW (before AOLTW) company... they were forced to use this cr@p client and mail system after the merger....
and as the tides turned, everyone went back to their old email systems (outlook, pop3)...
Problems:
- Undelivered email
- Not well designed interface for business
- Kicks user off frequently, if employee doesn't have SecurID tolken with them, they can't get their email for the rest of the day
- Spam, spam, spam, spam, spam
- Printing is rather cruddy
- Doesn't save email very well (no archiving, filing that meets business needs)
- Little control for document retention policies
Even outlook looked better than AOL Mail.
But repeatedly being funny potentially gets you FANS who then auto-upgrade your posts, which is equivalent to permanent karma among your fangroup.
This post is so insightful, it hurts.
Which they've been bouncing back since at least November. (Example of a spam complaint they returned to me.)
Seems that their heuristics don't care if you've fixed whatever problem they seem to think you have - they continue to block you anyway. One of our servers incurred their undying wrath for some reason - yet the others of our pool are fine - no obvious reason, just had to route anything to AOL from one of the other servers - what a pain.
Been there, done that, paid for the T-shirt
and didn't get it
You'd pay your upstream connections to approve you. The cost would cover verifying your ID at a court or escrow office, and doing a credit check, so people would know how to collect after winning a lawsuit if you violate the TOS for sending signed email. Since your assets would be on the line, you would take similar care verifying your downstream connections. Mailing lists would all move to web sites, where the only way to opt-in is set up your web browser to visit periodically (The way "opt-in" should be done.)
I think solutions like this likely do far more to Balkanize the Internet than to protect it.
That's the idea, to Balkanize internet connections to those mailservers most likely to properly police their outbound email. Legitimate users would all gradually move to one of these ISP's, leaving spammers 100% of SMTP bandwidth. Of course, then the major hubs will merely throttle SMTP connections to 0.001% of available bandwidth since there no longer would be any money in it.
Forget the spammers. Track down their clients, the ones paying for the ads.
Only if someone can figure out a way to weed out "Joe Jobs".
The only historically proven method to prevent a tragedy of the commons is via the use of weapons, and/or some mechanism which allows lawyers to make lots of money.
Its 40 per person per day. Thats saving everyones time at least a little regardless of how many there are. Also, I doubt there are an order of magnitue more spams sent than those. I've been using the same e-mail address for a while, even had it exposed on my website for some time initially and I don't receive more than 50 or 60 spams a day.
I recieve a lot of spam - 40-50 messages every day AFTER filtering done by my ISP.
The reason I recieve a lot is that I've had the same personal email address for over seven YEARS.
In 1996, SPAM didn't exist - posting to mailing lists and newsgroups with your real email address wasn't a problem. In fact, it was offensive to use a phoney.
So, my address is *easily* available for harvesting left, right and center. Yet I don't want to abandon the address because I know a lot of friends around the planet who only use it occasionally.
Not everyone is the dullard you make out they are.
I personally refuse to use ISP-side spam blocking filters because:
1) False positives.
2) Blocking Spam does nothing to stop it coming to your mail server. You should report the spam that comes into your inbox and get those barstards caught.
I personally use SpamCop. The FTC has a spam collection address too:
--> I want Viagra offers <--
(it's uce@ftc.gov )
From my ~/.procmailrc :
* ^From:
Wow, anyone who gets 40 spam emails a day must not be very smart.
Not really... I get about 50/day (which ~40 are pre-filtered by my ISP), yet i never put that address in public nor subscribed anything "strange" (i use other e-mail for that).
Why did it happen then?
Well, do you know those OutlookExpress-compatible virus? (No, I don't use that software).
Yeah, one nice day a (serious) company i had contact got infected with such virus and, surprise, my email address i protected so well got spreaded around and the spammers got it.
My ISP blocks outgoing port 25 activity but not incomming so my sig points to a catch all on my home connection for analyzing spam. Recieving on port 25 is no different than getting mail any other way. The ISP only cares about one way communication.
To get around the port 25 block I run my mail server on an alternate port for myself and then use RinetD on port 25 which fowards to the mail server. My e-mail going out is none of my ISP's business. The server that actually sends the mail is hosted by another ISP. Which doesn't break any clauses since I'm not running a server on my home system.
I've had people using AOL signup for subscriptions since I started back when I was running out of house. But then I had a business connection.
Residential connections tend to have clauses about not being allowed to run servers. My home ISP doens't block port 80 but I'm still not allowed to run an HTTP server.
If AOL is blocking residential accounts that are allowed to run mail servers then you have a case. However, if you're violating your TOS then too bad. Get a business connection like you're supposed to.
Blocking non static IPs is a good thing. If you're seriously trying to run a mail server then you need a static IP. So pay for it.
Ben
Work Safe Porn
I just started getting bounced messages from AOL, "Apply for Federal Grants", "Your grant money is waiting", etc., all with fake, random generated names @mydomain.com I checked my server log and they're not using my mail server to send mail out, but I'm getting a bunch of bounces. Why would they spoof using my domain name? Does AOL check to see if the domain is valid before delivering? Of course, since I haven't seen the actual messages with headers (and AOL doesn't reply to help me figure this out) I feel totally powerless about this abuse. Arrgh. Any advice?
but it would also be quite helpful for MANY others. If something helps a lot of people and can be made into an option so that it doesn't hurt other people, what's the harm in adding it as an option?
Complain to AOL about it? They do nothing--since it's not a @aol.com address, they deny responsibility, yet collect cash from their spam customers. Very convenient. I find it funny that AOL supported the CAN SPAM act, which legalizes spam and invalidates tougher local laws, such as California's. Boycott AOL if you dislike spam.
She gets her celebrity news, she can send Instant Messages to her friends, she can send email to my wife and her brother but usually can't remember how to send it to me, it's less passive than TV, and it lets her be lots more social, and after she retired she was starting to feel pretty isolated, especially since she's not all that mobile. So it's a good thing, and she's sufficiently immune to saccharin overdoses that she misses all those online greeting cards people used to send.
Would I recommend it for my side of the family? Not a chance! My mother hasn't replaced the MacOS 7.x 68030 Macintosh she and Dad used (he died about five years ago), but it does email, browsing, and letter-writing just fine, and she's perfectly willing to try new technology if there's a good reason for it, and she's got a small local ISP that can actually have a live intelligent human being answer questions if she needs support, plus my sister lives nearby and can go kick the printer a few extra times if it's stubborn. She did get a bigger monitor and had my sister set the thing to the biggest print should could run, though - much easier on real machines than AOL. My younger brother eventually got something with modern graphics on it, so I don't think he's still telnetting to a real computer to do email much any more. My sisters have mostly downgraded from Macs to newer faster Wintel boxes, but that was mostly because their kids needed Games. For the most part, they all use real ISPs, though one sister might be on a cable modem now.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Maybe AOL just resents any adverse possession of their cyberspace --- spam does not bother AOL so much as the fact that spammers are not paying AOL to spam eyeballs that AOL feels it has bought and paid for.
I'm laughing at clouds.
we don't have enough cruise missles for the mail servers in china, and the assholes in florida.
There is something to be said for a classic two pronged attack.
I've noticed that spammers are going to extreme lengths to by-pass spam filters. I see it in spam all the time. I use a program called Mailwasher to preview my mail before I download. It has columns for things like sender, date, etc. When something exceeds a column, it's expanded as a tool tip. Well, I accidently bumped my mouse and it went over a spam's subject line and the tool tip took up the entire length of the screen and had a heighth of 1/4 of an inch. I'd show the screen shot but my webhost's ftp access is down right now.
Needless to say, spam is getting crazier than ever. I remember Earthlink coming under fire last year for emails that weren't reaching their destination because of the spaminator.
I'd hate to say it, but legitimate mail has put email users at the mercy of spammers because there could be something important in the midst of all the junk.
Seriously, ever put one of those on a dremel? I havn't gotten it to fly apart on its own, but either shooting them across the yard like little spinning discs of death or having them shatter at 20,000 RPMS is MUCH more amusing than just trashing them.
:)
If it weren't for AOL, I'd be bored out of my skull
When laws are being brought forth, instead of fining the companies paid to send the spam, lets start fining the companies that is paying for the advertising. Since most major companies go through a third party to send their advertisments(spam) proscute the company that is paying the spammer.
me an my boyz knoe zactly whut were sayin. We don need no steenkin spleechekker!
I appriciate them sending me dvd cases I can retask into storing pornos downloaded off p2p networks and freshly burned and ready for archiving.
Again. If they were spamming me by sending me actual hot wet nubile asian cheerleader teens willing to do my every bidding I'd have precious few complaints.
75% - 80% of the spam I recieve has a from tag of aol.com or hotmail.com I think I should just block both of those domains.
The solution to this is to strictly enforce some laws we have, like the California law that makes it a criminal offense to accept a credit card number online from a California resident without first disclosing the actual business name and address of the business. If every spammer who violated that law did the required six months in the county jail, we'd have far fewer spammers.
It used to be that systems on the Internet started out pretty open. If some students figured out how to get in, but kept their practical jokes clean and fun, nobody cared much. If people got out of line, things generally got patched. Like adding salt to UNIX passwords so that people don't just encrypt the whole dictionary and look for matches. Worked pretty well given CPU speeds and hackers' skills at the time it was introduced.
Whatever happened now? SMTP started out pretty open. Obviously things got out of control. So, fix it already. A group of ISPs can gang up and require all SMTP users to sign up with their username/password, which is already supported by all e-mail clients. Limit each user to 1000 e-mails a day (allowing for rather large mailing lists, but still 1000 times too low to make spam attractive for the subscription price). Then only accept e-mail from cooperating hosts over SSL pipes with a correct certificate. Prepend BORK: to the subject lines from other domains so that users can filter them to another mailbox.
If yahoo participates, I can always ask people to sign up for a free account if they really want to reach me. Smaller ISPs will jump on the chance to de-bork their e-mails and make customers happier. Once enough of them do, bigger ISPs will have an incentive as well. Problem solved!
The road to the destruction of our rights is paved with tragedies.
Apparently getting "spammed" is a great enough tragedy for some people to warrent the destuction of the right to privacy. 3000+ dead civilians and our bags are searched at airports. I can buy that. Getting advertisments and suddenly privacy goes out the window? WTF? THAT is the point.
If I want to send an e-mail and I don't want you to know who sent it, I demand that ability. As of now the best you can do is trace an e-mail back to a server. But FU if you think you're getting a confirmation on who actually sent it.
Maybe you don't have a use for being anonymous. Maybe nobody on the planet has a need to be anonymous. But we have a right to privacy should such a need arise.
Can't figure out what domain actually sent the e-mail. Too f-ing bad. If you can trace the domain you can trace the owner of the domain. If you can trace the owner you've got 10 fingers to start smashing to get information about who's giving out such and such information about a such and such operation or movement or whatever taking place.
If you want to block spam, block the links it contains. It's that simple. You can't obfuscate links. There's your technical solution. HTML does not allow for href or src tags to be obfuscated or they are rendered useless. It doesn't matter how deceitful the headers are or who the spammer is, if they're advertising a domain I've put filter on, it's not getting through.
And that spammer's right (they have them, too) to privacy is not infringed and my right to restrict my private server is not infringed.
Stop looking to destroy a right or two every time you get inconvienced or pissed off. We raised hell with the Patriot Act and GPS cell phones but spam...now there's an excuse to restrict the rights of citizens.
Stop bitching and start listening to yourselves.
Ben
Work Safe Porn
I think that Sender Permitted From (SPF) and friends look to give us significant mileage on this.
Basically this means that when you set up a domain, you specify what the IP addresses are for the authorised mail-servers. Something like SpamAssassin can then add a "+2" it came from SPF listed address, or "-2" if it didn't.
Put that in the box with all the other heuristic techniques going on and it will make a suprisingly large difference to catching spam.
I, for one, really look forward to it's implementation for some very good reasons:
I've been joe-jobbed plenty of times. It is &^$%*& annoying, especially for a domain that's been in use for a long time.
As I state in many of my posts, I work for a medium-large size software company.
We have a website, and about 1 million customers (not sure how many active..) have accounts on our website to download updates, patches, etc.
When they forget a password, they choose can option to have their password sent to them.
They can also request technical support via e-mail.
The forms sent out for both of those are very similar and AOL appears to 'randomly' block many of these e-mails. Sometimes they'll go through, sometimes they won't. We can trace the e-mail to aol's server, watch it be accepted but never have the customer on the phone recieve it.
They're 'spam prevention' isn't as great as it could be, especially since we've contacted them and they've promised to 'look in to it'.
Every time an aoler tells me about how they never got email, i always tell them the same thing: Aol is not a real service provider (you have to provide service to be real in my book) and that they can continue to expect poor quality email for as long as they use @aol.com. I have no love for yahoo, but they are LIGHT years ahead of aol in the email area.
Lawyers, MBA's, RIAA? A jedi fears not these things!
The only way to fix it is to stop going after the spammers and start going after the sellers. You know the links you get in spam? DOS them.
Nuke 'em from orbit. It's the only way to be sure.
A blog about stuff.
AOL blocks any mail that is routed direct to the Mail Exchanger (Or simply has the headers stripped to anonymize it's origin)
This excludes a whole lot of out of the box UNIX/Linux/BSD installs, as well as anonymizers and some website registration verification scripts. I'd rather not have to send your website login password through 3 different servers before it reaches your ISP. (Of course, the password shouldn't be sent through the email anyways, but a lot of sites do).
That's not what I'd call "being conservative". To me, being conservative would be tagging suspected spam as such, and letting the MUA filter it into a seperate mailbox. AOL can include a MUA (Netscape) on it's disk, so it can be pre-configured.
Time for them to sue to makeup for the costs and damages they had to endure
http://saveie6.com/
AOL loves to provide statistics of how SPAM is "hurting" AOL. But for all it's out-cry that something needs to be done they are the biggest a**holes when it comes to taking responsiblity for what comes out of their own network.
- They will freely admit to having a policy of purposily ignoring reports to the standard postmaster and abuse addresses in favor of a "tosemail1" address that does not appear in any RFC at all.
- They will freely admit that for customer support to discuss problems with an on-going spam problem that the reciever must be an AOL screen name. Anotherwords, it must be spam *TO* AOL.
- They will freely admit to being one of the largest providers of throw away spam accounts but then quickly follow that up by claiming that there is nothing they can do about that.
If every ISP was playing the game that the only foul is *in-bound* SPAM and claim no responiblity for out-bound then AOL would be getting alot more than 0.5 trillion. The first step in getting rid of spam is to get rid of networks that freely admit to have a policy of non-responsiblity... blackhole AOL!
Just encrypt your fucking mail and stop that pathetic whining.
80% is nothing. I get 99% spam here when comparing my inbox to my spambox, their users are lucky.
Karma: It's all a bunch of tree-huggin' hippy crap!
Especially all the mails I sent: AOL now refuses all mails from custom servers. I'm sorry, I don't send spam !
every time slashdot has a story about spam, i again wonder to myself why the world hasn't turned to the obvious solution: a new email standard. i read a comment recently to the effect of "if a given protocol allows cheating, it's a bad protocol". it should be clear to everybody that this technical problem can not be solved with legislation (not that it shouldn't be illegal anyway, but it's folly to expect laws to have any real impact). the world needs an email protocol which is encrypted and authenticated, traceable and secure, and easily combined with whitelist or pay-to-deliver filters.
The idea isn't to keep people from reading the messages. It's to keep people from knowing who sent it.
You know, like an anonymous tip line. If you're ever in a situation where you know something and need to get it out to everyone you can with out revealing it was you who sent it, forging headers an excellent first step to going about it.
If you lived in China, you'd probably want to get to know a few spammers or at least their tricks if you wanted to experience some form of free speech.
By "fixing" SMTP in such a way that headers must be accurate, the ability to exercise free speech is greatly hampered for everyone.
Ben
Work Safe Porn
Since most spammers live in the US, advertise american products I belive bombing the US would be a better idea if you wanted to stop spam. After all, almost all spam is in English, not Chinese.
and China is a big country. I'm sure there are plenty of really nasty slums that still have a network infrastructure in place to transfer data. How else do you suppose the sweatshops coordinate themselves? These countries do big business, shipping billions of items. Near as I can tell, most of that wealth winds up in the hands of a lucky few. If a few of the not-so-lucky rely on spam to make a living, who am I with my nice car, home, and regular meals to say they shouldn't. I'd certainly do the same.
Frankly I don't see the danger (although I do empathize with your feeling; look at the Nigerians). The only thing I'm suggesting is that if the standard of living in these spammer's havens where to improve, it would be tougher for them to do business there (just like it's getting to be in America). I don't pretend to understand the realities of the Chinese economy, but I know this: Fewer desparate people means fewer willing to do dishonest things. The only danger here is that Americans would lose all those cheap consumer goods made in slums and imported from China.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
Now, if only they could do something about the pop-ups, crashes, dropped connections, high prices, incessant self-promotion, etc, they might have a good product.
One time, when my usual ISP was down, I needed internet. Desparate, (back when I ran Winders) I threw on an AOL CD to use some of the 1045 hours of free access, planning to cancel when my regular ISP was back online. Cancelling AOL is interesting, first off, the person who answers the calls has been brainwashed to think AOL is the greatest THING ever, and will first ask you why you want to cancel, then argue with your reasoning. Once you go through all that, they will offer you two free months of service while you reconsider. DON'T FALL FOR THIS. I did, and forgot, and the bastards charged my credit card three months later. I was mad as hell and had to go through the Movementarian "You're free to leave anytime you want, but tell us why you're leaving" grilling on the phone all over again. Of course, they offered me two free months again, so apparently you can stay on AOL for free indefinitely this way (But why would you want to?).
Kaolin may be the only English word with "aol" as a substring.
Unknown host pong.
In storage and transmission costs alone, this is a fortune.
So what do we need? Harsher laws, of course. And stop saying they won't work already. The main spammers are known all we need to do is put, say, the top-50 away for life.
Sounds harsh? I don't think so. Spammers are committing a very serious, evil crime: Stealing from the commons.
Unfortunately, in our corporate dominated world, where things don't count unless they are property of someone and can be put on a quarterly report, that idea is mostly lost.
That doesn't change the facts. Spammers are stealing from all of us. A single spam mail might be petty theft, but it's petty theft times several million.
The law needs to recognize that spam is destroying a part of society, and adapt the sentences. Fuck fines. Put the notorious spammers away for a few decades, into a prison for serial-rapists and murderers. Make their cases extremely public. Make it clear that now that the top-50 list has been cleaned out, anyone aspiring to take one of those spots has a cell reserved already.
Assorted stuff I do sometimes: Lemuria.org
I run a small ISP (not dialup, but Web space/e-mail/etc) and have SpamAssassin tweaked this way and that, and my users get barely any spam (a few a day, at most, compared to 50-100 a day before the filtering), and we haven't had any false positives yet (we check).
What I don't get is why don't more ISPs do this? Is it a legal angle that I'm unaware of (SpamAssassin filtering mail is not what I'd consider eavesdropping)? Of course, all users are aware of the filtering, so it's not a big surprise to them, I imagine you might have problems if they didn't know, and you actually ditched half of their mail.
This thread is perfectly relevant to a discussion regarding AOL and spam. If you can't see why, I'll explain:
AOL has claimed to block 1/2 trillion spam emails in 2003. A lot of those emails were NOT SPAM. See the parent and grandparent, as well as multiple other comments on this story, for clarification.
Must be some AOL employees with mod points, I guess.
I recently found out that I can't send mail from my ISP account to any email address on my web server because the domain will not resolve properly. The server is set to reject mail from any senders whose domain will not resolve or doesn't exist. So what to do - the ISP drags their feet when you ask them to fix things like this.
At my work, another division of the same company provides our internet connection. They run an open mail relay which I've told them about on two occassions and they've done nothing to fix it.
you are mistaken. YOU know its bad, I know its bad, but most people don't care. dont assume that just because you know something that the public all know it as well.
GENERATION 26: The first time you see this, copy it into your sig on any forum and add 1 to the generation.
Any company that pays that piece of shit money to advertise their product deserves to be boycotted. His "music" glorifies murder, drug sales, pimping etc, and the fact that he's somehow broken into the mainstream makes it all that much worse.
I'm sure someone will laugh at me for including pimping in the list of vices he promotes. Take a second and imagine your drug addicted sister being beaten over an underpayment to one of these monsters.
devise, used to block /.users' comments, & .complaiNTs about the won-eyed girl's standing up/no-showing (either won is cruel) for 100's of thousands of gnu year's eve dates, with lonely hobbyists/paid dupe members of robbIE's gnu dating service, who are now trying desperately to find out what in the fud happened?
I'm still trying to figure out what they aren't blocking. They block emails from mac.com even though a valid name, address and credit card number are required for a .mac email account, but they don't block free services like fastmail.fm or mailhaven.com.
If they really want to get a handle on spam, fwd:fwd:fwd Urban folklore... they should really block *@aol.com.
In related news, aol users are reported to be among the worlds biggest spammers. No I don't want to send this email to 40 people in order to have my crush fall deeply in love with me.
I have to question your figures. The volume and awareness of spam is so much greater than it was three years ago that I find it hard to believe that your users are experiencing significantly less problems with it.
You imply that the reason they are less concerned is that you have implemented a fee-based filtering system. So you're saying that on one hand it's much less of a concern, but on the other hand your users are willing to pay extra to deal with it? That's a valuable customer base you have there. Perhaps you should look into what other things they don't care about, and figure out a way to charge them for that, too.
Well.. its not amazing, spam grows at leaps and bounds each day that someone new moron thinks they will make money from doing spam, cause the hear about it on TV and online so much. I spoke to a Failed spammer recently and he said " I lost my isp connection, and they never paid me" So that leaves one to think that only the High end guys are probably really making TONS of money off of this anymore, they have the little guy actually doing the mailings. AOL has so many email accounts and allows each user to have so many per account that it is not unbelievavle that they are probably blocking themost if not in the top 5 --Dave http://www.whitehatsystems.com/
The only good way of blocking trojan relays and really make life hard on the spammers are to actually block outbound port 25 from the inside. This still allows users to run theire own mailservers but all outgoing mail has to be relayed thrue the ISP's smtp server (and honest, what is the problem with that? Mail still gets delivered). And to really make it tight it should demand auth before smtp as well. And ofcourse that mailserver should have virus and spam blocking for outbound smtp as well as inbound.
If we trust our congress critters to not screw-up anti-spam legislation why not sign them up for everything under the sun. In short order their e-mail will become useless to them and maybe they will just get it...or maybe increase outsourcing overseas...
They more than make up for it in useless CDs distributed...
"Cain the Spammer". ("It's a good show -- based on the Bible.")
... the E-Mails trying to sell me \/1@gra?
They block anything that doesn't come from the main MX record. Gets alot of spam but it gets a lot of network SMTP relays too. Not a big deal and probably a good idea to block folks who don't have their network configured entirely properly but it's not all spam and the number is largely inflated.
You're absolutely right. Clearly your post is nothing but a troll and should be modded as such. Mods, please mod down the parent as a troll.
Unfortunately, ISPs are loathe to do that because there are customers who connect to mail servers other then the ISP.
What might work, but would require resources would be to setup some sort of profile system which only allows selective port 25 filtering. (This will be an expensive idea, with some invasion of privacy.)
For every customer, start a list of the SMTP servers that they contact, and only allow them to contact up to 10 different SMTP servers. If a customer hits their limit due to trojan'd machine or virus-infection, the damage will be (somewhat) limited. Customers should be able to reset their list once every 24 hours, but they can only reset 3 times before a CS rep has to do it.
Not a pretty solution, but a possible next step.
Wolde you bothe eate your cake, and have your cake?
Still, it's a nice attention grabbing figure to help raise public awareness of the issue, and I have zero issues with that.
UNIX? They're not even circumcised! Savages!
I'm sure that AOL includes these illigitimate blocks in its numbers.
AOL regularly decides to block e-mail from me and/or my ISP, because of the amount of spoofed spam with my site as the domain name.
Very frustrating.
Design for Use, not Construction!
not dealing with the AOL article directly - /.. It was something that cought my eye. The response mentioned that the majority of images come from only a few domains - I had just installed Outlook 2003, and i found under Actions-Junk Email-Junk Email Options, a window and on its Blocked Senders tab you can add domains that you want to block. Now this does not stop from receiving the spam, it just automatically redirects them to the Junk Email folder.
:)
A few days ago someone responded to a spam related discussion on
Since then, only one viagra message ended up in my inbox out of 20.
Sure, you still get them, but weeding them out is the time consuming part which is the cause of lost productivity.
Due to this, my frustration level has gone down considerably...
I must say thank you to the poster who suggested this; wherever you are, know you made the world a better place even if for only one person
The 3 domains that I added to the blocked list are:
2004hosting.net
min7788.com
of990.com
Everytime a spam piece finds its way into Inbox I check it's properties which displays the domain. Adding this the blocked list seems to do the trick.
Any company that pays that piece of shit money to advertise their product deserves to be boycotted. His "music" glorifies murder, drug sales, pimping etc, and the fact that he's somehow broken into the mainstream makes it all that much worse.
Now wait just one minnizle.
A good fourth of the time I can't communicate with AOL users period via email. Whether I use my ISP's server to send it, or the free service I have in Russia.
The free service I have in Russia blocks yahoo all of the time now, doesn't even tell the user who sent it that their mail couldn't be delivered. It just disappears into a blackhole. I'm sure they block others as well. It's pretty rare for me to get spam on that account. Since I know they block people I'm reluctant to use the address as much anymore, even though it's served me well. I change ISP's, but I keep that email address so people I know can get hold of me.
Email is quickly becomming unreliable, which is going to have severe negative effects on Ecommerce if we don't do something about it.
The way AOL is going about it is having negative impacts on other legit senders.
Freedom is merely privilege extended unless enjoyed by one and all.
If you're one of those /. readers running your own mail server because your ISP's mail server sucks, re-read your ISP's terms of service some time.
And then pay $US100/month for static IP and permission to run a server. Then AOL won't block you anymore.
Use Evolution instead of Outlook? Bewa
The working definition of spam should *not* be defined by whatever the user is in the mood for.
www.HearMySoulSpeak.com
My Yahoo mail account collects (easily) 50-80 spams per day. Only 40 per day per user, they've got it easy.
One group got through the defenses and got to do their thing and it certainly changed everyone's opinions, but I don't think it was worth the cost.
Second, I didn't mean Balkanize in the sense that spammers will be on one network and legitimate--however you decide to define it for the rest of us--users will be on the other. I mean it in the sense that then ISP's might start other regulations. For example, AOL starts enforcing a policy that if you host adult sites, you won't be approved for communication with AOL's private network. Or Chinese ISP's enforce the notion that if you don't filter political sites, you can't connect to their networks. Pretty soon, you've got seperate ISP's enforcing their own policies, and, whatdya know, the Internet is now pretty much worthless, or at least a whole lot less pervasive and powerful.
Third, you face the same risk with ``Joe Jobs'' as you do in any other criminal trial. Perhaps the evidence is a bit more ephemeral, but c'est la vie. In theory, the justice system works. Sometimes.
Mostof the spam people think that I need to wax the ass of a underage chick with no ass hips boobs brains or pubic hair. In the same chunck of email i apprently need to know how to get a hard on for my favorite woman (trust me that's not an issue), and after I rape my credit card I can find out for free how to get out of cc debt. THEN while I'm at it I need to be high as kite to enjoy having a wonderful woman a woody all night to wax some ass and get some wonderful loving of hot juices.
...Now I could get spam on how to reduce spam and increase my paycheck wood....
None of wich is a problem.
set this [Comment Byte Limit (number of bytes of comments to display. If this is reached before comment limit, break the page, else use above comment limit)] to 128K
De sig boss de sig
worng one this one [Max Comment Size (Truncates long comments, and adds a "Read the rest" link. Set really big to disable)] and 1024
De sig boss de sig
I WANT TO PUT MY PEE PEE IN YOUR POO POO HOLE
I WANT TO PUT MY PEE PEE IN YOUR POO POO HOLE
I WANT TO PUT MY PEE PEE IN YOUR POO POO HOLE
I WANT TO PUT MY PEE PEE IN YOUR POO POO HOLE
I WANT TO PUT MY PEE PEE IN YOUR POO POO HOLE
I WANT TO PUT MY PEE PEE IN YOUR POO POO HOLE
I can no longer email AOL users, becuase I run my own mail server off of a DSL line. AOL bounces all such emails, regardless of 'spaminess' because they are listed as 'from a residential dynamic IP address'. Isn't interoperability supposed to be the point of the internet? I am balkanized, as a result. So, no AOL users can get email from me. Perhaps this is a good thing, afterall.
---
the pen is mightier than the sword, the sword is mightier than the court, the court is mightier than the pen.
At least one of those "blocked spams" was a message sent to AOL's beta testers from the address WinBeta@aol.com.
Clearly, AOL will stop at nothing to get their blocked spam count up, even at the expense of their own internal mail...
He is saying AOL should block email to non-AOL addresses, as it is typically either some lame forward, or spam.
"We have got to make Stan understand the importance of voting, because he'll definitely vote for our guy." - South Park
Stopping spam is relatively easy if a few organizations are willing to actually do what is necessary to stop it. You have outweigh any benefit that spammers can gain from spam, with some very undesirable outcome.
Step 1:
Govt official declares spammers terrorists since they are costing American companies millions.
Step 2:
Govt covert organization, or privately funded organizations (from said corporations) go out and brutally kill, and inflict pain on said spammers.
Step 3: Publicize the aftermath in the papers and media.
No more spam. This may not be a pleasant way of cleaning the closet, but it would work. What say you?
As a family man, Snoop has devoted a large portion of his life to helping children and is in fact the football coach responsible for his team of 8 and 9 year olds reaching the playoffs. Try to see past the music and understand the man.
I suggest you check out this very well-written article, first in its original source (requires reg): Daily Bulletin Archive , and also duplicated (free) on the Snoop Heaven News Page.
Yeah, I"ll admidt I'm trying to kick up a little dust here on /., but inspite of that I really mean this. Even after all those payments, if you can eat and have a home, your ahead of a lot of people. Which would you prefer, running an open relay or working 16 hr/s day in a sweatshop? And what capital? A computer and the internet is all you need to start exploiting open relays. Heck, you can do it at a poorly monitored internet cafe. The beauty of spam is it's incredible cheap to start doing it. Once more I'll point to the Nigerian 419ers.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
They like to blanket bomb the little guy. If you don't control your reverse DNS entry, they blacklist the living hell out of you, and blame for all spam that came from your second-level reverse dns name when you complain.
At this point, I'm too fed up with AOL to even bother trying to contact Carl, however reasonable he may be. As for the rest of AOL, they certainly make mistakes, and they certainly sustain blocks without evidence. AOL can bite my shiny metal ass; they're no better than any other spammer.
You can't judge a book by the way it wears its hair.
Since the spread of the viruses that are designed to spam I know I'm getting tons more then before, and a lot of 'undeliverable' messages that are bounced back to my domain.
Really annoying. Wastes my bandwidth, my time and may just get me banned from some mail servers, even though its NOT me doing the spam.
---- Booth was a patriot ----
...and ask questions later
I wonder if these statistics include all the valid email messages that have been blocked by AOL's over zelous blacklisting of servers. I work for one ISP who's mail servers have been getting blacklisted on and off for the past 2 weeks and have a friend that does web hosting and his mail servers got blacklisted. Neither were put on AOL's black list because of spam comming from the servers
Do you think that a bunch of poor people in China are all of a sudden picking up laptops and peddling viagra? It's not the Chinese, it's the same people who have always sent spam. They are just buying their hosting/bandwidth from companies overseas, where regulations are non-existant.
More to the point, though. A Chinese friend told me that in Chinese custom, it's unlucky to refuse or discard a business card.
If they view spam as a business card, then they can't possibly understand why you wouldn't want it.
My solution to this particular problem used access.db to remove China, Korea, Japan, etc from the Internet. I don't know anybody in those places, so receiving e-mail from them - and dozens of other countries - is only a liability.
Fire and Meat. Yummy.
is this story: http://tinyurl.com/2ra8y ("Congress hates spam - unless it's from them." There's this mention of AOL:
Advocacy Inc., a consultant in Washington, had its first unsolicited bulk e-mail, sent on behalf of Representative Pete Stark, Democrat of California, initially blocked by America Online's spam filters. AOL later agreed not to block the messages, Advocacy said.
The head of the AOL division for dealing with such issues is on the SPAM-L list. When I confronted him with this story (and specifically this quote), he said they never cave in to such situations. So either the NYTimes article isn't telling the truth or AOL isn't...
They've blocked probably one trillion non spam.
The majority of the time that I get tech support requests from AOL users, my email replies are blocked. Sure, you could blame them for setting it up to block addresses not in their address book, but most seem surprised when I tell them AOL is giving replies saying that's how they have it set up, as if they were uninformed as to all the spam blocking settings. I haven't used AOL so I can't say exactly what so many of them are doing wrong.
There's nothing that says you have to do so. There is also nothing that says that the bandwidth which I pay for has to carry email from people who don't jump thru enough hoops to show that they are unlikely to be a professional spammer. So you can run your unidentified mailserver, and hopefully the bulk of the net will start to ignore mail sent by you and the spammers who look exactly like you as far as we can tell. Then the hubs can start to charge extra to carry this stuff as a value added service.
The way it works in the real world is that people build imperfect fences and walls to help limit access from the riff-raff who fill up the commons. But you are free to still go backpacking out in the wild if you want to see the "uncivilized" parts of the planet. The same will happen to net protocols. Most people will only read signed email certificated by their chosen set of Balkenized certification organizations (the walls); only a few nerds (the backpackers) and police tip lines (etc.) will still monitor open SMTP. They will be the ones who will end up paying for the bandwidth that the current type of spam uses.
All it will take is for spam to fill 90%+ of SMTP bandwidth, and then for 90%+ of (paying) email users to eventually move to some other (more secure) protocol. The bandwidth providers will then follow the money.
..they'd still only pay off 1/14 of America's national debt.
If there is hope, it lies in the prowles.
I think. However there is one small pice of foot shootingwith this approach. I regularly get "undeliverable" messages from AOL's relays. I don't know anyone with an AOL account, and thus never send them mail. The anser as I'm sure even apprentice geeks have figured out is that my address is being used by spammers as a return address and AOL have blacklisted it. Theres very little you can do about this. I reckon that in the same way I only used to get a few spams per day (now > 100 and thats only what SpamAssassin doesn't zap off of my IMAP account at my ISP) that everyone will fall victim to this before long. In the same way that spammers aquire lists of addresses to send mail to - they are no starting to use the same addresses to use as the apparent sender.
:P
We need a totally new mail protocol with mandatory proof of origin using some sort Public/Private key pair.
Just getting and using a key signed by a recognised CA will not work Today - as currently, nobodies mail relays demand one before accepting mail.
On ICQ I can proove who I am (within reason) as I have to authenticate myself to the ICQ server when I connect my client. We need something similar for email.
Until this happens I am looking at implementing a whitelist only mail policy on my network. People will have to supply me with the email addresses by phone before they can mail me - as the relay will just bounce *everything* with undeliverables that are apparentley sent from upyours@127.0.0.1
The current email system is overrun with this rubbish - time we abandoned it and let the spammers spam each other into oblivion.
Weekly Specials ADVERTISEMENT
GET a DEGREE ONLINE! Fast and Free Info!
Buy Ink Cartridges & Refill Kits at MyInks - Save 80%
Is Atkins right for you? Get a free profile.
Buy LifeFactor Natural HGH Spray for More Energy - $32.99
STOP CREDITOR HARASSMENT! Become DEBT FREE!
Free online Mortgage Refinance Quote @ Service 1 Mortgage
Get an MBA! It's easier than you think!
SAVE up to 70% on Life Insurance! Protect YOUR family today.
Buy Ink Cartridges & Refill Kits at MyInks - Save 80%
Buy Ink Cartridges & Refill Kits at MyInks - Save 80%
Fuckers.
Umm, no. Unless you don't count:
aroma-olent
caoline
chaologist
chaology
diaolibanum
disgaol
elaolite
engaol
gaol (gaoler)
gaoling
haole
ingaol
gaoleress
gaolering
gaolership
gaol-fever
jaole, jaoler
kaoliang
kaolinic
kaolinite
kaolinitic
kaolinization
kaolinize
meta-oleic
naological
naology
paolo
under-gaoler
And of those the only one that may be considered an "English" word may be gaol and its variations as they are still used in government documents in Britain today and evolved from Middle English spellings. But but alas even Gaol had its roots in French.
The rest all originate in Greek (chaos, elao, nao), Chinese (kaol), or Italian (paolo).
Trust me on this. My experiences were covered in AOL Bans Mail from DSL-Hosted Servers. My mom (after hours of trying to explain to her what's going on) got nowhere with AOL on this. They don't admit (at least to her understanding) of the blocking. And since the rejection occurs at connect time -- that's before any SMTP protocol has been transacted, there's no way for AOL to even determine who the recipient is and whether or not they'd like the blocking or not.
You don't have control of your email.
What part of "gestalt" don't you understand?
>Try to see past the music and understand the man.
If he had more than a grade 3 vocabulary, maybe we could understand him.
That said, Im impressed that he can be so talent free and yet successful. Only in America, eh?
terry
You still aren't consdering the ramifications of this, though. You think AOL is going to want to give certificates to small regional ISPs? Of course not; they won't share their proprietary IM network now, and if given the option, they wouldn't share SMTP either. Or perhaps you think we could legislate that this not be used in such a manner, but obviously this defeats the purpose of such a measure to begin with.
Sure, you have a right to do this, if you want to. This is perhaps in some ways a natural progression from blacklists. But it's a bad idea for the Internet, and a bad idea for the rest of it.
And to be totally honest, as much as I despise spammers--largely for their more malicious alleged practices like cooperating with worm writers and abusing open gateways (a server I run, prior to my administering it, was hacked by some Russian dude to send millions of porn spam)--I personally have never been effected by it (past the economic aspects which perhaps raise the price of my Internet connection a good bit). I don't receive spam (literally none, not because of my commonplace SpamAssassin setup, but because I'm careful with my e-mail address), my server hasn't (to my knowledge) ever been successfully violated, so I'm happy. The worst thing that I've put up with is spammers attempting to use my server as an open relay and temporarily using some resources. I say this not to boast, but to point out that there are certainly easy ways to avoid getting spam without resorting to this.
While we're on the subject of efficiency, I think we should discuss how likely it is that this would really work. I have doubts. Too many ISPs make money off spammers to implement this; if they refuse, we end up with that situation of Balkanization that is not, as you seem to think, the good on one side and the bad on the other, but rather more just various groups who can't communicate. Ever try to exchange AIM names with a buddy, only to find out he uses MSN? Or ever try to share a file (say, five years ago, since its far easier now) with friend only to find out he uses a Mac? E-mail's power is its standardization. Ruin that and you ruin e-mail.