Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spam Bits

Posted by michael on from the spam-and-eggs dept.

Let's mush a few things together into a nice pink rectangular solid: ipandithurts writes "The FTC Chair Timothy Muris doubts the ability of the "CAN SPAM" law to stop SPAM." ElementCDN writes "The Ottawa Citizen has a story on Bernard Balan the King of Spam. Bernard has closed up shop and moved to cottage country near Huntsville, Ontario." CactusMan writes "CTV (among others) is reporting that a Ontario trio has been named in a suit filed by Yahoo under the new CAN-SPAM legislation. Yahoo is claiming that the father and two sons were 'responsible for sending millions of unsolicited messages to users of the company's e-mail service.'" ilsa writes "According to this AP article, as much as 19% of e-mail sent by commercial entities never reaches its destination. 'Promotions and greeting cards were the types of messages most likely to disappear, the study found.' Although this study may have been intended to be alarming, forgive me for thinking this may not be a bad thing." Reader chrisbtoo responds to an earlier spam story: "In today's story about Spam solutions, monstroyer challenged people to crack the Spam Interceptor Captcha. Turns out it was pretty easy." Finally, we can't fail to mention an attempt at making the world's largest spam musubi.

8 of 239 comments (clear)

  1. Return Path numbers are low by attaboy · · Score: 5, Interesting

    The AP/ReturnPath story is interesting, in that the actual number of messages that never see their intended recipients is probably even higher than 19%.

    The study was based on a snapshot of messages sent by 100 Return Path customers. Return Path set up test mailboxes with 18 major Internet service providers and monitored about one-fourth of the 120,000 marketing campaigns from those customers.

    This wouldn't even begin to account for the number of messages filtered by larger companies, universities, and other entities that maintain their own spam-filtering and spam-blocking systems. It also wouldn't account for the growing number of individual end-users who are installing and using commercial or free spam-blocking software on their local machines. Anti-spam software isn't just for geeks anymore. According to download.com, the top 25 results for a search on "anti-spam" have been downloaded 2,493,051 times, in aggregate.

    Well isn't that a good thing?

    If you are an end user, and missing a message doesn't matter that much to you, then no. If you are a company using E-mail to communicate with your customers, but you aren't sending anything critical, then no.

    If you miss the electronic notification from your bank, credit-card, or student loan company that your last payment is late, or the notification from your airline that your flight was cancelled, then it does matter.

    And if your one of the,"oh, it can't be more than five or ten", companies in the world that is using E-mail as part of your business processes, whether for sales, marketing, customer service, CRM, purchase or account notifications, etc... well then, hell yeah it matters.

    Things are probably going to get worse before they get better, but E-mail for business has so much potential that I can't but hope that we will solve this problem.

    --
    The facts have a liberal bias. --The Daily Show
  2. -1 Troll, but it seemed to work before by lavalyn · · Score: 2, Interesting

    So we have a name, of Bernard Balan, and it looks like he's living in the Muskoka regions of Ontario, Canada. How long before he gets Ralskyed?

    And shame on the Ottawa Citizen for even trying to portray a bandwidth/storage space thief in a positive light. Neutral at most, and negative more appropriate.

    Also, the Challenge Response bit, an interesting solution but slowly you'll start making the tradeoffs between "hard for computer" and "some people can't do this, their vision is poor or they are colourblind."

    --
    Doing the Right Thing should not be preempted by making a buck.
  3. Spam Interceptor CAPTCHA by chrisbtoo · · Score: 3, Interesting

    Sorry monstroyer, didn't realise it was your system that you were challenging people on. Guess you'll have some work to do tonight, eh?!

    I'd recommend throwing some extra noise in there, and possibly varying the relative darknesses of the background and foreground. If you can distort the characters too it might make it harder to beat.

    --
    Registering accounts later than some other chrisb since 1997
  4. Monstroyer says congrats! by monstroyer · · Score: 5, Interesting
    Wow, my challenge has been answered. Seeing is believing. For the record, someone else beat it using JAVA. Here's the email i got:
    Hi Simon, I just accepted the challenge that (presumably) you laid on a recent Slashdot
    thread to create an automatic registration agent for (again, presumably) your Spam
    Interceptor software.

    This is the result. If you can see the log of registered email addresses you will note
    that some few hundreds of addresses have been added for of the form
    "AutoGenerated_@i.am.spamming.you.com".

    You are welcome to review the code that I used, although there really isn't
    much to it... some 300 lines of java. The approach that I used should be adequate
    simple variations of your defence, but would be readily defeated by simply
    improving the algorithm that you use to generate the random background noise
    in your image.

    Feel free to email me at: [removed]@recalldesign.com
    As a user, here's hoping a fix to make the image more complex is on the way. Thanks for the insight.

  5. Captcha! by doublebackslash · · Score: 3, Interesting

    We have been depending on the difficulty computers have recognzing the shapes of obfustacated letters.
    Why not make the try to identify things, objects.
    There are a substantial number of warping effects that can be applied to a picture, and so long as the users language is known, and they are reasonably congnent, they cold recognize a barn, a duck, etc even if it was warped, twisted, or miscolored to some extent.
    (example: there is a picture of a barn in the forground, the question is what is the color of the object in the picture, or what is the object, many questions based on one picture=)
    I feel that this is the next generation of captchas. Personaly I like a picture scheme better, it could be easier to decipher than some of theose HORRIBLY degraded captchas I've seen. Plus it relies on a deeper ability to recognize shapes and patterns and colors and resolve them into a recognizeable image in our minds, and computers now cannot hope to recognize a warped human face from a barn.
    I feel that this sort of authentication could also be the key to blocking spam all together.
    A user could add E-mails to their trused list, and certain sites (ebay, hotmail, etc) could be on there by default, all others will have their message bounced with a captcha included, and an explination of what is happening. When they prove themselves human, they can get added automagically. Put the work on the senders end. If you send an email to someone, add them to the trused list, etc, for ease of use on users.
    I feel that computers and spammers will have a hard time with any scheme that does not involve standardized things, like letters.

    --
    md5sum /boot/vmlinuz
    d41d8cd98f00b204e9800998ecf8427e /boot/vmlinuz
  6. Re:Wow, they requested this? by Lost+Race · · Score: 2, Interesting
    Same here, separate address for every untrusted recipient. For the most part all of them kept the address private, with the following exceptions: Philips was the worst -- I sent one email to their published tech support address concerning a problem with their sound card in Windows 2000, and within hours started getting spam. Never got any reply from Philips either. That earned them an eternal boycott from me.
  7. Re:Wow, they requested this? by FATRanger · · Score: 2, Interesting

    The way I do it, which does not involve setting up my own email server, is to register a personal domain name with a provider that supports email aliasing/forwarding so that I can still use my isp email account with the benefit of whitelisting good guys and blocking the bad ones by looking at the to: header. The only downside of course is that it takes a bit of time (10 ~ 20mins) before a new fowarding account is created and I am only limited to 99 aliases with my current domain name provider.

  8. better CAPTCHA by bandicot · · Score: 2, Interesting

    Spamarrest seems like it has a better CAPTCHA mechanism: sample image. The loops are pretty ugly; certainly more difficult to subvert than dark characters on a light background (with no dark obfuscators). For myself, I use bogofilter. After piping a bunch of known good ("ham") and bad ("spam") through the engine. I get almost no spam that isn't caught and quarantined for later inspection.