Slashdot Mirror
CAN-SPAM Is A Bust
Doc Ruby writes "The Congressional chatter about 'canning spam', in the CAN-SPAM law since January, has turned out to really mean 'they can still spam'. TechWeb News reports that 'In July, compliance fell for the first time under one percent to a measly 0.54 percent', from its 3% max. The researchers claim the ball has been dropped by 'law enforcement'. Those police are probably too busy deleting the 80% spam from their email, like everyone else."
Do we say it now, or do we still have wait?
This all sounds very similar to the problem with a security system in a corporation. You can have as brilliantly designed a security system as you like, but if you have a hole on the inside (a person who is lax with keys, or passwords etc) then the whole security system falls down from the inside.
Similarly here, an act that's got good intentions ends up having a few well paid government people slip in an exception here for telemarketers or a leniency for charities etc, and when it comes to implementation, the whole thing falls down
I propose they add a vigilante provision that allows anonymous receivers of SPAM to seek out and beat the shit out of anyone found to be sending SPAM.
no sooner said than done ! http://www.spam.com/
$ strings FTP.EXE | grep Copyright
@(#) Copyright (c) 1983 The Regents of the University of California.
If they only were using the time to catch real criminals like rapists and robbers, I could live with this. But since the money is used to catch potsmokers and the people driving 4mph too fast, I say fsck it.
Spamfiltering in all clients is a better aproach.
Making spam illegal wont help, making spam useless does!
The system had the verbosity of HTML combined with all the readability of compiled assembly viewed as bitmap images
We also need a clause that allows us to beat anyone who buys stuff from spam.
(Note: It's spam, not SPAM. SPAM is a registered trademark of a certain food company that is graciously not suing the ass off of everyone, and asks only that we not capitlize the word.)
Did anyone honesty think this law would stop spammers? I for one did not, these people do this for a living. They are going to find a way around the law, or in most cases just flat out ignore it.
Everyone has a photographic memory, some just don't have film.
Well, I for one, am shocked. Shocked, I tell you.
I run a small home server off my cable modem for myself only - no big commercial operation. Been doing this for about 5 years or so... finally gave up last week after my spam flow increased from ~100/day up to ~100,000 (yes, one hundred thousand) per week in the past month or so.... Tried RBL's, Razor, SpamAssassin, DSPAM, Apple's Mail.app client.... stuff only helped so much. Constanting having to fine-tweak filters, re-train Bayes. It's too much of a hassle. Now I've given up. Set Postfix to forward all my mail to my Gmail account. Has helped quite a bit, plus when I do get a message that makes it into my Inbox, Gmail's UI makes it pretty easy to mark it as spam. I'll try this for a while.
A generally accepted change in email specificaitons will prevent much of the spam. What does a law on the net prevent?
Id Spam is crime, only criminals will spam
There's just no way that you can solve this problem with politics. It's one the /. crowd will have to solve. Even if I wanted some physical vigialntie justice, I can't afford to track down some spamer in Russia.
I'm really thinking it's a 2 pronged problem and, like the rest of you I have (at least) 2 addresses, deviding the issue in half. Only a few select people get one and the minor amount of spam I get there is easily filterable. The other one is a web based account. I don't pay for it; they can fill 10-20% of my allready mostly filtered free (as in beer) space with all the spam they want.
Seriously tho, whitelisting is the real solution, but even I may be too lazy for that.
Slow news day?
Lets look at some quick facts.
1. The can spam law gave you and I (collectively the little people) exactly zero ability to extract anything from a spammer (like money) for damages.
2. The can spam law requires law enforcement to track down spammers. Honestly - does anyone think Johnny Law is going to be going through those mail headers looking for the true source of spam? Lets be honest, the first chinese IP and they quit.
3. This law does not place real world consequences for those breaking "cyber law". (It's supposed to, but the proof is in the pudding!)
4. It does not allow you to complain about spam as a denial of service attack (which it most certainly is!)
Until we start putting spammers in jail, or start forcing them to pay, and pay and pay and pay, you will continue to get spammed. Until then, lets be honest, the community is doing a better job of removing spam than the government is. Thanks NJABL, SORBS, Spam Haus et al.
cluge
"Science is about ego as much as it is about discovery and truth " - I said it, so sue me.
Congressional legislation fails to stem a technology-related problem? What a surprise! I never saw that coming!
Seriously. Congress should leave the damn thing alone and let us take care of it. I wish we had more bounty hunters in the United States.
Homestarrunner.net -- It's Dot Com!
Those police are probably too busy deleting the 80% spam from their email, like everyone else. This qualifies as a DDoS if I am not mistaken ;)
1. The can spam law gave you and I (collectively the little people)
That's what the spammers are after; our pots of gold.
The entire 'act' was a joke in the first place. Purely a political maneuver to gain votes ( remember an election race was over the horizon )
Most Spam either comes from bouncing overseas ( out of the US's jurisdiction ) or from zombie PCs ( already illegal due to the virus ) so I really don't think it had any chance to succeed anyway..
More importantly ( and worrisome ) is that it setup a precedent, with public support, for criminalizing behaviors on the 'internet'. Opening a Pandora's box for the future..
Perhaps a better idea would have been to hold the end companies liable, civilly not criminally, with hefty fines. Perhaps high enough they risk going out of business for allowing their product/business to be pushed via Spam...
---- Booth was a patriot ----
Please excuse the faux pas.
Homestarrunner.net -- It's Dot Com!
Not spam per se, but stuff like this:
The researchers claim the ball has been dropped by 'law enforcement'.
This is no different than Bush blaming the CIA for doing exactly what he told them to do and composing reports and briefings that said exactly what he wanted them to say about Iraq's WMD capabilities.
It appears that "law enforcement" is going to be the next whipping boy for the failures and excesses of Congress and the Administration. The result of this legislative abuse of intelligence and law-enforcement agencies will be widespread demoralization and attrition. Think about it: do you see the CIA as a place to build a productive career? How about joining the FBI instead, where your job will be to carry the blame for failing to enforce the CAN-SPAM act? You'd be better off joining the Army, where you'll probably get to fight Gulf/Chevron/Texaco/ExxonMobil War III(tm) in the Sudan.
When you misuse tools, even good ones, they break. Why is nobody concerned about this?
"Those police are probably too busy deleting the 80% spam from their email, like everyone else.""
That or putting rapists and murders in jail.....I really think my tax dollors could be spent on something better..like maybe giving it back to me. spam is a techinical problem that can be solved through technical means. Anything else is just an excuse to have government regulate computer use.
stendec@gmail.com
...first proposed to apply the Junk Fax law to spam (ISTR the Washington State law is similar, and a few people have actually gotten money from spammers through it), seven years ago (!). People won't have to learn to read headers, services will pop up to do all the technical and legal work for a percentage of the fees.
Unfortunately, it's well known that spammers don't actually have any money after buying fried chicken, beer, and paying their trailer rent.
Tag lost or not installed.
...they complain about the 0.2% that make it past the filters and blocklists to them. With the current growth, sooner or later it is going to collapse as even the 0.2% overflow their inboxes.
Kjella
Live today, because you never know what tomorrow brings
Yeah, I really want my local cop off the street, not busting thieves, rapists, arsonists, burglars, and anti-war protesters. I want him surfing the web trying to find out who in China sent an email about penile enlargement. OK.
Go after those that are selling the products using SPAM.
Yeah, yeah I know someone will go around framing people. Oh well
Keep the Classic Slashdot.
So we were initially worried CAN-SPAM would fail because we feared it was so weak it might actually protect certain "marketers" who bothered to follow its provisions to the letter. Now it turns out that it's going to fail because even it its weakened form, it isn't being enforced...
I think CAN-SPAM could be a good thing if they did enforce it. Even if some spammers were able to still "legally" operate under it, it would at least rise the cost of spamming, shoving many spammers out of business. It would also shut down the worst spammers-- the ones who are [i]already[/i] using illegal methods to push their spam, such as mail server hijacking. We'd have a culling of the herds, as it were.
Of course, this gets to something I never figured out. If Company A in the united states hires Spammer B in Burma to spam U.S. citizens, and Spammer B violates the CAN-SPAM act in doing so, can Company A be prosecuted under CAN-SPAM?
Irritable, left-wing and possibly humorous bumper stickers and t-shirts
it wouldn't help. A .54% compliance rate shows just how much the law scares the spammers: it doesn't. It's impossible to enforce compliance, and they know it.
Yet even if 100% of spam complied with the requirements of CAN-SPAM, it wouldn't mean the amount of spam would necessarily be reduced in any way. Spamming is completely legal under this law. An illegal scams make up a large portion of the spam we see here. The scam being scammed is illegal already, so the spammers feel no need to worry about breaking another law that essentially has little or no penalty and negligible chance of it being applied.
I can't imagine that anyone is genuinely surprised at the actual effectiveness of this useless law. No teeth if you obey it, no teeth if you don't.
In theory, practice and theory are the same. In practice, they rarely are.
The researchers claim the ball has been dropped by 'law enforcement'.
What a surprise. Law enforcement can barely keep up with "real" crimes, can't even be bothered to assist someone who got scammed for a few thousand bucks on eBay (but they'll lock the victim's ass up quick if he takes matters into his own hands), and yet they're supposed to somehow go after spammers who merely annoy people?
Occam's Law says that Congress passed the law not because they're on the payroll of the spammers, but because they're fucking retards with their heads up their asses.
If the volume of spam takes down, or slows servers, and mail clients, why not charge the spammers with Misdemeanor property damage or vandalism?
You get 20% real mail in your box? What's your secret?
-=This sig has nothing to do with my comment. Move along now=-
New studies showed that grass is, indeed, green.
Snooooooore. Slow news day here? (what's new) Did we all know this? Did we need to hear it from /.? Come on. /. is going WAY WAY WAY downhill FAST!
OK, sorry, the subject line is a troll, but seriously, I've never had a major problem with spam on my main account, and I've had it for 5 or 6 years. I just guard it very carefully and only give it out to people I trust. I have a throwaway account on Hotmail that I use to sign up on websites, etc., but even there, these days I only seem to get spammed once or twice a week, if that. I have junk mail filtering turned on for the Hotmail account, and I just ignore the junk mail folder. Works pretty well.
Am I the only one who doesn't have a spam problem? Hello?
In many US states, it's a criminal offense to operate an anonymous business. California has a specific requirement that a business selling on the Internet must disclose their actual name and address before accepting a credit card number. Few spammers do that. We need to put teeth into that law by making the bank that processes the credit card transaction an accessory to that offense. It's aiding and abbetting money-laundering.
On a state level, make it illegal for a bank to charge a consumer's account for an Internet transaction unless the web site complies with that requirement. That would work as a state law, because it applies to the in-state bank that has the consumer's credit card account.
The card-issuing banks would push the requirement back through the system to avoid liability. They would force banks to insist that MasterCard and Visa International issue rules which require merchant banks to change their merchant agreement to prevent anonymous merchants.
With penalties applied through the banking system, spammers would find their ability to collect money much reduced. They'd be kicked out of banks the way they used to be kicked off ISPs.
Seriously, I've never had a major problem with spam on my main account, and I've had it for 5 or 6 years. I just guard it very carefully and only give it out to people I trust. I have a throwaway account on Hotmail that I use to sign up on websites, etc., but even there, these days I only seem to get spammed once or twice a week, if that. I have junk mail filtering turned on for the Hotmail account, and I just ignore the junk mail folder. Works pretty well.
Am I the only one who doesn't have a spam problem? Hello?
but i guess we pick and choose what should and shouldn't be codified eh?
why don't i hear everyone cheering that the law men found something that they couldn't fix with a wave of their wand? especially now that it's squarely (and rightly) back on the shoulder of techies to implement a spam free email systems.
if regulating VoIP is bad, regulating broadcasting is bad, how come we're all secretly hoping the gummint step in and clean up the spam mess?
i love the smell of hypocracy in the morning.
I really think my tax dollors could be spent on something better..like maybe giving it back to me.
I don't want to hear any more right-wing whining about getting tax dollars back until the federal debt is paid down. I don't want my taxes to be wasted to pay for interest on a debt accrued largely by fiscally irresponsible Republicans like Reagan, Bush, and the younger Bush.
spam is a techinical problem that can be solved through technical means.
THEN FUCKING SOLVE IT ALREADY! We've had this problem for a decade and people like you keep saying that technology can solve it. So invent the technology, get support for it, get it deployed, and solve the problem. You're watching people drown in spam and you keep telling us that the government should do nothing because you're planning to pull a technical solution out of your ass. Some day.
Anything else is just an excuse to have government regulate computer use.
I think that the government should regulate computer use so that idiot conspiracy theories like yours don't waste bandwidth and storage on the net.
See you in hell, moderator, courtesy metamod.pl.
i really think that it's time that we all admit collectively, that the current system for email, is broken.
the only way to fix it is to redesign it.
the reality is that the can-spam act provides an enforcement clause but there is no additional funding for law enforcement or the ftc to target these people.
this is very much like the government's drug policy.
lots of laws but little enforcement.
the system lets the little fish go looking for the big fish but they fail to realize that the little fish grow up to become big fish as they learn and get better at their "trade."
Is it 5:30 yet?
These are excellent suggestions. The credit card companies are the proper way to deal with it--an ounce of prevention and all that. They don't want to be seen as cavorting with scumbags for the sake of their precious reputation (they'd rather be the looters in the deal, anyway) so it would be great to hit them there and hit them hard.
So basically we've learned that when people advance their careers by committing health fraud, insurance fraud, selling animal-abuse porn, and running pyramid schemes, they don't obey the law. Maybe next we'll learn that when politicians advance their careers by soliciting donations from corporations, they don't act against the interest of those corporations.
..I can Thunderbird. Seriously! I've had my email address for 5 years now. It's a university address I had when I was undergrad and back then I had other addresses forwarding to it, some of which still do and have been around since before spam was a problem. It's been on class webpages, etc. and so it gets quite a bit of spam. Still, I kind of like it; and I still get 20 junk emails for every real email, but Thunderbird kills (on average) all but one, and has never stuffed a real message in the Junk folder. It's much easier for an email client to police messages than it is for law enforcement to police message senders.
A while back, companies (including Microsoft) were talking about creating a pay-the-sender e-mail system that would force non-whitelist e-mail senders to pay some n-cent "stamp" toll to have their message delivered. I still think this is a great idea: a tiny fraction of the personal e-mail I receive is both (!spam && !expected), and anyone who legitimately wants to contact me is unlikely to balk at a 5-cent fee (unlike, say, a spammer sending out ten-million unwanted e-mails).
The problem, of course, is convincing people to sign-on. If it came out tomorrow (and Microsoft promised to play nice), would slashdotters be on-board?
Don't forget about this story about the FBI building cases against the worst spammers.
Pointing out that Washington politics is ruining our ability to maintain order in society is NOT a troll.
Christ, sometimes I think there should be a "Score:-1, Cognitive Dissonance" moderation option on Slashdot.
...spammers lie. What's to stop them for lying about their real name and address? The banks, VISA, merchant banks etc. would all pass blame along. They are usually breaking fraud laws, deceptive marketing laws and now can-spam. Why shouldn't they ignore those laws as well? It's the same kind of bullshit ISPs pull with their pink contracts. Claim ignorance, and at worst, pull the plug to run the same scam all over again.
Kjella
Live today, because you never know what tomorrow brings
The FBI and British Police decided to patrol chat rooms with uniformed police, and IRC administrators are against their proposal. When will they find the time to track down identity theft and scam operators?
http://thomas.loc.gov/cgi-bin/query/z?c108:S.877:
and spend some time to boil off all the legalese, you will see that the bill is not intended to prevent spamming. That was used as a sales point, but is not supported anywhere in the text. The bill is written obscurely enough that ordinary people cannot read or understand it. I assume that is by design.
Some of the main things it does do:
It destroys all existing state and local level anti-spam laws. Some of them were actually becoming effective, so they had to go.
It removes any legal right of action from 99.99% of the population. The only entities who can bring action under it are ISPs and a few governmental agencies.
If these ISPs/Agencies want to bring suit they must do so in a federal court, not state, local, or small claims. If you don't have $10,000 (US) that you can throw away to make a point, there is no reason to go there. You cannot represent yourself and even normal attournies are not all qualified to go there.
The few federal agencies that can apply the law, such as state attourney generals, tend to already be fully occupied with things like rape, murder, grand theft, and chasing down workers in the drug and terrorism industries.
If you come up to them looking for help, they have to decide whether to look into a few annoying emails, or go out and catch passing speeders and arsonists and burglars. Because they only see 1/10,000,000 of any given spam run, it will look like nothing more than a misdemeanor. It will usually look like it is not even in their jursdiction. Guess who wins?
Small ISPs are unlikely to have the money to pursue cases under this law. Some of the major ISPs have gone after a dozen or so spammers. Even if they win every case, twelve or so prosecutions a year is not a noticable deterent for the remaining hundred thousand or so spammers.
The net effect is that this bill ought to be called the I-CAN-SPAM act, as this would represent it accurately.
t_t_b
I'm on PJ's "enemies" list! Are you?
Spam laws you want enforced because they hurt you, I personally couldn't care less since I don't get more then 1 or 2 a year. I do however have to deal with the aftermath of speeding in the form of taking a good friend who is a ambulance medic drinking after he scraped yet another child out of a car hit by some speeder.
So you think your concerns are more important then mine? Either enforce all laws or enforce none. Spammers got the same excuses (they are not really hurting anyone) as speeders. Last time I checked spam never killed anyone.
I am glad the police has better things to do then catch spammers. Also your example about rapist and traffic violations is wrong. Wasn't ted bundy or another serial rapist/murdered arrested for traffic violation? So going after traffic netted the police a violent criminal. Not bad.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
Many ISPs are guilty, too. MCI/UUNET is the worst in the US. They know damned well that over a hundred of their customers are major spammers, yet they keep them online regardless of any AUP policies. Obviously, they want a piece of the spam cash cow. So the rest of us suffer even more because so many spammers find it easier to flood our networks.
Right now, boycott is the only way to deal with it. That means that no only will I refuse to do business with MCI/UUNET, I will also refuse to accept any SMTP delivered mail from any of their IP address space (I have a huge list). And lots of other networks are doing this now.
If you don't like a boycott, then maybe you should support a $25 fine, per message to each recipient, imposed on the ISP that retained a spammer for at least 30 days. Of course that would completely wipe out MCI/UUNET given the massive volume of abuse coming from there. But I say good riddance.
now we need to go OSS in diesel cars
"We're giving it a pretty good chance of passing," said Ruskin, who has a company representative at the IETF meetings. "The word on the street is that everyone wants to support [Sender ID], but that some are concerned about the proprietary licensing that Microsoft wants to put in it. If someone has to fax Microsoft each time a change is proposed to the standard, that doesn't go down well with a certain group of people."
Sounds like someone has his panties in a wad.
Drop the proprietary crap. There's no need for it.
Yesterday my server blocked 24,857 spams, up from 16,446 the same day a week ago.
Current figures indicate that approximately 81% of the e-mail traffic my server gets is spam. It's probably a little higher than that since there's always some spam that gets through.
To most people, it might not be a big deal, but since I pay for my own bandwidth to the backbone, this represents a tremendous waste of resources that I'm paying for.
The waste of resources is not a technological problem. It's called theft.
The vast majority of spam we're seeing now is originating from zombie PCs that have been compromised due to unauthorized computer break-ins. This is felony computer tempering.
Many spammers are promoting dubious ventures, MLM, casinos, drugs and drug paraphenelia, child porn, questionable OTC stock deals, copycat pharmaceuticals and other schemes. Most of what they're selling is illegal in various jurisdictions.
Consequently, why are those among our community still continuing to claim this is a technological issue? From almost day one, this has been a law enforcement issue. We've never needed any additional Internet-related laws. Software and RBLs have helped blind us to the reality of how bad it is, but none of this stuff has really done much to stop the perpetrators.
If you want to install some software that might actually make a difference, may I suggest a program that writes letters, faxes and e-mails to the local District Attorney in your jurisdiction, urging them to get off their goddam asses and start doing their jobs and prosecuting these spamming scum!
"Those police are probably too busy deleting the 80% spam from their email"
No, they're too busy checking our library records and p2p usage.
Has anyone ever noticed that they named it the CAN SPAM act?
Yur some help, what with a four digit UID? Your spew is all over my hand.
If you want news from today, you have to come back tomorrow.
I think if a spammer is convicted of spamming, and trying to sell medication, they must consume all the medication they were trying to sell
give them an overdose of viagra
I believe it it was he who proposed legislation to make it legal
to hack people's machines remotely, surreptitiously and destructively,
if the machines contain (or are used for) unauthorized file-copying.
I think it's notable that no one of his ilk has stepped up
to suggest something similar which would legalize hacking of spammers to benefit the PUBLIC
(versus legislation benefiting large political financial contributors
like the RIAA or the Direct Marketing Association).
The CAN-SPAM Act of 2003 was a hastily enacted law that was to override California's more restrictive anti-spam law requiring "opt-in" that was supposed to take effect on January 1, 2004.
I think we should start publishing hosts files that redirect spamvertised domains to 127.0.0.1.
"Well-regulated" had a different meaning in the 1700's than it has today. It meant, essentially, "well trained". Back then, to be effective, troops had to stay organised in groups that moved, loaded, and fired together. The typical volunteer was a lousy shot with the weapons of the day. Mass volleys of fire were the only way to achieve success in battle.
But I guess you already knew that.
I mentioned this a little while ago.
There's two things missing.
First, the law must allow anyone to sue the spammer in civil court. Law enforcement has more than enough work to do, and limited resources to do it with.
Second, the law must target the actual problem. It will always come back, so long as there's no law that bans unsolicited broadcast advertising over networks paid for by the recipient. You get stealth spam, astroturf spam, spam pushing political parties and politicians, preeachers and churches, products and categories, lifestyles and cults, spam over SMS and instant messenger networks and on web boards and everything else.
If they initially limit it to unsolicited bulk commercial email, that will at least dry up the core of it for a while, until people start spamming public service notices and political messages to drive traffic to their sites, but this late in the game I'd be happy with a reprieve.
But opt-out lists and tagging and being an "honest spammer" doesn't cut it. Get a sunday newspaper. Make an estimate of all the ads in there, including the classifieds. That's the number of people just in your city who are willing to pay on average the equivalent of a month's service on a throwaway cable account to get their message in front of a few percent of a few million people, most of whom will ignore them. JUST from your city alone. On the Internet, every city in the world is the same distance from you... make allowance for the "honest spammer" and that's how many people will be lining up to hit your mailbox.
Every week of the year.
There's no room for the "honest spammer", unsolicited broadcast email (and unsolicited broadcast advertising on any media that's effectively free for the sender) has to go. No exceptions.
An effective law has to allow for civil suits by the injured party, it has to require explicit audited requests for the mail unless there's an equally explicit equally auditable relationship (like, it's a club you're a member of), and it has to target bulk mail.
Anything else just has too many loopholes to make a difference.
...Especially when we have spyware which is much more malacious. Spyware steals bandwidth, processor cycles, and drive space without proper consent; why this is legal I'll never understand.
People running mail servers need to put SPF in place and give it a soft-fail until 01/01/2006. That gives everyone over a year to get it ready.
http://spf.pobox.com/
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
I'm concerned that there is no way to cut all of the SMTP servers out there over to a new mail protocol, even if one is invented. As an example, how easily did the transition from individual hosts files to the DNS system proceed back in the day?
In the mean time, I have been looking at implementing SPF http://spf.pobox.com/. Has anyone else tried that, and has it worked well? I'm wondering if it's going to work very well until more folks start adding SPF records to their DNS servers. I guess as long as the big guns (AOL, etc.) have started doing so, that might reduce the amount of forged messages to a manageable level. Thoughts?
SourceHosting.net, LLC
Ready. Set. Code.
http://www.sourcehosting.net/
I wrote:
The only way to reliably avoid spam is to quit using email.
I better correct myself. There are effective spam filtering techniques, but none that don't also discard a certain amount of legitimate mail. For many people that's an unreasonable requirement... mail lost in such filters is itself a big part of the spam problem.
One problem is that most spam comes from zombies. Changing the protocol does nothing about that. The zombies will just use the new protocol.
maybe someone should offer rewards for the heads of spammers
the crapfloods are getting old. I thought the GNAA stuff was funny at first. I think I even mod'ed you up once or twice. But is is really getting stupid.
What spam???? My university now has Postini filtering the spam. I was skeptical at first, but it truly does a great job.
The ITEF working group responsible for evaluating Sender ID is expected to nominate it as an Internet standard this week.
There is nothing I love more than a well edited article. It says loads for it's credibility.
I used to be a paranoid, now, I'm just a noid.
- didn't want any spam;
- didn't trust his remove link;
- wanted him, personally, to ensure that I was removed from his list.
He kept protesting that it was a "compliant email" , which seemed to make everything OK in his eyes. He didn't seem to understand the burden placed on his victims - stealing a minute to do the remove from each of those 2 million people is equivalent to 16 years of a full time job down the tubes. Serious lack of clues, on Bob's part.Eventually he agreed to take my email address and see that it was removed. We'll see if that actually happens.
Racing is an addiction that makes heroin look like a vague hankering for something crunchy.
The other thing you can do with digital stamps, if you can get around the other problems (and I don't take them as a given), is to treat them as a "bid". You put the stamp on that you think the message is worth to you to be read. The recipient can simply ignore messages they don't think are worth the cost of opening. If they don't open the message, or don't open it before the bid expires, or don't cash the stamp, it doesn't cost you anything.
b ject: whatever ....
You don't need to change SMTP to do this, you just include the bid in the message (as a header, or as a message part) as an encrypted string they can pass back to the organisation that provided the stamp. You can even put a fingerprint of the stamp in the "from" address of the message so people who *do* want to distinguish stamped from unstamped mail at the lowest level can do so:
From peter+estamp=5FA60076A7@something.example.com
Su
X-Stamp: really-long-string-of-gibberish
To: cagle@whatever.example.com
This would be an optimization. If the recipient wants to use this to make mail handling a bit more efficient they can, but they don't need to modify their mailserver to use stamps.
Post a 10-50 thousand dollar bounty on repeat spammers and unleash marshals and bounty hunters on them.
Make it financially desirable for freelance and already licensed enforcement services to bring the spammers in.
- Zav - Imagine a Beowulf cluster of insensitive clods...
Check out the spam to "good" email ratio at CERN http://mmmservices.web.cern.ch/mmmservices/. When I started there in January, I seem to remember that it was something like 55%...
If I understand it correctly, and my boss (I work for a medium sized ISP in Washington) is right, the CAN-SPAM act makes all state-level anti-spam laws unenforcable. So our nice, useful, extremely effective Washington State law, is now off the books, and we get to use the completely worthless CAN-SPAM law instead.
The vast majority of spam I see is from zombies.
Technological solution: ISP's block outgoing port 25 service from their networks, except for their mailservers.
The next largest segment is from open relays.
Technological solution: Block those addresses.
Which leaves spammers with their own accounts on ISP's.
Technological solution: ISP's put rate limits on outgoing email.
Nice, simple and easy to implement.
There will be a few issues with that, such as mailing lists, but those should be easy to handle on a case by case basis from the ISP.
Technology has solved the problem. But getting the ISP's to implement the technology isn't easy. Some of those ISP's are very happy to host spammers for a price.
Never mind this moron, He is probably one of Bush's fellow born-again-Christian compatriot idiots!
Why doesn't he put his money where his mouth is and propose a "Faith-Based Initiative to Stop Spam"?!
Now that I am going on about this "Faith-Based" crap, why doesn't he undertake a "Faith-Based Initiative" on improving his spelling?
And as a parting shot, never forget that a "Faith-Based Initiative" based on technology is every bit as stupid as a "Faith-Based" solution based on religion!!! Maybe even more stupid!!!
It is a pain in the ass, but it will destroy all spam. Set all of your email accounts to only receive mail from people who are in your address book. You'll have to add new people when you want them to email you, but you won't ever get another spam. Of course this doesn't solve the problem of the server having to handle all the spam, but at least the end user won't be bothered by it. Hopefully, after receiving no responses from anyone, the spammers will be forced to give up. Wishful thinking I suppose.
Read my short stories - You won't regret it.
I was wondering what was the reason for these apparently professional looking pieces of spam, with the Can-Spam logo at the bottom, with the opt-out option, all appearing wonderfully legal.
Now I know!
The fonts are nice, the grammar is highly improved, the spelling is mostly correct, but there is one problem:
IT IS STILL SPAM!!!! AND I WOULDN"T TRUST BUYING A CANDY BAR FROM THESE SHYSTERS!!!
OK, sorry, the subject is a troll, but it's toned down from what I already wrote.
never had a major problem with spam... [i] only give [my address] out to people I trust. I have a throwaway account on Hotmail...
If you don't ever want any individual who you don't already know to ever be able to contact you via email, it's easy to avoid spam. But it's not a victory I would consider worthwhile. I get personal unsolicited mail that I want at least a couple of times a month, sometimes to addresses that I haven't considered my *primary* address in a decade. I'm not willing to give that up.
To really solve this, we would have to make spamming economically unattractive to the spammers. And we can do this by everyone always repying to all spam. Spammers would be inundated with replies, unable to separate the wheat from the chaff.
I know I'm not the first to suggest this; the problem is getting everyone (or their mail agent) to do this. But it's something the people who are having the problem can do without waiting for the government or technology to fix things.
and spend some time to boil off all the legalese, you will see that the bill is not intended to prevent spamming. That was used as a sales point, but is not supported anywhere in the text. The bill is written obscurely enough that ordinary people cannot read or understand it. I assume that is by design.
Your comments are very interesting, but can anyone speculate why such a law would have been crafted to specifically enable spam while making the public think it was to eliminate it? What political and/or power gain would there be in enabling spam?
The price of crude oil has been above $40 for a long time now. Instead of taking oil out of the strategic reserve to reduce the price they are putting huge amounts of oil into it despite the high price. Clearly that oil will go to the military not industry or the consumer. Those two could use it now. The military needs it when war cuts the US off from foreign oil.
Sorry but the government doesn't have time to mess with SPAM control.
http://livejournal.com/community/peak_oil
...it is more like "not being malicious". Witness the following: Spammer sends mail to spammer's account. The spammer will use some out-of-jurisdiction/hacked account, and not pay a thing. The recipient will either a) get nothing, as is the case today or b) get the stamp, which is absorbed by someone else than the spammer. Either way, it is a lose-lose situation for the ISP. And if they increase the fee to cover those expenses, you're paying for the spammers' profits. Saying "we could depend on people not being stupid" is as stupid as saying "we could depend on people not being egoistic" in communism. IT DOESN'T WORK.
Kjella
Live today, because you never know what tomorrow brings
{sarcasm} Like how gun manufacturers aid and abet armed robbery? We should make banks liable for aiding the purchase of guns used by criminals too. We should make banks liable for the millions of people that use credit cards to purchase fast food 7 days a week and consequently become obese too! And how about blaming the banks as well for whenever the credit card is outright stolen? They should have a 24/7 surveillance on every card, right? It's best if everyone's privacy is completely invaded so that the few among us without common sense don't get ripped off when they purchase something from a highly suspicious website, to which they were directed from an atrociously juvenile email, riddled with nonsense words! Those poor souls!{/sarcasm}
Unless a bank is partner to the actual deception itself, keep the blame on those who are committing fraud. The only buck that should be passed on, is to the irresponsibility of those without common sense that actually choose to pay attention to spam.
I, for one, am sick and tired of paying the price of lost rights due to those few people that adamantly refuse to take responsibility. I still love the following example that was posted a while back:
An explanation of my choices for friends
http://www.publicdebt.treas.gov/opd/opdpenny.htm
You have no chance, they never want to pay the debt back, they cant its impossible, they would have to payback the 5% interest + 5% on top to get anywhere near paying itback with in 25 years, so thats 10% of GDB, or 700-800 billion a year, they dont have that amount of spare change. There is only one way to FAKE/SCAM your way out of massive debt, and thats MASSIVE inflation, you simply make the 7trillion devalue so much that its worth barely the price of 1 weeks taxes, instead of 7 years taxes. You just runup general inflation faster than official bank interest rates and before you know it, youve devalued your debt faster than it would have done so by just paying it back, until you have to revalue the currency and call $1000USD, $1NEWDOLLAR, or $1EARTHDOLLAR. This way all the banks are scammed out, and so are most investors who 'lent' that money.
Think bout it, the govt aint gona run up income taxes to 60-70% to pay debt, it would kill everyone, rather they will runup inflation and hurt you a little, until the debt has halfed.
Look at how fast its been going up by;
08/4/2004 $7,300,833,399,186.25
08/3/2004 $7,299,762,420,227.71
08/2/2004 $7,303,319,122,668.55
Prior
Months
07/30/2004 $7,316,567,571,232.89
06/30/2004 $7,274,334,972,199.15
05/28/2004 $7,196,382,805,621.99
04/30/2004 $7,133,789,490,581.43
03/31/2004 $7,131,067,950,647.32
02/27/2004 $7,091,943,110,094.84
01/30/2004 $7,009,234,605,728.06
12/31/2003 $7,001,312,247,818.28
11/28/2003 $6,925,065,499,881.34
10/31/2003 $6,872,675,839,106.67
Liberty freedom are no1, not dicks in suits.
There are lots of reasons why people will resist implementing the technological fixes, but that does not mean that they do not exist.
reject _all_ mail with foreign (out-of-country-connotation) origins. this could take care of seventy per-cent of my spam (you listening, yahoo? gmail?). this also would help to identify and prosecute local spammers.
----
http://www.hellection.com
The CAN-SPAM Act is not a "bust", as the Slashdot story says. The CAN-SPAM Act does exactly what it was designed to do. It helps the spammers.
The CAN-SPAM Act is part of extremely widespread corruption in the U.S. government. Even the 3 movies and 34 books linked in this article are not enough to tell the complete story: Unprecedented Corruption: A guide to conflict of interest in the U.S. government.
Human being (n.): A genetically human, genetically distinct, functioning organism.
You pay if they cash the stamp. The stamp is in the mail. If you just delete the mail off the server unread you don't get the stamp.
I suppose you could just download the spam, cash the stamp, and delete it unread. That's a risk the spammer would have to accept when he sends out a million penny-stamped messages.
But, yes, the idea is that the stamp is a bid for your attention. If your attention isn't worth a penny, you'd bounce those messages as early in the process as you can. Ideally, your mail server would heck the validity of the stamps as they come in (make the query protocol cheap enough and you can do it during the SMTP phase, though you wouldn't need to) and bounce forgeries and too-low bids without even accepting the message.
There's still lots of problems with the whole microstamp idea, but this should help keep people from getting technicaly tricked out of real money.
This is why I wrote CF13-SMTP(TM) and CF13-POP3(TM)
Using CF13-POP3(TM), I have been malware free and effectively spam free since 2004-07-06. As proof, my email address is shown on all my Slashdot posts without obsfucation 'the way it should be'. Any spam I get is summarily deleted by the program's SpamByte filtering system. Any spam that gets through, I complain about. I could be '100%' spam free but it would be difficult to send me URLs and email addresses in email messages.
If ghettoboy22 ran my shareware CF13-SMTP(TM) mailserver program, his influx of spam and malware would disappear. His inbox would only contain the types of messages he wants to receive. All other spam and malware sent to a properly configured copy of CF13-SMTP(TM) would be rejected before the SMTP DATA command or be logged into one file or summarily deleted after the SMTP DATA command.
CF13-SMTP(TM) and CF13-POP3(TM) were designed and coded from beginning to end for high-performance email processing and to fight email spam/malware and win!
Therefore, I stand by my claim of:
SpamByte: Game Over Spammers/Computer Crackers
Though CF13-SMTP(TM) is shareware, CF13-POP3(TM) is freeware--free for all to use and benefit from its email filtering capabilities....
Several have noted that people in third-world countries would find a penny-per-e-mail to be cost prohibitive, even for normal use. If we make the cashing of the stamp a punitive action, then "white-hat" e-mails can still use e-mail for essentially free (since their stamps rarely get cashed), whereas spammers get punished as they deserve. The stamp still functions, as you would like, to serve notice that I'm ponying up cash for your attention, but that notice is treated as simply a courtesy if your e-mail is legit.
Human being (n.): A genetically human, genetically distinct, functioning organism.
I'm stilled fascinated by the alternative: to have the stamp cashed *only* at the discretion of the reader
That's why it's a "bid" rather than a "payment". Uncashed stamps would be returned to the sender's account after a certain time period that would be encoded into the stamp.
Also, this could be done with a low enough overhead that tenth-of-a-penny (or smaller) stamps would be possible.
The other thing about this is that it doesn't require a change to the infrastructure. It can take advantage of SMTP-level tools, but it can be easily laid on top of existing mail. You just need someone to provide a "franking service". This could be as simple as a web-mail server with a good reputation (google?) or a gateway that you can forward your mail through.
The problems with existing SMTP and this plan are that
a) you don't want to have to send *all* of your e-mail (interoffice memos!) through a central server. The bandwidth required would be -- awesome, and service would begin to resemble the USPS. SMTP derives a lot of popularity from its distributed nature.
b) I believe it would be fairly easy for a black-hat mail sender to make up some SMTP packet headers that appear to be stamped but have no redeeming value.
Not that I'm knocking the entire plan; I just don't think SMTP in its current form can actually handle it, so I've abandoned it for the time being
Now that I'm thinking about it again, though, what about a combination of white-listing *and* digital stamping. In this plan, browsers are configured to receive e-mails from known "white-listers" as usual; all others are blocked. BUT, a central server (your "franking server") could accept e-mail from those not on your white list, verify a stamp for the e-mail, and then forward it. The central server would then be on everyone's white list. If the mail is bogus, you hit the "charge" button, which sends a quick IP packet back to the server demanding payment.
Spoofing is still a big issue, though.
Human being (n.): A genetically human, genetically distinct, functioning organism.
you don't want to have to send *all* of your e-mail (interoffice memos!) through a central server
p le.coms s&to=to-address&stamp=fingerprint HTTP/1.0
1. All external email goes through one or a small number of servers at the firewall anyway. Most places all internal mail goes through central servers as well. SMTP is an extremely lightweight protocol, there are lots of good implementations, and it's highly parallelisable at that.
2. Most big companies already seem to be running klunky old email systems like Notes and Exchange that have a much higher overhead than this.
3. Stamp redemption and clearing doesn't need to even run on the server. I don't know where you got the idea that it would... I've pointed out that putting part of this on the server would be an optimization.
make up some SMTP packet headers
SMTP or any other mail protocol is way too low level, what I'm talking about it up at the application and presentation layers. The only reason to bring in SMTP is to optimise rejection.
that appear to be stamped
Even if they dupliacted the checksum and produced a valid stamp, it wouldn't make it past the "redemption check" I proposed, where the fingerprint of the stamp, the sender, and the recipient are checked against the redemption server: "Is this stamp valid". This can be implemented at the using DNS, like an RBL, and in HTTP. The overhead is low and of course any messages containing forged stamps could simply be discarded.
I just don't think SMTP in its current form can actually handle it
I don't think you understand it, then. Let me recap:
The sender stamps a message with a digital stamp IN THE MESSAGE ITSELF, either in the headers or in a body section. This means that the transport protocol doesn't matter, the message is stamped no matter whether it's transported through SMTP, UUCP, or a magtape sent via UPS.
The recipient's mail software verifies the stamp before presenting it to the recipient. This can be done at their local mail server (distributed), at an upstream mail server at the ISP or corp firewall, or even on their desktop if that's where they have to do it.
The recipient then accepts the messages that pass the minimum bit, and gets a button "redeem stamp'. If clicked, that sends the stamp back to the redemption center (via HTTPS or even a return email message) to credit it to their account.
Optimizations and elaborations:
1. If the sender includes the stamp's fingerprint in the SMTP envelope, then the SMTP server can prescreen stamps and eliminate duplicates.
2. If necessary, any of the mail servers can verify the stamp via a quick handshake with the redemption center.
EG:
dig ptr from-address.dst-address.fingerprint.estamps.exam
GET https://estamps.example.com/check?from=from-addre
These two elaborations are to increase the efficiency of the process, they aren't needed, and they're the only place SMTP comes into the picture.
what about a combination of white-listing *and* digital stamping
So far as I know EVERY digital stamping protocol includes whitelisting.
this plan, browsers are configured to receive e-mails from known "white-listers" as usual; all others are blocked. BUT, a central server (your "franking server") could accept e-mail from those not on your white list, verify a stamp for the e-mail, and then forward it
This is a variant of my old "token" proposal, with digital stamps being one of the acceptable tokens. You don't need digital stamps for this to be useful... just whitelist servers you know aren't going to send you spam, and let those servers worry about how they do it.
Bulk mail folder? I don't have a folder called Bulk. Unless it's an alias for Trash, or an option which needs enabling, I have to wonder whether it was something added and not retrofitted to existing accounts.
Sounds like poetic justice to me.
</chortling>
Frodo Lives!!
(Hit "Submit" instead of "Preview." Mods: Mod first one into oblivion please.) Quoth the legal illiterate poster: Some of the main things it does do: It destroys all existing state and local level anti-spam laws. Some of them were actually becoming effective, so they had to go. BZZZT!! WRONG! The pre-emption provision you are referring to was mainly aimed at California's law which was very good but, as you put it, had to go. However, laws like Washington's remain untouched. Why? CAN-SPAM does pre-empt state laws that regulate spam, but not "to the extent that any such statute, regulation, or rule prohibits falsity or deception in any portion of a commercial electronic mail message or information attached thereto" as does Washington's and several others. Agreed, CAN-SPAM is a shitty law. The law ended up this way because the Bushies didn't want to "encourage frivolous lawsuits" against "honest, hard-working businessmen." VOTE KERRY 2004!
The people responsible for sacking the people responsible for sending the previous message have been sacked.
(Hit "Submit" instead of "Preview." Mods: Mod first one into oblivion please.)
Quoth the legal illiterate poster:
Some of the main things it does do:
It destroys all existing state and local level anti-spam laws. Some of them were actually becoming effective, so they had to go.
BZZZT!! WRONG! The pre-emption provision you are referring to was mainly aimed at California's law which was very good but, as you put it, had to go. However, laws like Washington's remain untouched. Why? CAN-SPAM does pre-empt state laws that regulate spam, but not "to the extent that any such statute, regulation, or rule prohibits falsity or deception in any portion of a commercial electronic mail message or information attached thereto" as does Washington's and several others.
Agreed, CAN-SPAM is a shitty law. The law ended up this way because the Bushies didn't want to "encourage frivolous lawsuits" against "honest, hard-working businessmen."
VOTE KERRY 2004!
By mentioning DNS, are you implying that the redemption process would be distributed? If so, that is terribly problematic in terms of financial trust; redemption centers will have to hold actual money (or worse, credit card #s) in order to make the stamps meaningful. If any old server can be a redemption repository (just as any old DNS server can be the authority for a zone), then theft will occur.
I'm not pretending to be a protocol expert, so don't be annoyed at my naivite; I'm just trrying to forsee problems.
Human being (n.): A genetically human, genetically distinct, functioning organism.
How do you plan to (securely) associate a given stamp with a given e-mail message?
You sign the e-mail message with an asymmetric key that is registered with the exchange. The "franking" service is not the redemption center, it's just a convenience for people who don't have their own software for signing messages. There can be multiple franking centers, even run by different people. For that matter, there can be multiple organizations selling e-stamps. Your email client would know their addresses, the same way your DNS client knows the address of the root server.
The only transactions that need to be centralised even as far as a redemption center are the ones that create, verifiy and redeem the stamp. The details of cryptographic signatures and public key encryption required to do this are a little more than I want to type right now, but we're talking about a hundred bytes of data.
By mentioning DNS, are you implying that the redemption process would be distributed?
No, I'm using DNS as a low overhead mechanism to verify a stamp. A DNS lookup to verify the stamp could be done in as little as two packets: one from the mail server to the redemption center with the stamp's fingerprint, and one from the redemption center back to the mail server with a "yes" or "no". And in any case this step is optional... the stamp itself contains everything you need to use to verify it, the use of a registration fingerprint in the SMTP envelope is an optimization to reduce the computational load on each mail server... it's something that any estamp scheme could use.
However it would be possible to have multiple redemption centers, say... one run by the US Post Office, one run by Paypal, one run by Chase Bank, one run by Lloyds of London... or whatever. The mail client would maintain a list of public keys and addresses for these servers. The actual purchase and redemption of the stamps would involve cryptographically signed exchanges between the franking center or the end-user's computer and the redemption center.
This part of the process is common to any scheme that involves electronic stamps. If you're concerned about them (and, yes, the key management issue is a real one, but no more so than the one you use every time you buy something from Amazon.com... and you likely have more money at risk there), then be aware they apply to any estamp technology.
For that matter, the traffic overhead and the centralization of the servers involved are comparable for all estamp proposals, and depend on how you personally use it. If you just want to accept messages with bids over a certain value and never redeem the stamps, you just have to check that the keys match.
The details of the cryptography behind it, then, don't really matter. If they're an issue, then they're an issue for all estamp schemes.
Many people have tires that cannot handle 80, even 75 MPH safely. Not that they are worn or damaged but there are a lot of cheap 'R' rated tires (102 MPH rated) that just become unstable at those speeds when changing lanes or braking. I'm talking $30 specials people pick up from price club.
Plus, I don't really want grandma with her coke bottle glasses doing 80 MPH with me on the road.
Thats why I think for most normal people that live in high speed areas with like 8 lane highways they should choose Z or V speed rated tires no matter what they are driving. This is because likelyhood of having to stop fast or dodge something on the road is high. A quick jerk of the wheel on a cheap R rated tire and you can loose control.
Sorry -- 130mph OR LESS. Though if you've followed the link, you should have been able to spot the typo yourself. :)
And incidentally, also keep in mind that you shouldn't be going 110mph unless you're on a track! Never do so on public roads.
i am a soviet space shuttle
"As I described before, there is no technological fix for other domains having open relays."
It's called a "firewall". You can update the "firewall" to reject connections that come from known open relays.
"They aren't static and could not compose a list of them today that would be valid next week."
So they spontaniously appear? That's amazing. I though auto-genesis was disproven years ago. Imagine my surprise. Meanwhile, I thought I covered that in the portion about ISP's locking down port 25 on their networks. Silly me. You do know what port 25 is, don't you?
"There's no fix if some Chinese ISP chooses to temporarily uncap some spammer's outgoing e-mail rates for a fee."
You haven't heard of the "usenet death penalty", have you? And again, it is a technological solution. It is drastic, but it is necessary when the ISP's refuse to implement their side of the technology.
"There's no fix for a spammer buying IP space in Brazil, blasting out a spam run, and then moving to another IP address, maybe at a different ISP."
Been over that. It's called "rate limits".
"A technological solution to the spam problem means that I implement it and get no more spam at my domain."
Sure there is, it's called a "white list". You configure the firewall to ONLY allow email access from sites you completely trust. If you've configured it correctly, you'll never get any spam. If you haven't configured it correctly, well, that's a failing on your part.
puhhhleeezzeeee Any university student can easily exceed 80% without giving it to anyone thanks to university directories and mailing lists.
Ask teacher question, teacher replies to you and CC's the class alias, your e-mail is now in the mail archive. The mail archive is searchable via the mail archive webpage.... and BAM 99% spam. Up until recently I was getting over 90% spam. Most of it seemed to be from the same spammer (all the e-mails were from ___@___blue___ or ____@___blackmagic___) and while spambouncer easily caught that shizzle, it was still very annoying. The majority of the spam has subsided, apparently the spam that was targeting the university has been shut down (i think he might have been the same one that Yahoo was going after).
Whats even worse is my bellsouth account that I never even use and that no one knows about except bellsouth. It got over 160 spams this past weekend. Apparently the spammers brute-forced the user names from the server.
"I don't like your rude, smart-assed tone. So don't expect this to be polite like my previous reply."
.1% can easily be handled by spamassassin or similar programs.
:)
"Polite"? You're dumber than a box of rocks. How can you tell what "polite" is?
Here, I'll break it into itty-bitty chunks so you don't have to think so hard.
Start with 100% of the spam.
#1. ISP's block port 25 by default. That gets rid of all the zombie machines.
Now you only have to deal with 50% of the spam.
#2. Block the open relays at your firewall.
Now you only have to deal with 15% of the spam.
#3. ISP's rate limit email.
So instead of a spammer sending out a few million emails, s/he only sends out 100.
There, 99.9% of the spam never gets to you AND all the bandwidth is saved.
The remaining
"That's like saying that a whitelist of phone numbers is a technological solution to telemarketing. Nevermind the fact that your wife is trying to reach you from a payphone in a dark parking lot where her car battery is dead."
I gave you the technological solution to the spam problem. You didn't like it that it required the ISP's to implement it.
So you gave new criteria that YOU would NEVER receive ANY spam AND that it be something that YOU only had to implement on YOUR side.
Now you're changing your criteria, again.
Why don't you take a little nap and have some cookies and milk and try to collect your thoughts and grow up a little before you show off your ignorance in a public forum next time?
How the fsck can you be so goddammned dense?!?! He poked your ideas full of holes and you did not even have enough brains to know it.
I am a postmaster at one of the biggest U.S. ISPs on the net and you don't have a clue about blocking spam. Do you actually believe that the average firewall could handle blocking of over 225,000 open relay IP addresses? That's how many there are in the ORDB blacklist alone. Did you ever try to administer a firewall of that complexity?
About your idea to block port 25, we're already doing that for dial-up customers but we cannot do it to business customers or we would be sued. Most business customers will not consider relaying their mail through some ISP's servers.
Do us all a favor and get a vasectomy or at least shutup.
"If you doubled your IQ, you might be my equal. Right now, you're just a little kid trying to play with the big boys and you are hopelessly out of your league."
Strange, it seems that you're the one that can't count, doesn't understand what port 25 is and has problems with basic firewalls. Yet you think you're smarter than I am?
re: #1. ISP's block port 25 by default. That gets rid of all the zombie machines.
"If that happened, the spammers would stop using zombie machines and go to different methods. Unlike you, they are smart enough to stop doing something when it stops working."
So you claim. But WHAT would they do instead? Hmmm? What would they do? Don't just claim that they'd do "something". Explain what they'd do. Go ahead. I'll even help you.
To send email to my server you must:
#1. Steal someone else's connection (zombie).
#2. Bounce the mail off an open relay.
#3. Pay for the connection yourself.
#4. "Free" web mail.
The fact is, cutting off the zombie machines would reduce my spam by about 50%. That's #1.
re: #2. Block the open relays at your firewall.
"Your lack of reading comprehension is doing you in again. As I wrote before:
If you generated a rule to exclude every open relay on the Internet, the firewall, if it had the storage for that many IP addresses, would slow to a crawl. If the relay opens at 2:10AM and the spammer starts blasting your domain at 2:14AM, then I guess that relay wasn't in the list, was it?"
What is your basis for saying that a firewall couldn't handle it?
"You suggested absurd things like programming every IP address of every open relay in the world into your firewall. Yeah, that's real practical -- assuming that your firewall has infinite speed, infinite memory, and you are clairvoyent so that you can tell when an open relay comes online."
No, you'd only need infinite speed and memory if there were an infinite number of open relays.
Since there aren't, you don't.
From my server, there are fewer than 100 open relays sending me spam. It's easy to block 100 sites.
re: #3. ISP's rate limit email.
"The spammer won't go through an ISP rate-limited e-mail server, as I've tried to tell you repeatedly. They will go through open relays at small businesses."
Which was already covered in #2. The open relays are blocked.
And so the cycle begins again. I gave you three easy steps and you can't even get from #2 to #3 without forgetting #2.
Well, this has been fun. But until you can learn to count to 3, I don't think you will understand it.
Buh bye now.
Strange, it seems that you're the one that can't count, doesn't understand what port 25 is and has problems with basic firewalls. Yet you think you're smarter than I am?
I know that I am smarter than you are. I headed up a team getting a C2 evaluation on a network, have set up encrypted, tunneling links, and have configured more routers and firewalls than you'll ever see. I'm also smart enough to know that SMTP is outbound TCP traffic on port 25, not just "port 25."
But WHAT would they do instead?
What did they do before there were zombie machines, or were you still in jr. high then?
What is your basis for saying that a firewall couldn't handle it?
Professional experience installing and configuring hardware and software firewalls from the biggest names in the business (Cisco, for example). How do you propose that an ISP keep such a firewall up to date? Are they supposed to have a team of 100 people constantly testing, entering, and removing IP addresses?
From my server, there are fewer than 100 open relays sending me spam. It's easy to block 100 sites.
There are 225K+ open relay sites (see the post from the other guy who smacked you down hard). MSN, AOL, Hotmail, Yahoo!, or any major ISP has thousands of open relays sending them spam and they have to block the ones that haven't sent yet. You're coming up with hobbyist solutions that don't scale.
I'll try to make this simple enough for you to understand it:
1. Zombie machines are just one spam conduit. Take them away through outbound port 25 TCP blocking and the spammers will revert to the methods that they used before. Those include:
a. Open relays. These show up on a regular basis due to new, misconfigured mail servers coming on line. There are already over 225K of them known and for every one that goes away, another one comes online.
b. Foreign spam-friendly ISPs who will give them outgoing e-mail for a handsome price.
c. List servers (topica, Yahoo!, etc.).
d. Distributed mass mailings with Zombie machines going through their ISPs' mail servers. If the ISP limits e-mail to one every 30 seconds and there are 1,000 machines, that's 120,000 pieces of spam per hour.
2. You can't block open relays at a firewall because the targets are constantly moving and there are far too many of them.
3. You can rate-limit outgoing e-mail for residential users, but that does nothing to stop the hundreds of thousands of open relays that you couldn't block (remember number 2?).
Now you try counting to three.
I am wondering, if everyone when to the websites that are spamming and downloaded loads of stuff ,
wouldn't the spammers end up getting charged for loads of bandwidth?
"I know that I am smarter than you are. I headed up a team getting a C2 evaluation on a network, have set up encrypted, tunneling links, and have configured more routers and firewalls than you'll ever see. I'm also smart enough to know that SMTP is outbound TCP traffic on port 25, not just "port 25.""
/. :D
:)
:D (Remember where I said your DEMONSTRATED level of knowledge was ZERO?)
/. (What was that about C2 security?) :D
:D
Wow. A dicksize war on the Internet against an anonymous individual. Not that I don't believe everything you say, of course. I just find it amazing that someone who can't count to 3 managed to do all of that.
Or maybe you just strung together a bunch of words in an attempt to impress me.
Particularly when you come up with THIS statement.
re: What would the spammers do if the zombies were unavailable?
"What did they do before there were zombie machines, or were you still in jr. high then?"
Well, what they did BEFORE they had the zombies was SEND OUT LESS SPAM!
Which is exactly what I said would happen.
And you STILL have not provided ANY specifics on what they would do to send out the same amount of spam without the zombies.
So you can CLAIM whatever expertise you want to. But your DEMONSTRATED level of knowledge is still ZERO. And children often exaggerate their accomplishments in order to support their self image.
"There are 225K+ open relay sites (see the post from the other guy who smacked you down hard)."
Yet no one has provided ANY support for that statement. While MY research shows fewer than 100 sending me spam. And Netcraft shows only 53,341,867 domains (buy only around 22 million active sites). Given that a large portion of these are HOSTED, the 225K+ would mean an incredibly large percentage of email servers were configured incorrectly.
Oh, did I use too many numbers there? Are you confused again?
Register.com hosts 1.4 million domains.
"a. Open relays. These show up on a regular basis due to new, misconfigured mail servers coming on line. There are already over 225K of them known and for every one that goes away, another one comes online."
Again, you cite numbers whose ONLY support is an "anonymous coward"'s posting on
What was that about C2 security?
"b. Foreign spam-friendly ISPs who will give them outgoing e-mail for a handsome price."
Which destroys the economics of spam AND is easily handled by spamassassin.
"c. List servers (topica, Yahoo!, etc.)."
Only applicable if you have specifically opted in to those lists.
"d. Distributed mass mailings with Zombie machines going through their ISPs' mail servers. If the ISP limits e-mail to one every 30 seconds and there are 1,000 machines, that's 120,000 pieces of spam per hour."
Yep. That's what is called "reduction". Instead of a thousand machines sending a total of a BILLION messages a day, the spam load is reduced to 120,000 an hour. Not to mention that the ISP's email server would show up in services like SpamCop and the RBL's and the ISP could then take action as Comcast has done in the past and cut off service to those machines until they're cleaned.
"2. You can't block open relays at a firewall because the targets are constantly moving and there are far too many of them."
Again, your ONLY "support" for this statement has been an "anonymous coward" posting on
"3. You can rate-limit outgoing e-mail for residential users, but that does nothing to stop the hundreds of thousands of open relays that you couldn't block (remember number 2?)."
Your logic is a little confused here (much as you are). #3 isn't about preventing open relays. It is about limiting the outgoing mail. (What was that about C2 security?)
Again, you attempt to "support" your position with un-supported references to what an "anonymous co
"Could be, since you apparently lack the technical expertise to evaluate the terminology."
/. :D
You can keep claiming that, but YOU are the one quoting unsupported numbers from an "anonymous coward" on
"Spam did not increase by 50% the day that zombie machines came into existence."
Not that day, but that week. So it would seem that you're INCORRECT AGAIN!
"They would go back to open relays and foreign ISPs."
Open relays are blocked in #2.
One Two Three, count with me.
"Here is the support for that number."
That does not appear to show active open relays.
This link is a better indication:
http://www.ordb.org/statistics/change s/
From their FAQ:
"If you wish to receive a weekly list of open relays within your IP-ranges, simply contact us via email at reports@ordb.org, and let us know what ranges you want us to monitor. Please note that by monitor, we do not mean scan. At ORDB.org we do not perform any kind of active network scanning, we only perform relay tests (port 25/tcp)on the hosts that are submitted to us."
So, a someone puts up a test server which is an open relay, then takes it down, it will still be listed in their database until someone ASKS to have that IP address removed.
So, again, it is not necessary to block all those addresses.
"If you weren't so fscking stupid, you could have looked up the numbers just like I did. Go to the link that I provided."
I did. And they state that they do not scan for open relays NOR do they remove a server unless specifically requested. So their total number of servers is not accurate.
"Chinese and Brazillian ISPs, for example, already sell services to spammers. They send the spam. They host the domains. Obviously that disproves your claims about the economics."
No it does not. Spam does not make much money. Once the connection costs exceed the payout, the spam will stop. If all the spammers are COMPETING for the LIMITED BANDWIDTH that those ISP's have, the economics will end the spam.
"Dearest Dumbfuck, If I "opt-in" to receive e-mail from a large computer security mailing list and some spammer sends an "herbal v1agra" ad to the list, I haven't opted in to see his e-mail."
But if I have NOT subscribed to that mailing list I WILL NOT RECEIVE IT OR THE SPAM. So I do not CARE whether someone is inserting ads into your discusson about how much you enjoy sucking goats. I won't see them. Nor will 99%+ of the rest of the population.
"You don't understand that spammers will move to the cheapest option."
I do. And once the CHEAPEST option cost MORE than they make from spam, the spam will end. That's "economics".
"If zombies go away, they go back to traditional methods."
One Two Three, count with me.
No open relays and ISP's with rate limits.
One Two Three, count with me.
"Spam doesn't go down appreciably, the delivery mechanism just changes."
Wow, spam is magical. If there isn't a difference between open relays and zombie machines, then why were zombie machines invented?
"You don't understand that spammers will send spam to opt-in lists even though the lists have nothing to do with penis enlargement, getting out of debt, or porn."
And I work at an insurance company and the spam from those lists will be ZERO. There. Spam problem solved. The place I work at will NEVER see spam again nor will any of my bandwidth be taken up by it. Problem solved.
"As to "easily managed", do you mean someone devoting his time to moderating each and every post and approving or disapproving each subscription request?"
It's called "SpamAssassin". Look into it. It doesn't take a person, just a service running on a server.
"You don't understand that most foreign ISPs are cheaper than U.S. ISPs and that spammers are already using those ISPs to host their web sites and send out their spam."
BBBZZZZZTTTTT!!!!!!!!
Mos
I'm tired of your trolling. You're so busy trying to prove that you are right that you refuse to listen to reason. You make up numbers (50% increase in spam the week zombies became available, a "billion" pieces a day from 1,000 zombies, open relays account for 15% of spam, etc.) and then attack the numbers that I get from reputable sources like ORDB.
If you want to dance around proclaiming victory, go for it. I am not willing to waste any more time replying to your trolls.
"You make up numbers (50% increase in spam the week zombies became available,..."
No, YOU are the one that went on about that. I am the one that said that 50% of the spam I receive is from zombie machines. You tried to imply that I had claimed that there was a 50% increase in spam the DAY the zombies went on line. I said that that was incorrect. It was more likely the week that they came on line.
"...a "billion" pieces a day from 1,000 zombies,..."
Comcast has stats showing that 800 million pieces of mail come from their network BUT only 100 million come from their servers. That's 700 million pieces of email (spam) from them.
"...open relays account for 15% of spam,..."
Again, from the spam I get, that is correct.
"...and then attack the numbers that I get from reputable sources like ORDB."
I didn't attack the numbers. I attacked how you were using them AND I supported that with references to their FAQ.
If you have to lie to support your self-image, well, I guess that's what you have to do.
No, YOU are the one that went on about that. I am the one that said that 50% of the spam I receive is from zombie machines.
Lie number one. You wrote:You stated that zombie machines accounted for 50% of my spam (and by implication, all spam), not yours.
You tried to imply that I had claimed that there was a 50% increase in spam the DAY the zombies went on line. I said that that was incorrect. It was more likely the week that they came on line.
Lie number two. You wrote: You didn't say that it was "likely" that it did. You stated, flat out, that it did increase that much in one week, something which is a blatant lie in and of itself.
"...a "billion" pieces a day from 1,000 zombies,..."
Comcast has stats showing that 800 million pieces of mail come from their network BUT only 100 million come from their servers. That's 700 million pieces of email (spam) from them.
Lie number three. All e-mail from Comcast's network is spam unless it went through Comcast's servers; there are no mail servers run by non-spamming users.
Lie number four. There are 700 zombies sending spam on Comcast's network (because you have declared that each zombie sends 1 million per day (1 billion per 1000 zombies).
"...open relays account for 15% of spam,..."
Again, from the spam I get, that is correct.
Lie number five. You wrote: You asserted that it would block 15% of the spam at my domains if I blocked open relays at the firewall. You didn't say 15% of your spam is from open relays.
I didn't attack the numbers.
Lie number six. You wrote: You didn't ask what the source of the number was. You didn't question how I knew that the number was right. You attacked the number as being unreliable.
I attacked how you were using them AND I supported that with references to their FAQ.
Lie number eight. You attacked me, not how I used the numbers and you did not "support" anything. You also tried to claim, without evidence, that many of the ORDB entries were no longer open relays but that no one had requested their removal. Note that you did not mention that there could be many open relays are not in there because they haven't been reported yet.
I'm sure that you will come back with some kind of weasel-words to try to save face, but you, I, and anyone reading this thread will recognize that you have lied, made false assertions, and pulled numbers out of your ass throughout this exchange.
If you have to lie to support your self-image, well, I guess that's what you have to do.
Apparently that's what you have to do.
I had said:
/. that didn't contain any references.
/
"#1. ISP's block port 25 by default. That gets rid of all the zombie machines.
Now you only have to deal with 50% of the spam."
Now YOUR "counter" to that was:
"Spam did not increase by 50% the day that zombie machines came into existence."
Hey, I didn't say ANYTHING about "the day". YOU were the one that inserted that.
Since I had NOT said it, but you tried to imply I had said it, that was a LIE.
"All e-mail from Comcast's network is spam unless it went through Comcast's servers; there are no mail servers run by non-spamming users."
Reference:
http://news.com.com/Attack+of+Comcas t's+Internet+z ombies/2010-1034_3-5218178.html
Deal with it.
"You asserted that it would block 15% of the spam at my domains if I blocked open relays at the firewall. You didn't say 15% of your spam is from open relays."
Since I don't believe you administer any domains, I really don't care what your claims are. My experience shows that blocking open relays removes 15% of the spam. Since my reply to was to claim that "You make up numbers", referencing my experience is a valid citation.
Here's the statement of your's.
"I'm tired of your trolling. You're so busy trying to prove that you are right that you refuse to listen to reason. You make up numbers (50% increase in spam the week zombies became available, a "billion" pieces a day from 1,000 zombies, open relays account for 15% of spam, etc.) and then attack the numbers that I get from reputable sources like ORDB."
"You didn't ask what the source of the number was."
The source was an "anonymous coward"'s posting on
Here, let me help you on that one.
http://slashdot.org/comments.pl?sid=117150&c id=992 3247
"I am a postmaster at one of the biggest U.S. ISPs on the net and you don't have a clue about blocking spam. Do you actually believe that the average firewall could handle blocking of over 225,000 open relay IP addresses? That's how many there are in the ORDB blacklist alone. Did you ever try to administer a firewall of that complexity?"
"You didn't question how I knew that the number was right."
Why question that? The number is NOT what you claimed it was. How can you be "right" when you claim the number means "how many open relays are active" when the number actually means "how many entries are in the database"? You were WRONG.
"You attacked the number as being unreliable."
No, the number IS reliable in that it is the number of listings in their database. But the number is NOT the number of existing open relays out there. Which is what you claimed it was.
"You attacked me, not how I used the numbers and you did not "support" anything."
Do you want me to quote their FAQ again? They do NOT remove addresses unless specifically requested.
"You also tried to claim, without evidence, that many of the ORDB entries were no longer open relays but that no one had requested their removal."
Hey, it's in their FAQ.
"Note that you did not mention that there could be many open relays are not in there because they haven't been reported yet."
That's why I pointed you to their DAILY statistics as a BETTER indicator of the open relay situation.
http://www.ordb.org/statistics/changes
"I'm sure that you will come back with some kind of weasel-words to try to save face, but you, I, and anyone reading this thread will recognize that you have lied, made false assertions, and pulled numbers out of your ass throughout this exchange."
Why would I have to?
My original statement still stands DESPITE all your whining and complaining.
#1. Block port 25 - no more zombies - spam is reduced to 50%.
You have yet to show that this is impossible. All you can do is claim that the spammers will now spam mailing lists and send a fraction of the spam through legit server
I had said:
"#1. ISP's block port 25 by default. That gets rid of all the zombie machines.
Now you only have to deal with 50% of the spam."
Now YOUR "counter" to that was:
"Spam did not increase by 50% the day that zombie machines came into existence."
Lie number... oh hell, I've lost count." That was a blatant, outright, despicable, lie. Here's the actual context of that reply:
And here is a link to the message where I made that statement, thus proving that you are a liar. Since you quoted the text word-for-word, I know that you went back to find the text and, therefore, you purposely fabricated that exchange by pulling your statement and mine two separate messages!
Hey, I didn't say ANYTHING about "the day". YOU were the one that inserted that.
Since I had NOT said it, but you tried to imply I had said it, that was a LIE.
Another of your lies and an attempt to change the subject. First you said that the spam increased by 50% the week that zombies came into existence and then you claimed that you had said that the 50% increase was "likely the week that they came on line." First a flat-out assertion and then a lie that you couched it with the term "likely."
Reference:
http://news.com.com/Attack+of+Comcast' s+Internet+z ombies/2010-1034_3-5218178.html
Deal with it.
So you found a tech writer who used flawed logic to spice up a story! There's a first. I know people who run mail servers on Comcast and they send no spam and I think that it's pretty unlikely that I have met every Comcast user who runs their own mail server.
Since I don't believe you administer any domains, I really don't care what your claims are.
Unlike you, I am not a liar. I also administer domains for commercial clients, but it would be improper to reference them by name in this discussion and without their permission. Now what domains do you run? Show me little man!
My experience shows that blocking open relays removes 15% of the spam. Since my reply to was to claim that "You make up numbers", referencing my experience is a valid citation.
But you didn't reference your experience. You made a blanket statement that if *I* blocked open relays at the firewall, *I* would see a 15% decrease in spam. This is why chronic liars like you should avoid people with good memories.
#1. Block port 25 - no more zombies - spam is reduced to 50%.
You have yet to show that this is impossible.
Yes, I have. As I have told you repeatedly, there are many business accounts at ISPs and those accounts need to have port 25 open. Since I have received spam sent through zombies on commercial accounts (one was even the company's web server), and that disproves your claim that there will be "no more zombies."
All you can do is claim that the spammers will now spam mailing lists and send a fraction of the spam through legit servers.
No, I said that they would also go to open relays and foreign ISPs just like they did before the zombies came on the scene. People were bombarded by spam long before the zombie machines ever existed. The amount of spam will hardly decrease at all. It did not, despite your lies to the contrary, go up 50% the week that spammers started using zombies. It's also idiotic to claim that something requiring almost every IS
Seeing how you're going to keep "not replying". :)
9 91 0443
9 93 0150
9 92 6656
http://slashdot.org/comments.pl?sid=117150&cid=
I said: "Technological solution: ISP's block outgoing port 25 service from their networks, except for their mailservers."
http://slashdot.org/comments.pl?sid=117150&cid=
You said: "Spam did not increase by 50% the day that zombie machines came into existence."
I did not say that it did. You are trying to imply that I said that. Since I did not say that, you have lied.
Why do you have to lie to try to support your position? It's because your position is unsupportable if you do not lie.
"Since you quoted the text word-for-word, I know that you went back to find the text and, therefore, you purposely fabricated that exchange by pulling your statement and mine two separate messages!"
Hey, whatever helps you get through your life. I quoted you DIRECTLY. If you can find a quote from me where I said that spam went up 50% on the day the zombies were deployed, then you will be right.
If you cannot, then you are a liar.
http://slashdot.org/comments.pl?sid=117150&cid=
You said: "His idea of a mail server is something that he set up under Windows for himself and two buddies."
Again, find where I said that. If you cannot, then you have lied. You are a liar.
There, is that simple enough for you? Either show where I said those things or you're a liar.
I said: "Technological solution: ISP's block outgoing port 25 service from their networks, except for their mailservers."
http://slashdot.org/comments.pl?sid=117150&cid=
You said: "Spam did not increase by 50% the day that zombie machines came into existence."
So you admit that you took your words from one message and then mine from another and falsely claimed that mine were written as a counter to yours. Finally, something we agree on.
I did not say that it did. You are trying to imply that I said that. Since I did not say that, you have lied.
Your reply to the above statement by me was:Gee, looks like you did make the claim that spam went up 50% in one week as a direct result of the zombie machines. Care to cite any statistics for that?
I quoted you DIRECTLY.
You claimed that it was my "counter" to a statement when, in fact, it was from a totally separate message.
If you can find a quote from me where I said that spam went up 50% on the day the zombies were deployed, then you will be right.
I never claimed that you said that. I, alone, asserted that spam did not go up by 50% the day that zombies were deployed. I never said, implied, or thought that you believed that it went up by 50% in one day. But I was amazed and amused when you actually claimed, in your reply, that spam went up by 50% the week that zombies came online. That was funny.
You said: "His idea of a mail server is something that he set up under Windows for himself and two buddies."
Again, find where I said that. If you cannot, then you have lied. You are a liar.
You didn't say it. I did. I surmised that from your impractical suggestions that don't scale and your claims that your server only gets hit by about 100 open relays. Just like you surmised (incorrectly), that I lack professional experience.
And since we're digging through older postings... When you grow up a bit and get out into the business world, you'll learn what the real situation is.
Yeah, when I get a job like yours working at some insurance company, then I'll really be in the know about networking and high-tech!
Unless you can find at least a single quotation from me that says that spam increased 50% on the day the zombies were deployed (as implied by you in this specific quote) then you have lied.
"Spam did not increase by 50% the day that zombie machines came into existence."
You have lied. You are a liar. Claim whatever you want to, but the demonstratable facts show that you are a liar.
You made your reply short because I caught you in numerous lies and you're not man enough to admit that you lied.
Unless you can find at least a single quotation from me that says that spam increased 50% on the day the zombies were deployed (as implied by you in this specific quote) then you have lied.
That quote didn't imply anything of the kind, so quit your damned lying. Here's the excerpt:
You wrote: Well, what they did BEFORE they had the zombies was SEND OUT LESS SPAM!
I replied: Spam did not increase by 50% the day that zombie machines came into existence. It's stayed on a steady increase and some of the spammers simply shifted from open relays to zombie machines for economic reasons. It was cheaper to steal bandwidth from some numb-nuts user than pay for it themselves.
I did not say, or imply, that you had made a statement that spam increased by 50% in one day. It's not my job to answer for you inferring things that aren't there.
Here's a simplified version for you:
Spam remained on a steady increase both before and after the advent of zombie machines to send spam. There was no sudden, massive increase in the quantity of spam being sent when zombie machines came online. That shows that there was no pent-up demand by spammers that was not being met through open relays, throw-away accounts, and overseas spam-friendly ISPs. Thus it is reasonable to assume that closing down zombie machines would just lead many spammers to go back to their previous methods of sending spam. Since open relays and spam-friendly foreign ISPs are readily available, spammers will switch back to those methods.
P.S. Do you need a light down there in that hole you dug?
Again, the second time.
Unless you can find at least a single quotation from me that says that spam increased 50% on the day the zombies were deployed (as implied by you in this specific quote) then you have lied.
"Spam did not increase by 50% the day that zombie machines came into existence."
You have lied. You are a liar. Claim whatever you want to, but the demonstratable facts show that you are a liar.
"I did not say, or imply, that you had made a statement that spam increased by 50% in one day."
Then why did you say that it did not increase by 50% the first day? I mean, if I didn't say it did and you didn't say it did, then why are you saying that it did not?
You were attempting to imply that I had said that. You are caught in a lie. You are a liar.
Then why did you say that it did not increase by 50% the first day? I mean, if I didn't say it did and you didn't say it did, then why are you saying that it did not?
To show that there was not some great pent-up demand for spam delivery when zombies became available and that killing zombies won't reduce spam by 50% as you had claimed. It shows that spammers have other options for the delivery of their spam and that they can go back to those options.
Let's use an analogy to make this easier for you:
John: If we block Maple Street, only half as many people will go to the mall, because half of the people use Maple Street to get there.
Bob: But they only built Maple Street last year and the number of people in the mall didn't double the day Maple Street opened.
John: I didn't say that the number doubled the day that they opened Maple Street. You implied that I said that! Liar! You are a pathological liar! I caught you in a lie! You lie! You are a liar! Liar, Liar, Liar, Liar!!! AAAAGGGGGHHHHHHH!!!!!!!!!!!!!!!!!!!!!!!!
Bob: Calm down, John. I just meant that people could take the old roads that were there before Maple Street.
John: If you can't prove that I said that the number doubled that day, then you are a liar! I never said that! Liar! You lie! I caught you lying! You know that I did! You are a liar...[etc., etc., etc.]
Does that little analogy make it easier for you?
You were attempting to imply that I had said that.
No, you inferred that incorrectly. It's not my job to justify hidden, imaginary meanings that you read into my messages.
You are caught in a lie. You are a liar.
So when you say "lie", you mean that you believe that something I wrote could be interpreted to imply something untrue? Wow, you really are grasping for straws now that I've caught you in multiple outright lies.
And again, the third time.
Unless you can find at least a single quotation from me that says that spam increased 50% on the day the zombies were deployed (as implied by you in this specific quote) then you have lied.
"Spam did not increase by 50% the day that zombie machines came into existence."
You have lied. You are a liar. Claim whatever you want to, but the demonstratable facts show that you are a liar.
"I did not say, or imply, that you had made a statement that spam increased by 50% in one day."
Then why did you say that it did not increase by 50% the first day? I mean, if I didn't say it did and you didn't say it did, then why are you saying that it did not?
You were attempting to imply that I had said that. You are caught in a lie. You are a liar.
"To show that there was not some great pent-up demand for spam delivery when zombies became available and that killing zombies won't reduce spam by 50% as you had claimed."
I did not claim there was "some great pent-up demand for spam delivery".
I said that removing the zombies would reduce spam by 50%.
You are not addressing what I am saying and you are attempting to imply that I said something different. That is either a lie or a strawman.
You are a liar.
To quote you again.
"His idea of a mail server is something that he set up under Windows for himself and two buddies."
Another lie. But I'm sure you'll say that I somehow managed to misconstrue what you said. But what's another lie to you?
I have explained this to you over and over. Let's try it again: There. A simple, perfectly logical explanation. Now either accept it or explain how that explanation could not possibly be correct.
The analogy I made about people going to a mall was dead-nuts-on and you know it. That's why you didn't mention it in your reply. I'll reprint it here just to piss you off more:I wrote: "Spam did not increase by 50% the day that zombie machines came into existence."
Your replied: "Not that day, but that week."
Now that was a lie and a whopper of one at that! That was a lie, wasn't it? Admit it.
To quote you again.
"His idea of a mail server is something that he set up under Windows for himself and two buddies."
Another lie.
I also said you were a "fucking idiot" and you never told me that, either. I figured it our on my own because you don't even know the difference between a lie and an insult.
Lie: "He said that his idea of a mail server is something that he set up under Windows for himself and two buddies."
Insult: "His idea of a mail server is something that he set up under Windows for himself and two buddies."
Lie: "He said that his idea of hot sex involves a gerbil and a bottle of Crisco."
Insult: "His idea of hot sex involves a gerbil and a bottle of Crisco."
See the difference? One claims that you said something while the other is an insult.
By the way, I'd love to continue this discussion in person.
I just looked up some of your other postings and I discovered that you and I share political beliefs, values, etc. You've posted some insightful, intelligent comments.
Which brings me to the point: We're both way too intelligent to continue this kind of childish behavior. If anyone other than us is still reading this, they probably think that we are two of the biggest jackasses that ever roamed the planet. What do you say we just drop this whole thing, stop the inane, convoluted accusations, put an end to the name calling, and just walk away from this whole idiotic thread? If you're willing to, I am.