Slashdot Mirror
Revolutionary Spam Firewall Developed
psy writes "physorg has a story on a new spam firewall developed at The University of Queensland.
The new technology is the only true spam firewall in existence, according to co-developer Matthew Sullivan.
"Existing anti-spam software filters out spam whereas ours puts up a firewall, stopping all email traffic and only allowing real mail through," said Mr Sullivan.
"In addition, our technology is accurate and fast. We recently completed a successful trial of a key layer of the spam firewall and it processed the emails at 90 messages per second, misclassifying only one out of 25,000 emails."
"It turned out that the software was even better than us, picking up spam we'd incorrectly classified as legitimate emails."
1 out of 25k is impressive, but what happens to these spam mails? Are they bounced back as an error "no user account found"? Or done like a blackhole where the spammer doesnt know if it reeached its intended recipiant? I like my SpamBayes :)
Most users of email are now treating it as a lossy messaging system, and the users themselves accept that some messages simply don't make it. Critical business is always followed up with a call.
-Adam
If you are sending something so critical then you shouldn't be using email. FedEx with signature required delivery and certified/return-receipt USPS mail exist for a reason.
I submitted this as an ask slashdot and was promptly rejected, so I'm going to put this here as a slightly on-topic post.
What I want to see is a software hard drive "firewall." If you're not sure what I mean, think of what a product like zone alarm does when spyware.exe tries to access the internet on your pc. It pops up a window saying "do you want to allow this program..." Now, why can't we have the same thing for hard drive access? So, I download fungame.exe, and when I go to run it, my "firewall" tells me fungame.exe is trying to write to fifteen different directories to install different spyware products. It could only give a popup on the first time a program tries to write to a given directory, and have an option to not show any new notices for this program, to limit the annoyance factor. I think this would be a great tool to help lessen spyware/trojan problems. If the program interacted with spybot or a similar product, it could even automatically prevent writing of files that are known to be adware. Is there anything like this out there? Anyone who would be willing to help make it?
The idea is that the mail server keeps a whitelist of "allowed" addresses which are always accepted. If a mail comes from an address which is not known, the mail server will reply with a "server unavailable, try later" error message. All real mail servers will try to send the message a little later (I don't know the exact time, but it's probably less than an hour. Someone else might know better).
The second time the remote mail server tries to connect, the server accepts the mail and adds the address to the whitelist.
However, mass mailers for spam don't do this but simply go on to the next address in the list if this happens. This way the spam message is filtered out.
Note that this method doesn't require any analysis of the actual content of the messgae, nor does it involve any manual actions from neither the sender nor the receiever. Currently it's porbably the best spam blocking method that exists.
(Presuming that wasn't a troll) That's a horrible, horrible solution. Viruses fake sender addresses, which means the faked address gets *loads* of these 'Please confirm' emails, clogging up another innocent mail server. Get it wrong, and you'll have two servers sending 'Please confirm' messages to each other until one screws up into a little ball and dies. I'm all for the War Against Spam, but this isn't the way - it just doubles the amount of emails.
Then you're stuffed anyway, because internet e-mail is not guaranteed.
It is difficult. We're swatting away a million of the damn things a week and still our users complain. They also complain when we get false positives. And when, next week, we turn on the system that lets them see what we have blocked that was addressed to them, they'll complain too.
I think the one solution they would find acceptable is for me to personally read every one of those million messages and mark it as good or bad. I hope our VP doens't read slashdot....
~~~~~ BigLig2? You mean there's another one of me?
Spelling doesn't work. The average computer user either can't spell or can't type and doesn't bother to use a spellchecker in email. I did small study on spell checking as an anti-spam tool and was somewhat disappointed by the results.
-- Will program for bandwidth
It is in principle possible to produce a reliable email system, but only if a receipt is returned to the sender when the recipient actually reads the mail, not when it arrives at his ISP for example.
Sadly some businesses do rely implicitly on things that usually, but not always, work, such as mobile phones, pagers, and text messaging. It may have been the same with pigeons, a predator might get the bird! Businesses should set up foolproof systems if they want to do well, a quick phone call to confirm receipt of critical items, for example. The occasional email, even now, takes many hours or even several days to arrive, there is no guarantee whatsoever of time of arrival, but again some seem to think it is "instant", because it very often is. Managers should be aware of these issues, sadly some are not.
But I hope this anti-spam firewall is a brilliant success, and that if it has minor shortcomings there will be satisfactory work-arounds. I am sick of spam, but the ultimate answer must be to ensure that it does not pay, i.e. that the probability of being caught multiplied by the fine greatly exceeds the potential profit. That requires legislation worldwide and some conceptually simple additions to existing mail servers, with care taken to protect the privacy of normal users. Given the political will, and some competent leaders (not Dubya or B. Liar, for a start) it should be easy.