Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Spam Conference 2005

Posted by timothy on from the it-seeps-in-the-pores-it-does dept.

dos_dude writes "This year's Spam Conference is over. As usual, the MIT provides low and high bandwidth webcasts. The talks featured a full spectrum of anything possible. From absurd to sound, from boring to entertaining, and from dead-horse-beating to brand-new. Highlights: John Graham-Cumming presented the results of the survey he did with the help of many Slashdot readers, Jon Praed gave the details of the trial against spammer Jeremy Jaynes and friends, Brian McWilliams posed the question what will happen when all spam is finally filtered, and Matthew Prince plugged Project Honeypot in a very entertaining way. Shameless but useful plug: here's the final schedule with links to the webcasts."

6 of 156 comments (clear)

  1. Antispam trap by Doc+Ruby · · Score: 3, Interesting

    I learned around Election Day last year that lots of my friends' corporate mail servers were filtering my personal messages mentioning politics as "spam". Though they weren't commercial, weren't unsolicited, my name is in their address books, and political email (even if unsolicited) is excluded from at least legal definitions of spam. Many of my friends complained they weren't getting these messages they heard about from other friends (though I don't know whether any were forwarded into spamtraps). Will spam destroy the Internet by raising our guards so much that some messages never get through, though we want to exchange them? How much political and commercial power do these spam filter companies have now?

    --

    --
    make install -not war

  2. What works for me... by Neduz · · Score: 2, Interesting

    This is a setup that filters the mail of me and my family, and works very well (only 1 false negative in 200 spam messages, and no false positives so far). I filter all my messages through spammassassin, with bayesian filtering enabled. Bayesian filtering causes a lot of CPU load when a message is scanned, but it's worth it. And URL blacklisting . That URL blacklisting is really important, since a lot of spam today only contains one image, with a link to a site, but that one link, makes it very easy for blacklists.
    I hope they can come up with new ideas to defeat spam at the convention, but for now, this solution works fine for me.

    --
    This is one lame signature, please read the message above instead.
  3. Spam is on the way out by Animats · · Score: 4, Interesting
    Spam, as an advertising vehicle, is dying out. If it's an obvious ad, it gets filtered out, and if it's a fake, it's a CAN-SPAM act violation. Either way, it's useless to an even vaguely legitimate business. There's still plenty of spam being sent, but the amount being read by anybody is down.

    Spam for fraud schemes is growing. But even there, some kinds of frauds are dying out. We don't see many stock pump-and-dump spams any more. This is partly due to action by the SEC, but it's mostly due to lack of investor ignorance. Spamming about a stock doesn't affect stock prices much any more.

    Fraud schemes are a law enforcement problem, and we're seeing more action there, because the "phishing" thing has grown to be such a big problem.

    Between lawsuits by Microsoft and AOL, enforcement by the SEC, banks watching for phishing schemes, and, finally, some activity by the FBI and FTC, being a spammer is becoming more hazardous. We've seen a few spammers go to jail, which should have some deterrent effect.

  4. Internet Mail 2000 by fossa · · Score: 4, Interesting

    Just today I ran across Internet Mail 2000, a concept apparently initially conceived by Dan Bernstein. I haven't read all or even most of the information on that page, finding it somewhat difficult to wrap my head around. The big difference from it and SMTP is that it is a pull rather than push protocol. For Alice to send a message to Bob, Alice puts the message on an IM2000 server (replaces the originating SMTP server) which sends Bob a note "hey, I've got a message for you". Bob's email client then downloads the message from the server.

    The big advantage here is that the note is small, and Bob need not download the message at all if he believes it is spam, reducing the spam bandwidth usage. Also, the sender must make an effort to have a permanent server so the receiver may even get the message. Not really a burden for legit mails that already need a permanent server somewhere for receiving mails (right?). Forgeries are also prevented, because the note necessarily contains correct information about how to find the message.

    Aside from the usual reply to anti-spam solutions (this one requires mass participation and won't happen, yadda yadda), and the lame name (shouldn't they change that to IM3000 now?), have others looked at this? What are your opinions on it?

    1. Re:Internet Mail 2000 by fossa · · Score: 2, Interesting
      I guess this message sums up a lot of problems with IM2000.

      With a push system (SMTP), sending is simple (just connect to a server and dump the message); receiving is complex (run/rent a server with permanent internet connection). In a pull system, sending is complex (run/rent a server with permanent internet connection); receiving however, still requires a server to receive notes. Once these notes are collected, receiving is simple, with no guarantee of robustness (connect to remote message stores and download message).

      Surely there are many projects to reinvent email? Most discussions here are about modifying SMTP for reasons of its sheer momentum, but I'd also like to see what the ideal system would look like. Links anyone? I suppose I could start by reading the article... but who does that?

      While I'm at it, are there any projects or interesting discussions about distributed trust webs (a la gnupg/pgp)? Some way to quickly determine the trustworthiness/legitimacy of an ID you've never met given that you trust or don't trust a few IDs you have met before.

  5. Netsplit by kappa · · Score: 2, Interesting

    One of the problems directly connected to SPAM or better to AntiSPAM measures is that the global email connectivity is severely damaged. Many sysadmins are enabling blind filtering on national IP ranges. And which networks end up in the blacklists most of the time? You name it: chinese, african and eastern european.

    While such measures do really help they also hurt. I'm from Russia and it's getting harder and harder to reach out for my colleagues and friends throughout the world. Mails just mysteriously disappear on the way and I cannot do anything but validate each message via IM or GMail. And what if I address a mailing-list? Or a business partner who neither uses IM nor likes to receive emails from free webmail providers?

    More and more of our hosting companies (they usually provide email services too) suddenly find themselves in different RBLs and you know how HARD is to change a hoster.

    One way is to find a relay outside Russia but those industrious SpamAssassin installations on the Net will check all the relays that the email passed through and figure out that the very first is in Russia. Ahh..