The Spam Conference 2005

dos_dude writes "This year's Spam Conference is over. As usual, the MIT provides low and high bandwidth webcasts. The talks featured a full spectrum of anything possible. From absurd to sound, from boring to entertaining, and from dead-horse-beating to brand-new. Highlights: John Graham-Cumming presented the results of the survey he did with the help of many Slashdot readers, Jon Praed gave the details of the trial against spammer Jeremy Jaynes and friends, Brian McWilliams posed the question what will happen when all spam is finally filtered, and Matthew Prince plugged Project Honeypot in a very entertaining way. Shameless but useful plug: here's the final schedule with links to the webcasts."

Antispam trap

[Doc+Ruby]

I learned around Election Day last year that lots of my friends' corporate mail servers were filtering my personal messages mentioning politics as "spam". Though they weren't commercial, weren't unsolicited, my name is in their address books, and political email (even if unsolicited) is excluded from at least legal definitions of spam. Many of my friends complained they weren't getting these messages they heard about from other friends (though I don't know whether any were forwarded into spamtraps). Will spam destroy the Internet by raising our guards so much that some messages never get through, though we want to exchange them? How much political and commercial power do these spam filter companies have now?

Spam is on the way out

[Animats]

Spam, as an advertising vehicle, is dying out. If it's an obvious ad, it gets filtered out, and if it's a fake, it's a CAN-SPAM act violation. Either way, it's useless to an even vaguely legitimate business. There's still plenty of spam being sent, but the amount being read by anybody is down.

Spam for fraud schemes is growing. But even there, some kinds of frauds are dying out. We don't see many stock pump-and-dump spams any more. This is partly due to action by the SEC, but it's mostly due to lack of investor ignorance. Spamming about a stock doesn't affect stock prices much any more.

Fraud schemes are a law enforcement problem, and we're seeing more action there, because the "phishing" thing has grown to be such a big problem.

Between lawsuits by Microsoft and AOL, enforcement by the SEC, banks watching for phishing schemes, and, finally, some activity by the FBI and FTC, being a spammer is becoming more hazardous. We've seen a few spammers go to jail, which should have some deterrent effect.

Internet Mail 2000

[fossa]

Just today I ran across Internet Mail 2000, a concept apparently initially conceived by Dan Bernstein. I haven't read all or even most of the information on that page, finding it somewhat difficult to wrap my head around. The big difference from it and SMTP is that it is a pull rather than push protocol. For Alice to send a message to Bob, Alice puts the message on an IM2000 server (replaces the originating SMTP server) which sends Bob a note "hey, I've got a message for you". Bob's email client then downloads the message from the server.

The big advantage here is that the note is small, and Bob need not download the message at all if he believes it is spam, reducing the spam bandwidth usage. Also, the sender must make an effort to have a permanent server so the receiver may even get the message. Not really a burden for legit mails that already need a permanent server somewhere for receiving mails (right?). Forgeries are also prevented, because the note necessarily contains correct information about how to find the message.

Aside from the usual reply to anti-spam solutions (this one requires mass participation and won't happen, yadda yadda), and the lame name (shouldn't they change that to IM3000 now?), have others looked at this? What are your opinions on it?