Slashdot Mirror

← Back to Stories (view on slashdot.org)

IBM Unveils Anti-Spam Services to Stop Spammers

Posted by CmdrTaco on from the keep-your-inbox-sparkly-clean dept.

bblazer writes "CNN Money is running a story about a new IBM service that spams the spammers. The idea behind the technology is that when a spam email is received, it is immediately sent back to the originating computer - not an email account. From the article, ""We're doing it to shut this guy down," Stuart McIrvine, IBM's director of corporate security strategy, told the paper. "Every time he tries to send, he gets slammed again."""

4 of 443 comments (clear)

  1. FairUCE by Florian+Weimer · · Score: 5, Informative

    It's been reported on a mailing list that the article is actually about FairUCE, which implements something completely different which makes at least some sense (for scoring, not for outright blocking).

  2. Useless article AND dupe by Hieronymus+Howard · · Score: 5, Informative

    This is a duplicate of http://it.slashdot.org/article.pl?sid=04/12/04/204 7246&tid=111&tid=185&tid=95

    However, the CNN story referenced seems to be utterly clueless as to how this technology, known as FairUCE, actually works. It really is nothing like they have described it. For real information go to IBM's page: http://www.alphaworks.ibm.com/tech/fairuce

    This system does not try to DDOS the spammers, or anything stupid like that. It attempts to link the IP address of the sender to the senders domain name using DNS and WHOIS lookups. If that fails, it sends a challenge/response email to the sender.

  3. Oh, wait. by Ohreally_factor · · Score: 5, Informative

    CNN (and by extension, slashdot, surprise!) got this completely wrong. It's challenge and response sender identity technique, which is way different. See the IBM webpage about fairuce.

    --
    It's not offtopic, dumbass. It's orthogonal.
  4. Lies in the CNN story title. by Anonymous Coward · · Score: 5, Informative

    "spams the spammers"?

    I think not. This is from CNN after all. They publicly admit they lie often. This is true here.

    http://www.alphaworks.ibm.com/tech/fairuce/faq

    Take note to what this system actually does. Not what the (lying) press tells you.

    1. Isn't this just another challenge/response system?

    No. Challenge/response (C/R) systems challenge everybody; FairUCE sends a challenge only when the mail appears to be spoofed.

    2. Other anti-spam technologies work well. Why should I switch?

    FairUCE eliminates any need for a "probable spam" folder, as well as the necessity of keeping up with the latest version of antispam software.

    3. Will it run on Windows®, or with QMail, or with Sendmail, etc.?

    No, the current release does not.

    4. Is it fast?

    No real performance testing has been done, but speed is expected. The code basically consists of a few if/then statements and some DNS look-ups (which are cached in memory as well as on the DNS server). The mail server will probably bog down before FairUCE does.

    5. Don't all those challenges take up unnecessary bandwidth?

    A little bit, but it takes the server much less time to send out a small challenge than it does for the user to look at it in the spam folder, no matter how fast he presses the delete key. Legitimate senders know immediately that a user hasn't received their email, and they can click a button to have it delivered. Meanwhile, the emails sit in the queue for only an hour if they can't be delivered.