Slashdot Mirror
IBM Unveils Anti-Spam Services to Stop Spammers
bblazer writes "CNN Money is running a story about a new IBM service that spams the spammers. The idea behind the technology is that when a spam email is received, it is immediately sent back to the originating computer - not an email account. From the article, ""We're doing it to shut this guy down," Stuart McIrvine, IBM's director of corporate security strategy, told the paper. "Every time he tries to send, he gets slammed again."""
I think I'll stick with spamd. It doesn't waste my bandwidth.
... but what about the vast majority of spam that's sent from zombied PCs and open relays instead of from the spammer's own mail servers?
How does this exactly help solving the spam problem when the machine sending the spam is not owned (but "0wned") by the spammer?
Or do they plan to DDoS the spam-zombies?
The United States of Lard
by Mark Driver
We are a fat, fucking country. We're also lazy, complaining, selfish,
hypocritical assholes, but today, I'm just gonna focus on the fat part.
More than half of Americans are obese. Not just overweight mind you,
OBESE, meaning there is so much blubber on your bones, it's unhealthy.
Your lard encrusted heart pumps your greasy blood through tightening
arteries and brittle veins. Unsightly fields of poisonous cellulite dot
the noxious landscape that is your body. Our chubby children can barely
pry their fat engorged bodies out of bed. There are even reports of these
little butterballs suffering from adult diabetes, a condition that used to
take dozens of years of abuse to manifest. Like a pod of sleepy whales
sucking pure lard out of a generically mutilated mother hog covered from
snout to tail in teats, we just feed and breed. It doesn't matter what the
fuck we put into our bodies. It can be uranium soaked dog feces sprinkled
with live baby tarantulas, tapeworm eggs, cigarette buts and diesel fuel
causing impotence, baldness, spontaneous abortion, and premature death -
as long as it's battered, fried, and salted: it's dinner.
New National Anthem (sung to the tune of anything by N' Sync)
Suck and sleep,
Mate and eat.
Breed and feed,
Breed and feed.
Don't lather.
or rinse,
or chew,
just repeat.
How did everyone get so fat? Our grandparents weren't fat. Most senior
citizens aren't fat (maybe the fat ones die off early). George Washington
wasn't fat. Abe Lincoln wasn't fat. Ben Franklin was fat, but he made up
for it in charm (from what I hear). In random snapshots of history, most
people aren't fat. They didn't have the luxury of a life where you spent
15 hours a day laying on your back. They didn't have the luxury of a
purely sedentary lifestyle. If they wanted to eat something disgustingly
unhealthy, they didn't have the luxury of waddling over to Wendy's for a
bacon triple cheese burger - they had to make it themselves by scratch.
Luxuries have their costs, don't they fatty?
So are you one of these fat asses? One of these obese, bacon-grease
drinking Americans that make up more than half of our population? Do your
rotund children roll around on the floor in their own drool, playing video
games, suffering from high blood pressure and hemorrhoids because you feed
them processed crap and never make them go outside?
It's easy to stop off at the store or pull up to the drive through window,
but if it came down to it, would you be able to provide any of the foods
you consume for yourself? Would catching a pig leave you breathless and
huffing like a broken bag pipe? Could your short, fat fingers fit around a
cow's udder for milking? Could you even climb into the seat of tractor to
dig a trench to seed some corn? Could you pull a stalk of wheat out of the
ground? Could you run after a chicken? Can you even run?
I'm not saying this to be deliberately mean, I'm saying it because you
fat, lazy, pieces of shit piss me off. What is it, like a third of the
world that's starving to death? In countries worldwide, there are human
skeletons with gaping eyes trying to make bread out of tree roots and
dust, swollen joints and bloated, empty stomachs. 5' 3" and forty pounds.
Now that's a fucking weight problem. Imagine reaction of one of these poor
souls watching American late night TV. Picture them, ribs showing through
their stained rags, broken teeth jutting out of their shrunken heads,
trying to find a place to sit on your fast food wrapper papered couch. You
hit "on", and the TV shows images of fat asses just like yourself, crying
with Richard Simmons, saying things like "I just can't stop myself from
eating! Pies! Fried Chicken! Cake! Pizza! Hamburger! I just eat and eat
and eat! I can't stop! And now look at me! I'm fat." You try to explain to
your new, malnourished
Watch as AOL and MSN/Hotmail now mark IBM as a spammer...
I'll turn into a supernova and burn up everything. Well I'll turn into a black little hole and you'll turn into string.
Completely pointless exercise, most big spammers are going to be using a outbound only load balanced relay of some kind, they won't be accepting the mail in from the same exit point.
...
This is complete crap.
take it from me, someone who sends out roughly 5 million emails daily.
-- Thou hast strayed far from the path of the Avatar.
"e-mails coming from a computer on the spam list" are treated this way. Great. So when a variable-IP zombie pc power cycles and I get their old IP address next, it becomes my problem. Time to buy a fixed IP service, people.
I doubt it. What average user is going to understand the problem, much less the solution?
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
All the more incentive to the "innocent" ISPs to do something about the spammers on their network.
1) Person on comcast gets zombie-fied
2) starts sending out spam to say IBM
3) IBM sends back spam to the zombie
4) IBM gets put on every RBL list because it actually is sending spam, think about it
5) comcast and every major company using that RBL and every user in comcast can no longer get mail from IBM
6) IBM yells and screams to RBL list owner that they really arent sending spam, just well sending back email to people who didn't ask for it, or didn't want it or didn't sign up for it. OK they are sending spam... just not bad spam.
Only positive I see is maybe ISPs like comcast might wake the hell up and start cleaning up the problems and stop ignoring their users.
Suppose the spammer's machine that sends 200k e-mails per hour. This machine is for sending only. It does not have any port for receiving e-mails opened. So - the throughtoutput must be high to send out 200k of e-mails, and what they will do to the spammers? If all servers (it is not likely to happen) are having IBM soft then they will receive 200k attempts per hour to connect to blocked ports on spammers machine while trying to hit back... And this is going to stop them? :-) Their specialized machines tuned for sending with no receiving capabilities against high-performance spam-analyzing machines that will waste CPU by identifying spam and waste bandwith while trying repeatdly pass e-mail to some blocked ports on spammers machine... Hm. I don't understand it. Just another way how to hurt people afected by spam by selling the useless software/hw to them.
Well, I've got to get back to work. When I stop rowing, the slave ship just goes in circles.
IBM's tactic is utterly useless because the vast majority of spam originates from zombie PCs. Those zombie system may have an SMTP engine to generate spam, but they most likely do not have port 25 open. Bouncing the spam back will be futile. It is more likely to generate a new denial-of-service attack: send a spam to IBM and watch them fight in vain attempting to bounce back the message.
signature pending slashdot approval
spamd(8) gives you additional capabilies above that of a packet filter ... greylisting, automatic whitelisting, etc. plus, you don't have to run it on your mail server and it will still function correctly. 3.7 will also have greytrapping
vodka, straight up, thank you!
I hope you invest for retirement, instead of saying "what's the point of spending money to make money later?"
Sounds more like undergoing chemo to kill cancer... just gotta hope that it kills the cancer before it kills you.
Or so I've heard, anyhow.
They don't really need to. Hopefully they can be smart enough to take it somewhere to have it fixed, even if they have to pay some outrageous fee to do it.
If your car stopped running because of some complicated issue in the engine, you don't have to understand the problem or the solution to take it to a mechanic.
Actually, you don't have to abandon SMTP at all. The protocol has already undergone a fairly major revision with the change to ESMTP and there are very few servers left that are still SMTP only. Technically, it wouldn't be very hard to bolt a much more robust mail transfer mechanism onto SMTP in the same manner we use to deliniate SMTP and ESMTP - the mail server banner and client "HELO/EHLO". For instance you could change the ESMTP banner to include the string "ESMTP v2" instead of just "ESMTP" and compliant servers could sign on with "ALLO", while older clients can still resort to "EHLO" or even "HELO" while the deployment is underway.
Simple, huh? Unfortunately not, because politically, it would probably be a complete nightmare to actually do anything like this. The whole idea would almost certainly break apart under the weight of competing agendas from the various parties involved. I think the whole MARID fiasco proved that beyond any doubt.
UNIX? They're not even circumcised! Savages!
is the law and the fines that will be applied internationally and enforced (collected) by the local authorities on the SOURCE.
If there was no Spam senders there would be no problem with Spam. Right? The problem is that we keep going after the carrier, not the beneficiary.
Fine the people for whom and on whose behalf the Spam is sent. Make it for one dollar per spam message received. Instead of sending for free, the messages end up costing more than the Post Office.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
Can you say Comcast?
How the hell do you expect ISPs to react to this kind of retalitory behavior?
You start attacking major networks automatically and you're going to see port blocking come up faster than you can say Postfix.
The "news" story is pretty much completely wrong. You might want to read the actual technical details and refactor. (Sadly, a lot stays the same, I think.)
One line blog. I hear that they're called Twitters now.
" What if the spammer had this same technology? Would the internet get stuck in an infinite loop and go to 100% usage?"
No more calls, we have a winner.
Why not just offer a service that acknowledges to spammers that they have reached a viable recipient? This is better than the old "Click here if you want to get off this mailing list".
For every 3 spam messages, I get a user saying they aren't getting their legitimate mail because the spam filter is blocking it.
The British had the right idea. Find the spammers and coil their intestines on a bobbin in broad daylight.
If you aren't part of the solution, there is good money to be made prolonging the problem
damn.. 100% overrated...
story of my life. heh
I read the IBM article. Sounds like the early days of SpamCop. SpamCop traces headers back to the originator or the first phony header, to validate the source. Mail with tracing problems used to get a challenge from SpamCop, but they gave up on that. Challenge-response effectively does a denial of service attack on joe-job victims. It's also incompatible with too many legitimate autoresponder systems that send mail confirmations of transactions.
but it will almost always bring the spammer down as a (nice) side-effect.
No, it will bring whoever is in the From: address down. It's extremely rare that that is an address that the spammer has anything to do with.
I believe posters are recognized by their sig. So I made one.
While the idea of pinging to death sounds great, it's also a DOS, Which, I think might be agaist some law here in the USA. Returning the mail to the sender seems to be legit.
onepoint
if you see me, smile and say hello.
5. Don't all those challenges take up unnecessary bandwidth? A little bit, but it takes the server much less time to send out a small challenge than it does for the user to look at it in the spam folder, no matter how fast he presses the delete key. Legitimate senders know immediately that a user hasn't received their email, and they can click a button to have it delivered. Meanwhile, the emails sit in the queue for only an hour if they can't be delivered.
The problem with this scheme is the "click a button" aspect. This would require HTML mail.
The spam problem would be 80% solved if HTML mail were not used at all.
1. Spammers wouldn't be able to track mail opening with tagged image links.
2. Spammers wouldn't be able to propagate their custom programmed spamming trojans and viruses nearly as effectively.
3. HTML mail is not needed. When was the last time you got email with a remote loaded picture in it (not attached) that actually interested you? Almost never in my case.
Hey! I got it, the FUSSP! Just ban HTML mail!
.
I haven't seen a spammer's box in the last couple of years that's used to send spam also listen on tcp/25. That's because they don't have a SMTP server listening. When you try to send the spam back to the originating computer you're going to get your TCP connection rejected simply because they aren't running a SMTP server. Who's resources are they planning on wasting? Good grief. This isn't rocket science.
Challenge response does not work well. In my case, there is a spammer out there who uses random email addresses at my domain name. Every time he sends a spam run I get anywhere from tens of thousands to over a hundred thousand bounced emails at my mail server. This server is for personal use only and is not designed to handle huge amounts of email, though Postfix doesn't seem to mind too much even though it's a 333MHz Pentium II box running Linux (uptime now at 595 days).
While my mail server doesn't seem to mind too much (other than huge log files), my Netgear firewall goes nuts from time to time forcing me to reboot it.
What would stop this type of DDOS I'm under? The gateway mail server should validate the recipient and return an error code right away instead of sending a bounced email later.
This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
This basically makes the assumption that:
a) spammers give a rat's ass about receiving e-mail, and thus actually *have* incoming mail servers, and
b) that spammers aren't spamming through botnets.
Since both these assumptions are false, this suddenly becomes a spectacularly stupid idea.
"No problem. I have the capacity to do infinite work so long as you don't mind that my quality approaches zero."-Dilbert
Good thing the summary already covered this:
when a spam email is received, it is immediately sent back to the originating computer - not an email account
Unless you know of a way to mass spoof TCP handshaking, that is...
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.