Slashdot Mirror

← Back to Stories (view on slashdot.org)

IBM Unveils Anti-Spam Services to Stop Spammers

Posted by CmdrTaco on from the keep-your-inbox-sparkly-clean dept.

bblazer writes "CNN Money is running a story about a new IBM service that spams the spammers. The idea behind the technology is that when a spam email is received, it is immediately sent back to the originating computer - not an email account. From the article, ""We're doing it to shut this guy down," Stuart McIrvine, IBM's director of corporate security strategy, told the paper. "Every time he tries to send, he gets slammed again."""

24 of 443 comments (clear)

  1. spamd by Anonymous Coward · · Score: 3, Insightful

    I think I'll stick with spamd. It doesn't waste my bandwidth.

  2. With all the spam zombies, how will this help? by lintux · · Score: 3, Insightful

    How does this exactly help solving the spam problem when the machine sending the spam is not owned (but "0wned") by the spammer?

    Or do they plan to DDoS the spam-zombies?

  3. AOL and MSN by justforaday · · Score: 4, Insightful

    Watch as AOL and MSN/Hotmail now mark IBM as a spammer...

    --
    I'll turn into a supernova and burn up everything. Well I'll turn into a black little hole and you'll turn into string.
  4. Re:works great for honest spammers by aardvarkjoe · · Score: 5, Insightful

    You end up shutting down the zombied PCs. I don't see how that's a bad thing.

    --

    How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
  5. Re:works great for honest spammers by jarich · · Score: 4, Insightful
    ... but what about the vast majority of spam that's sent from zombied PCs and open relays instead of from the spammer's own mail servers?

    What's the problem? If you are participating, on purpose or not, you should be stopped.

    Being subject to this form of retribution might make people aware of the problems on their machines. It seems to be a Good Thing to me.

    --
    Agile Artisans
  6. Re:works great for honest spammers by FlyByPC · · Score: 5, Insightful

    If it helps knock the zombie effectively offline, the user is more likely to notice that there's a problem.

    --
    Paleotechnologist and connoisseur of pretty shiny things.
  7. Re:works great for honest spammers by gl4ss · · Score: 4, Insightful

    massive extra traffic to all isp's, traffic that doesn't even end up shutting the real source of the spam down.

    so.. double the money wasted on spam on total and no cure.

    --
    world was created 5 seconds before this post as it is.
  8. e-mails coming from a computer on the spam list by bagofbeans · · Score: 5, Insightful

    "e-mails coming from a computer on the spam list" are treated this way. Great. So when a variable-IP zombie pc power cycles and I get their old IP address next, it becomes my problem. Time to buy a fixed IP service, people.

  9. Re:What about the zombie PCs by coyote-san · · Score: 4, Insightful

    I doubt it. What average user is going to understand the problem, much less the solution?

    --
    For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
  10. Heres what happens in order by dalewj · · Score: 5, Insightful

    1) Person on comcast gets zombie-fied
    2) starts sending out spam to say IBM
    3) IBM sends back spam to the zombie
    4) IBM gets put on every RBL list because it actually is sending spam, think about it
    5) comcast and every major company using that RBL and every user in comcast can no longer get mail from IBM
    6) IBM yells and screams to RBL list owner that they really arent sending spam, just well sending back email to people who didn't ask for it, or didn't want it or didn't sign up for it. OK they are sending spam... just not bad spam.

    Only positive I see is maybe ISPs like comcast might wake the hell up and start cleaning up the problems and stop ignoring their users.

  11. How does it hurt spammers? by Elixon · · Score: 3, Insightful

    Suppose the spammer's machine that sends 200k e-mails per hour. This machine is for sending only. It does not have any port for receiving e-mails opened. So - the throughtoutput must be high to send out 200k of e-mails, and what they will do to the spammers? If all servers (it is not likely to happen) are having IBM soft then they will receive 200k attempts per hour to connect to blocked ports on spammers machine while trying to hit back... And this is going to stop them? :-) Their specialized machines tuned for sending with no receiving capabilities against high-performance spam-analyzing machines that will waste CPU by identifying spam and waste bandwith while trying repeatdly pass e-mail to some blocked ports on spammers machine... Hm. I don't understand it. Just another way how to hurt people afected by spam by selling the useless software/hw to them.

    --
    Well, I've got to get back to work. When I stop rowing, the slave ship just goes in circles.
  12. useless tactic by msblack · · Score: 3, Insightful

    IBM's tactic is utterly useless because the vast majority of spam originates from zombie PCs. Those zombie system may have an SMTP engine to generate spam, but they most likely do not have port 25 open. Bouncing the spam back will be futile. It is more likely to generate a new denial-of-service attack: send a spam to IBM and watch them fight in vain attempting to bounce back the message.

    --
    signature pending slashdot approval
  13. Re:works great for honest spammers by Anonymous Coward · · Score: 4, Insightful

    If an ISP notices the extra traffic, might they not be motivated to get the zombies that are used for spamming off their network?

    My small local ISP sends techs to help their customers when these things happen - and, yes, I realize that's not viable in most cases.

  14. Re:Not a good idea. by Triumph+The+Insult+C · · Score: 4, Insightful

    spamd(8) gives you additional capabilies above that of a packet filter ... greylisting, automatic whitelisting, etc. plus, you don't have to run it on your mail server and it will still function correctly. 3.7 will also have greytrapping

    --
    vodka, straight up, thank you!
  15. Re:agreed by the_bard17 · · Score: 5, Insightful

    Sounds more like undergoing chemo to kill cancer... just gotta hope that it kills the cancer before it kills you.

    Or so I've heard, anyhow.

  16. Re:More me too bullshit by Zocalo · · Score: 3, Insightful
    But you don't have to abandon SMTP completely. Something as simple as hashcash could essentially eliminate spam.

    Actually, you don't have to abandon SMTP at all. The protocol has already undergone a fairly major revision with the change to ESMTP and there are very few servers left that are still SMTP only. Technically, it wouldn't be very hard to bolt a much more robust mail transfer mechanism onto SMTP in the same manner we use to deliniate SMTP and ESMTP - the mail server banner and client "HELO/EHLO". For instance you could change the ESMTP banner to include the string "ESMTP v2" instead of just "ESMTP" and compliant servers could sign on with "ALLO", while older clients can still resort to "EHLO" or even "HELO" while the deployment is underway.

    Simple, huh? Unfortunately not, because politically, it would probably be a complete nightmare to actually do anything like this. The whole idea would almost certainly break apart under the weight of competing agendas from the various parties involved. I think the whole MARID fiasco proved that beyond any doubt.

    --
    UNIX? They're not even circumcised! Savages!
  17. The ONLY thing that will stop Spam by crovira · · Score: 3, Insightful

    is the law and the fines that will be applied internationally and enforced (collected) by the local authorities on the SOURCE.

    If there was no Spam senders there would be no problem with Spam. Right? The problem is that we keep going after the carrier, not the beneficiary.

    Fine the people for whom and on whose behalf the Spam is sent. Make it for one dollar per spam message received. Instead of sending for free, the messages end up costing more than the Post Office.

    --
    MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
  18. Re:works great for honest spammers by rpozz · · Score: 4, Insightful

    I really don't know why ISPs don't just suspend the accounts of PCs with zombies/viruses. In the same way that you get your driving licence revoked/suspended for driving like an ass, people should get their internet accounts suspended too.

    And it's not like it's hard to tell who the culprits are. Anyone who has logging enabled on their firewall will know exactly what I mean.

  19. Re:works great for honest spammers by stilwebm · · Score: 3, Insightful

    SMTP requires two-way communication, so spoofing is nearly impossible. As mentioned in the article, this isn't a system of returning mail to the From email address, as everyone knows that is forged nearly 100% of the time in spam. It is returning the message to the SMTP server it arrived from. If spam is coming from your IP, you either have an exploited host or open relay.

  20. Re:works great for honest spammers by digitalchinky · · Score: 4, Insightful

    That would be a hit to the bottom line - Average User will just think the ISP is incompetent and find another, way before ever admitting their system has a problem.

    Better to just silently block ports, open them only when people specifically ask - then monitor for abuse.

  21. Re:Well, duh... by AndroidCat · · Score: 4, Insightful

    The "news" story is pretty much completely wrong. You might want to read the actual technical details and refactor. (Sadly, a lot stays the same, I think.)

    --
    One line blog. I hear that they're called Twitters now.
  22. Re:works great for honest spammers by Anonymous Coward · · Score: 5, Insightful

    Great, I can't wait to have my dynamic IP switch to one of a zombie pc and get dos attacked.

  23. Re:Lies in the CNN story title. by ciscoguy01 · · Score: 5, Insightful

    5. Don't all those challenges take up unnecessary bandwidth? A little bit, but it takes the server much less time to send out a small challenge than it does for the user to look at it in the spam folder, no matter how fast he presses the delete key. Legitimate senders know immediately that a user hasn't received their email, and they can click a button to have it delivered. Meanwhile, the emails sit in the queue for only an hour if they can't be delivered.

    The problem with this scheme is the "click a button" aspect. This would require HTML mail.
    The spam problem would be 80% solved if HTML mail were not used at all.
    1. Spammers wouldn't be able to track mail opening with tagged image links.
    2. Spammers wouldn't be able to propagate their custom programmed spamming trojans and viruses nearly as effectively.
    3. HTML mail is not needed. When was the last time you got email with a remote loaded picture in it (not attached) that actually interested you? Almost never in my case.

    Hey! I got it, the FUSSP! Just ban HTML mail!

    --
    .
  24. Re:The net result is quite similar by freeweed · · Score: 3, Insightful

    Good thing the summary already covered this:

    when a spam email is received, it is immediately sent back to the originating computer - not an email account

    Unless you know of a way to mass spoof TCP handshaking, that is...

    --
    Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.