Slashdot Mirror
IBM Unveils Anti-Spam Services to Stop Spammers
bblazer writes "CNN Money is running a story about a new IBM service that spams the spammers. The idea behind the technology is that when a spam email is received, it is immediately sent back to the originating computer - not an email account. From the article, ""We're doing it to shut this guy down," Stuart McIrvine, IBM's director of corporate security strategy, told the paper. "Every time he tries to send, he gets slammed again."""
Watch as AOL and MSN/Hotmail now mark IBM as a spammer...
I'll turn into a supernova and burn up everything. Well I'll turn into a black little hole and you'll turn into string.
You end up shutting down the zombied PCs. I don't see how that's a bad thing.
How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
What's the problem? If you are participating, on purpose or not, you should be stopped.
Being subject to this form of retribution might make people aware of the problems on their machines. It seems to be a Good Thing to me.
Agile Artisans
If it helps knock the zombie effectively offline, the user is more likely to notice that there's a problem.
Paleotechnologist and connoisseur of pretty shiny things.
massive extra traffic to all isp's, traffic that doesn't even end up shutting the real source of the spam down.
so.. double the money wasted on spam on total and no cure.
world was created 5 seconds before this post as it is.
"e-mails coming from a computer on the spam list" are treated this way. Great. So when a variable-IP zombie pc power cycles and I get their old IP address next, it becomes my problem. Time to buy a fixed IP service, people.
I doubt it. What average user is going to understand the problem, much less the solution?
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
1) Person on comcast gets zombie-fied
2) starts sending out spam to say IBM
3) IBM sends back spam to the zombie
4) IBM gets put on every RBL list because it actually is sending spam, think about it
5) comcast and every major company using that RBL and every user in comcast can no longer get mail from IBM
6) IBM yells and screams to RBL list owner that they really arent sending spam, just well sending back email to people who didn't ask for it, or didn't want it or didn't sign up for it. OK they are sending spam... just not bad spam.
Only positive I see is maybe ISPs like comcast might wake the hell up and start cleaning up the problems and stop ignoring their users.
If an ISP notices the extra traffic, might they not be motivated to get the zombies that are used for spamming off their network?
My small local ISP sends techs to help their customers when these things happen - and, yes, I realize that's not viable in most cases.
spamd(8) gives you additional capabilies above that of a packet filter ... greylisting, automatic whitelisting, etc. plus, you don't have to run it on your mail server and it will still function correctly. 3.7 will also have greytrapping
vodka, straight up, thank you!
Sounds more like undergoing chemo to kill cancer... just gotta hope that it kills the cancer before it kills you.
Or so I've heard, anyhow.
I really don't know why ISPs don't just suspend the accounts of PCs with zombies/viruses. In the same way that you get your driving licence revoked/suspended for driving like an ass, people should get their internet accounts suspended too.
And it's not like it's hard to tell who the culprits are. Anyone who has logging enabled on their firewall will know exactly what I mean.
That would be a hit to the bottom line - Average User will just think the ISP is incompetent and find another, way before ever admitting their system has a problem.
Better to just silently block ports, open them only when people specifically ask - then monitor for abuse.
The "news" story is pretty much completely wrong. You might want to read the actual technical details and refactor. (Sadly, a lot stays the same, I think.)
One line blog. I hear that they're called Twitters now.
Great, I can't wait to have my dynamic IP switch to one of a zombie pc and get dos attacked.
5. Don't all those challenges take up unnecessary bandwidth? A little bit, but it takes the server much less time to send out a small challenge than it does for the user to look at it in the spam folder, no matter how fast he presses the delete key. Legitimate senders know immediately that a user hasn't received their email, and they can click a button to have it delivered. Meanwhile, the emails sit in the queue for only an hour if they can't be delivered.
The problem with this scheme is the "click a button" aspect. This would require HTML mail.
The spam problem would be 80% solved if HTML mail were not used at all.
1. Spammers wouldn't be able to track mail opening with tagged image links.
2. Spammers wouldn't be able to propagate their custom programmed spamming trojans and viruses nearly as effectively.
3. HTML mail is not needed. When was the last time you got email with a remote loaded picture in it (not attached) that actually interested you? Almost never in my case.
Hey! I got it, the FUSSP! Just ban HTML mail!
.