IBM Unveils Anti-Spam Services to Stop Spammers

bblazer writes "CNN Money is running a story about a new IBM service that spams the spammers. The idea behind the technology is that when a spam email is received, it is immediately sent back to the originating computer - not an email account. From the article, ""We're doing it to shut this guy down," Stuart McIrvine, IBM's director of corporate security strategy, told the paper. "Every time he tries to send, he gets slammed again."""

What about the zombie PCs

[spicydragonz]

The networks of zombie PCs are going to be even more lagged by IBM. Maybe this will finally get their owners to patch or firewall them.

Can RSS Solve The Spam Problem?

[filmmaker]

IBM says in a new report that, in February, 76 percent of all e-mails were spam. While its report says that is down from a summer 2004 peak of nearly 95 percent, it is well above levels in February 2004.

Interesting that the figure has dropped so significantly in a year's time. The mere fact that email has been so thoroughly polluted as a medium by spamvertisers prompts me to think that RSS could be a way to circumvent email and its problems entirely. Imagine if people had pass-protected RSS feeds for all their contacts, as well as group feeds and a public feed. Then, when it's time to email someone, you just insert a new entry in that person's feed. A mechanism that checks feeds 10 times an hour should be sufficient. In terms of end-user interface, it would be identical to email in every significant way. Just seems to me that there's no room for spammers in a system like that, since in order to be "spammed" you'd have to subscribe specifically to a spammers feed.

There would be a lot of traffic overhead with a system like that, but it couldn't possibly be worse than the 75% spam overhead of email.

Re:Can RSS Solve The Spam Problem?

[embo]

Eliminate RSS from the mix, and essentially you are talking about something similar to IM2000.

http://cr.yp.to/im2000.html

The basic idea is to reverse the concept of how mail is handled today. If you want to send an email, you store it on your site until someone comes and picks it up from you. It is never delivered, all mail must be picked up. Instead of pulling your mail from a single Inbox, you pull your incoming mail from hundreds of repositories, depending on who is mailing you.

One advantage is that if someone wants to send out a million emails, it is up to THEM to store it, not you. Blacklisting becomes easier, as does whitelisting, etc.


And for you whiners who love bitching about how Dan Bernstein is behind it so it MUST be bad, please don't bother. That horse has been beaten to death hundreds of times before.

Re:Any idea what this actually means?

[MindStalker]

I think he means the IP of the SMTP sender will be loggged and it will be sent back to that IP. Many SMTP servers may simply deny the packets though.

Smurf

[skinfitz]

Anyone remember the smurf attack? Send a large ICMP PING to a broadcast address from a spoofed IP of your real victim - all the machines in the subnet then DDoS the victim with replies sent to the spoofed address. This new DDoS of spamming machines sounds kind of similar. What's to stop haxx0rs exploiting this to cause a DDoS of non-spammers?

The net result is quite similar

[Pac]

After sending a million spam messages to a million recipients using this system, the originating node receives a million challenges. Not DDOS per se, but it will almost always bring the spammer down as a (nice) side-effect.

Re:agreed

[bwcarty]

You're right on the money.

I went through chemo and radiation last year. The idea of chemo is that it kills cancerous cells, but it's completely untargetted, so you end up poisoning the whole body.

Without the chemo, I'd likely be dead now. I traded a few months of extreme weakness in exchange for near perfect health now.

Re:Well, duh...

[MillionthMonkey]

I wrote this "spam form" in December 2003. The form appears on Cory Doctorow's site and is occasionally attributed to him but it was originally written by me.

The general form of a "checklist" response is really old. I first saw such a form on USENET more than ten years ago. It originally appeared in in this rec.humor.funny post from December 1994 whose author claims to have gotten it from a VAX conferencing system. The general idea of a standardized checklist for blowing someone off is probably even older than that.

I got tired of explaining to people why their cockeyed spam solutions wouldn't work, so I wrote this particular one about spam one evening and posted it here and here. I'm surprised it took off, actually. Now in every thread about spam I do a search for "technical legislative vigilante" to see if it's reappeared and it's there half the time. I only wish I had included a little dig for challenge-response schemes!

The part at the end about burning your house down is there because someone in the original thread proposed a solution to spam that was so abysmally bad that the poster was suspected to be a spammer himself- hence the "( )spammers could easily use it to harvest email addresses" item.

Judging from Google searches, spam researchers seem to have mixed feelings about it. The form wears out its welcome all the time but keeps reappearing. Some like it and use it a lot to quickly dispatch stupid ideas from the peanut gallery. Others hate the form because it gets presented to them all the time when they present their proposals. It has actually appeared in a number of anti-spam research papers. One group of researchers, when proposing their solution, actually prepared a preemptive response to refute each form item.