Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Jonathan Zdziarski

Posted by ScuttleMonkey on from the friends-of-anti-spam dept.

You may recognize the name Jonathan Zdziarski from a recent Slashdot book review of his book Ending Spam. Aside from his DSPAM spam filter Jonathan has also contributed several other projects to the open source community under the GNU General Public License. These projects include Verizon-Compatible SMIL Multimedia Gateway, The Reactive Automated Blackhole List Server, Apache DoS Evasive Maneuvers Module, and several others. Want to know how to effectively contribute projects to the open source community? Curious to ask another programmer about his history? Now is the time to ask. Moderators will select the top few questions that we will forward on to Jonathan sometime tomorrow. The answers to the questions will be displayed next Tuesday when we will encourage Jonathan to participate in the discussion as time permits.

6 of 112 comments (clear)

  1. How to start by Anonymous Coward · · Score: 1, Insightful

    Do you have any suggestions for the enthousiastic yet inexperienced? Perhaps a listing of projects in need of developers, with some indication of the level of experience suggested (as well as languages required).

  2. I have a really important question by Anonymous Coward · · Score: 1, Insightful

    I would like to know who you are and why Slashdot is asking you anything. Did you ask Slashdot to do this? Who are you and why should we care?

  3. Re:DIY Spam Filtering by LnxAddct · · Score: 2, Insightful

    Actually, filters do a much better job then humans. One human can't deal with the job, its too overwhelming in many cases, therefore one human isn't capable of filtering effectively, even if they were capable, most would rather pay someone else to do it for them. The next solution, say AOL highered 1,000 people to filter spam, each one of them would disagree with what is spam and what isn't. Some people might want to get car deals, and sports information, or porn and viagra, others won't. The spam filter is often personalized, where as someone sifting through thousands of different people's emails can't be. So let's review, you don't have the time, others don't have the knowledge, the only solution is a filter that learns your habits and works in milliseconds. The only thing better then a filter would be you, no other human being, therefore saying humans are better is not accurate. You couldn't just sit a random human infront of a random person's inbox and say filter this.
    Regards,
    Steve

  4. Re:Christian Beliefs by adrianmonk · · Score: 2, Insightful
    Do you agree that there might be a possibility that your beliefs are not rational (again, without going into whether or not they are so)?

    I think he sort of answers that question in the essay you linked to. He says that "it is true that Christianity is ultimately based on faith".

    There are many philosophical viewpoints on what are valid ways of obtaining knowledge. Some people think the only valid source of knowledge is empirical observation and rational thought. Others think that, if there is such a thing as a supernatural being, that being could impart knowledge to people through some sort of mystical revelation, i.e. God controls the universe, so if he wants, he can make you know things. (It's a pretty reasonable conclusion if you first assume God does exist and does control the universe.) Some people think empirical observation and spiritual revelation are both valid, but if the two are in conflict, revelation should take precedence.

    These different viewpoints are differences in philosophy. I learned in computer science class (when I learned about diagonalization and the incompleteness theorem) that logical thought cannot give you all the answers. There are true statements that logic can't lead you to and can't support. Many people during The Enlightenment believed that the forward march of reason was inexorable, and reason could, given enough time, solve any problem. They were wrong, although they weren't even proven wrong until less than 100 years ago.

    My point is, the question of what avenues for obtaining knowledge are valid is an open philosophical question. (One might even say a timeless question.) There have been relatively recent developments that have changed our views of this question.

    In light of that, is it wrong thinking to believe in faith over reason? Maybe it is, or maybe it isn't. But many Christians have a pretty simple philosophy on it: they believe in faith and revelation over reason, but they do investigate Christianity in an intellectual sense enough to be sure that it's a defensible, basically consistent point of view. (It doesn't have to be perfectly consistent and complete, because none of the other views of the world are either.)

  5. Re:history of DSPAM by Anonymous Coward · · Score: 1, Insightful

    I'm curious, how a thinking, logical, Christian such as yourself feels about the "intelligent design" movement?

    Read his website. He's a creationist.

    I Just Can't Swallow Evolution

    (That section starts about 2/3 of the way through the page.)

  6. Re:Simple Question by stoborrobots · · Score: 2, Insightful

    Wouldn't this simple fix stop 99% of spammers in their tracks?

    No, it wouldn't.

    Firstly, what this prevents is the direct sending of mail from unregistered IPs to a destination host, or via an open relay. However, the bulk of the spam out there today (not this time last year, when the profile was completely different...) does not come from open relays. Eliminating both open relays and direct port 25 connections from non-mailserver IPs would only eliminate one simple route for spam.

    The bulk of todays spam comes from trojaned machines (botnets) which are able to spew forth spams as directed by their controlling server. Given that these bots are able to hook into things like MAPI and/or read configuration files for kmail/evolution/mutt which can contain smarthost IPs and login details, they are able to send as much mail as they like pretending to be the authorised owner of the machine in question. At this point, there is nothing left to distinguish a spam email from any other email originating on that computer.

    Until you can prevent every machine out there from being compromised thus, or convince the entire world that clicking the "save password" button is evil, you cannot prevent spam disguising itself as legitimate mail.

    Further, assuming that we don't consider these smart viruses which pick up the user/password settings, there's nothing preventing the spammers from registering "sdfkjwnwfsinlsd.biz", configuring the "official authorised mailserver IP" to be that of a compromised machine somewhere (or an army of them) and having those spew forth spams for 24 hours (or even 1 hour... ) Getting his 100million messages out there, then cancelling the domain, and leaving no trace of anything worth blocking.

    Greylisting comes the closest to being an effective spam blocker, but it would be trivial to implement a spam-bot which played the greylisting game... and once it passed the greylist test, it could then spam that mailserver for a while, confident that its messages were getting through.

    Spam cannot be avoided by purely technological means. As long as a human can message you using only a computer, a spammer can make that computer spam you.

    --
    "Go to CNN [for a] spell-checked, fact-checked summary" -- CmdrTaco