Spam is Dead

Vainglorious Coward writes "Two years on from Bill Gates' promise to eradicate spam, an article in The Observer claims that spam has passed its peak and is now declining. Is it just me that hasn't noticed this?" I got almost a third more spam in 05 than 04. I guess I exist outside the bell curve on this one.

Oh Please

[GmAz]

As soon as 2006 hit, my gmail account started getting spam. I have gotten 7 today alone. Argh.

Re:Oh Please

[netkid91]

Only 7? I get an average of 32 a day! Most for enlargment pills, but in the history of my GMail account, I have gotten at most 5 or 6 spam messages in my inbox, and that's since late 2004, and most of my spam is from the forwarded mail from my ISP.

Re:Oh Please

[GmAz]

But considering that I only use this e-mail account for family, its quite amazing. I have another account for online purchases and other online stuff. I used to have an account that I quit using because of hundreds a day. I left it be for about 6 months and I had over 55,000 unread messages when I closed it. Good 'ol yahoo mail.

Re:Oh Please

[Poltras]

Well, GMail is good on me for these, but what about legitimate emails getting into the spam folder. Never happened to me, but does anybody have infos/site with statistics on this situation?

Re:Oh Please

Uh... that's actually spelt "puh-leaze". You fail it. :-)

Re:Oh Please

[drn8]

I looked into some of the spam getting into my gmail, they were from different domains but all from the same nameserver, and all the domains had just been regestered on the same day I checked. Interestingly they all happened to want my credit card number, and some even claimed to be from ebay.

Re:Oh Please

[Steev]

The only legitiment emails I have ever had go into the spam folder have been ones from mailing lists.

Re:Oh Please

Uhhh... I've recieved about 10 spam emails in my gmail account since I've had it. And all from the same person.

So what do I do? I registered an address called part-of-my-name.spam.other-part-of-my-name@gmail.c om So that it is an actual valid address. I use this to post on the internet ANYWHERE it is going to show up, and when I am worried that something I'm signing up with is going to spam me, I use that too. It's always full of spam.

I get about 10 spam emails a day on that address, compared with 10 in about a year on my non-spam address.

The great thing about registering that address is you can sign up for message boards, or things where you are never going to use the address again, but might get spammed. Then you can check it for your validation key, and that's all you need it for. Sure, you get spam, but you only ever need the newest message, so you never have to wade through the spam.

Re:Oh Please

[MaelstromX]

I even got a PhD through one of my spam emails. (I had the money to blow, and it was for a good R&D turn in job)

Gee, thanks for giving your financial support to spammers. YOU and others like you are the reason the rest of us get 30-something spams a day. Not to mention the unfathomably dumb way you chose to spend your money...

Re:Oh Please

That's "Gee, thanks, Doctor" to you, sir.

Re:Oh Please

[Asm-Coder]

Not to mention the unfathomably dumb way you chose to spend your money...

Yeah. You should have bought a PC mod, though I don't care where you get it.

Re:Oh Please

[joto]

now the PhD is absolutely bogus because the paper it came on was regular wine white, and the seal that shittly done

Oh, so that's why the PhD was bogus! And here I thought it might be bogus because it was from an unaccredited university, because you bought it instead of taking the required courses, doing the thesis, and so on...

Please don't buy things from spammers, you're the reason the rest of us gets spam!

Re:Oh Please

[friedmud]

I have been wondering this myself... I have over 1500 emails in my spambox on GMail (and since they get deleted after 30 days... that translates into roughly 50 a day... which has been steadily on the rise).

And although the spam doesn't really bother me (because Gmail catches it all) I've started to worry about false positives... I get so much spam that there isn't really any way for me to check for false positives. Every once in a while I'll open up the spam folder and peruse it for false positives. I haven't found any yet, but who knows what's been caught.

Has anyone had _real_ (non mailing list) emails caught by gmail's spam filter?

Friedmud

Re:Oh Please

[hdparm]

I have noticed sizeable increase in filterred messages on my gmail account and have done some rough statistics: - before the increase, I was getting less than 1 spam email in 3 days - current average (2006): 29.66 - the worst offender: software at discount prices - 47% - second: various medication (including enlargement pills) - 44% - third: nigerian-like spam - 6% - fourth: various lottery win notifications - 3% Google's filter was inaccurate in only 2 cases. Both are from mailing lists I subscribe to and one of these is definitelly dodgy and hard to pass through spam-filters. So, that article seems to be another in the series of those that serve as a Gates/Microsoft marketing/FUD/whatever. In other words, pure bullshit.

Re:Oh Please

[Red+Alastor]

Try spamgourmet. Same approch but easier.

Re:Oh Please

[mrbooze]

I literally get almost zero spam any more. However, this is likely only because my ISP implemented "greylisting". So, while I'm definitely getting virtually no spam anymore, I'm also sometimes not getting email because someone's mail server isn't following proper procedures. (American Express, for one, I could not get email from American Express through said ISP.)

Re:Oh Please

[atokata]

If you've got enough money, you can buy one from a prestigeous, accedited university.

See: Dr. Condoleeza Rice, currently Secretary of State for a small, unimportant country.

Re:Oh Please

[SgtChaireBourne]

I don't use gmail, but I've also been getting around 30 a day, it's been gradually going up again taking a few leaps last year. I think we have another quote to make fun of:

Re:Oh Please

[joto]

I'm not sure what you're getting at. According to wikipedia, Condoleeza Rice got her PhD in the normal way from U. of Denver in 1981 (age 26). She has since received a number of honorary doctorates, something which should not be confused with either non-accredited PhDs or ordinary doctorates.

Honorary doctorates are something universities give to people for their achievements outside the university. Some universities give them out only for academic achievments , while some give them for other things (such as being famous). Getting an honorary degree is usually more like getting a lifetime-achievement award, then it's like getting a real degree.

Re:Oh Please

One of their machines is infected.

Re:Oh Please

[tigersha]

Whatever you think of Condi Rices' politics, she is smarter than you are. The woman deserved her PhD, she was the provost of Stanford University until she started serving in the Bush adminstration and she was and probably still is the United States' greatest expert on the Soviet Union.

Re:Oh Please

Yeah, I mean even Dubya can get honorary degrees for real. ;)

Re:Oh Please

[ErebusNT]

Funny part is that since I activated my Gmail account (in mid-December) the only person or organization I gave the address to was Google News Alerts, and guess what? I get spam. Interesting that either people are good at guessing GMail addresses or else Google sells the mailing list?

Re:Oh Please

[dmdb]

I don't get spam, period. I have 3 active mail accounts (Gmail, Hotmail and College), and they're all clear. Prehaps not giving out our email addresses unless we trust the source might solve a lot of peoples problems. If you need an email address to use for a signup might I suggest Mailinator. You don't need to sign up or waste any time like that, all you do is use (anything)@mailinator.com as your signup address and then go to their site to check it. For the majority of boards I use this is how I signup to them, they don't need to know who I am, for many of them I have them on an aggregator or I check them periodically anyway so its not a problem.

Re:Oh Please

[Stan+Vassilev]

"I even got a PhD through one of my spam emails."

I'll feel better if you confess that you were just hitting random kb keys with a hammer resulting in this sentence rather that actually meaning what you said.

BTW, I'm selling moon rocks, only $200 each piece. It's like totally rippin' me. You in?

Re:Oh Please

[michaelmichael]

The only email that was sent to GMail's Spam box was one sent via StumbleUpon from Firefox (I email myself links that I find at work so I can get to them from home.) Other than that, no real email makes it to spam and no spam makes it to my inbox.

Re:Oh Please

[Ortega-Starfire]

I'm in the same boat minus stumbleupon. Just no spam and my box has been open for over a year. Maybe it is because I don't use that email to sign up to different websites...

Re:Oh Please

[Ortega-Starfire]

Our favorite engineer from Star Trek TOS got an honorary engineering degree as well, didn't he?

Found it! From the wiki:
Scotty's exploits as the redoubtable Chief Engineer aboard the Enterprise inspired many students to pursue a career in engineering. Because of this the Milwaukee School of Engineering granted Doohan an honorary degree in engineering.

Re:Oh Please

[michaelmichael]

I've only signed up for a select few websites (such as Slashdot here) with my GMail account. Most of the spam I get are messages about non-profit something-or-others because I've got a lonely, dusty domain. I get more spam in my Outlook inbox at work than I ever do in my GMail box.

Re:Oh Please

[ultranova]

I, for one, despise our new undead spam overlords !

Now we need to develop electric paladins to smite them...

Hmm... "The night of the living dead 2006" - the horror movie in which deleted spam messages return from their bitless grave to take over your inbox ! "Spaace, spacee, mussst eeat diiisk spaaaceeee..." Shown today, live, on... your... COMPUTER !!!

Nurses will be available in the nearest hospital should you need them ;).

Re:Oh Please

[sandmaninator]

Seems to me she is either a liar or not very bright.
I'm leaning towards liar

Re:Oh Please

What's unfathomably dumb is your failure to recognize an obvious joke.

Re:Oh Please

[legirons]

I have gotten 7 today alone. Argh.

I'm still not entirely sure whether that was a joke. I received so many spam emails today (about 250 in my "normal" email account) that it's become easier to do a search for legitimate messages, than it is to delete the spam.

yeah

first post (I hope)

Good luck on that one bill

Centralized Email

[(1+-sqrt(5))*(2**-1)]

The problem with the micropayment- or trusted-sender-model seems to be: What stops someone from setting up pop3 cum sendmail and ignoring the illicit contract?

Gates and co. would have to have an effective monopoly on email traffic for that to work. (Which might have been conceivable before the advent of Gmail, by the way.)

Re:Centralized Email

[kfg]

Gates and co. would have to have an effective monopoly on email traffic for that to work.

Boy, I bet they never thought of that.

KFG

Re:Centralized Email

[James_Aguilar]

My understanding is that if it someone were to attempt this, they would have to somehow pay the account of the *receiving* program, not the sending program. So, for a person at Hotmail to receive your email, you must pay ten cents. That would be the only logical way to run this kind of system.

Re:Centralized Email

[Phat_Tony]

Here's how I assume micro-payments work: You come out with a standardized system for handling micropayments- that is an open, say, xml format so that any micropayment applications can talk to each other. Then any company that wants to handle micropayments (Paypal, Yahoo, Citibank, Fred's Bargain Micropayments, etc.) starts selling them. When you (your email app working automatically, or whatever) buy a micropayment, it comes with a tag saying how much it's for, who sold it, and what it's record number is. These get attached in the standard micropayment format as an attachment to an otherwise normal email record. The recipient computer's email program then goes and establishes a secure connection with the person who sold the micropayment and makes sure it really exists and is for the right amount. Of course, maybe Fred's Bargain Micropayments is an illegitamate vendor who exists only to facilitate spam and will "confirm" payments but never give you the money. This is why your email client will automatically go get lists online of known, valid micropayment vendors.

Who will maintain these lists? Anyone. Google? Consumer Reports? will they be free, or require micropayments or subscription fees to access, or be ad supported? Who cares, markets competition will work it out between vendors and consumers. At any rate, the basic system is sound, and does not necessarily require any sort of vendor lock-in to work.

To the user, all you have to do is set up your email client with the secure server(s) providing lists of valid micro-payment and email-insurance vendors (or use whatever defaults it comes with), and then tell your client how much money you require (reject, or move to SPAM folder, all messages that don't come with a payment or insurance policy of over $0.015) or whatever. Then say you get a piece of marketing mail you don't want insured at $0.02. Your computer checks the micropayment insurance vendor list and finds the vendor specified is valid, then it goes to the vendor and finds that the listed payment is valid, so the message goes in your inbox. You look at it, you decide it's spam, you click the "get insurance payment" button in your email client, and it goes and retrieves the $.02 and puts it in your account. The spammer who sent it will then see that you collected their payment, and either decide it's worth $0.02 to them to get stuff to you, or else take your name off their list so you don't collect any more of their micro-payment insurance policies.

Re:Centralized Email

[madprof]

Did you mean implicit instead of illicit? I think that makes more sense. :)

Re:Centralized Email

[shanen]

Typical of the bogusity of the /. moderation system that the relevant posts are downmodded, eh?

Anyway, the OP is only half right. Yes, you cannot solve an economic problem with legal or technical bandaids, but you don't have to completely centralize things as long as you make it impossible to divide by zero. At least that's how the spammers think of their costs. If there is even 1 of the red real kind associated with each piece of email, the spammer's 'economic model' collapses into dust.

Okay, so let's blame Al Gore. After all, everything else is his fault. Because he was so effective in getting unconditional funding for those pointy-headed hackers, they didn't even think about building real economic models, and ever since then we've been cleaning up the resulting mess.

Yes, I'm joking about the blame, and if they had been too worried about how the money parts would work, maybe they never would have gotten around to inventing the Internet in the first place. On the other hand, there needs to be some balance between the reality and the abtract, and the Internet hasn't found any good balance yet.

Re:Centralized Email

[Tony+Hoyle]

It just wouldn't work.

Mailing lists would be completely shafted, and I for one would *not* pay any of these - I'm not in the US anyway, plus unless I was notified of the charge beforehand I would not consider myself liable (there is legal precedent for this.. that's why ATMs that charge you have to have 'you will be charged x for this transaction, do you want to continue or go to a bank that isn't so greedy' screens).

Tony

Re:Centralized Email

[AndreiK]

Easy - just ignore all senders that do not follow the agreement, except those you whitelist.

Re:Centralized Email

[Firethorn]

Then you whitelist it prior to subscribing, or in parallel therein.

Still, rather than a micro-payment scheme, I'd much prefer burning a few of the worst offenders at the stake.

Re:Centralized Email

[Anpheus]

There was an interesting idea a while ago that would institute a 'CPU fee.' Say, force the computer to add some data to the end of the document, and increment it until a certain unique property is found in a hash of the message. Any mail server could check this hash versus the message, and drop any that fail. Say, making the first 20 to 25 digits of SHA-1 to be all zeroes. Tests like this ensure that there is a minimum amount of CPU time being put into processing the message. Bulk mail would provide an even greater challenge, as attempting to send a million messages would require a fee of millions of CPU time for a desktop PC. 1,000,000 seconds is about 12 days. A slight increase in the amount of processing time could occur over time. Say, if some breakthrough occured and CPUs leaped ahead in processing speed, the amount of processing could be increased correspondingly. Spammers will have to pay to buy more computers or have to give up spamming entirely.

Re:Centralized Email

[FirstTimeCaller]

Gates and co. would have to have an effective monopoly on email traffic for that to work.

They're working on this! I know because I got an email from Bill himself asking me to help test the system for him by forwarding the email to others!

Re:Centralized Email

[(1+-sqrt(5))*(2**-1)]

Did you mean implicit instead of illicit?

You're exactly right; though, in my defense, illicit may be construed as a subset of implicit.

Re:Centralized Email

Go take a look at their "SenderID" software: the idea was to add an XML, semi-encrypted, signed header to every piece of email and integrate client checking of it as part of basic spam blocking.

Unfortunately, zombied machines to send spam from are easy to get, including most of the machines with "SenderID" keys out there today. In fact, SenderID correlates very strongly with being spam, because you can simply buy the keys from
Microsoft and the verification that you are not a spammer simply does not exist.

Re:Centralized Email

[Qzukk]

Mailing lists would be completely shafted

Not exactly... What if the mailing-list "insured" itself (against being spam) at $0.05 or something, but in turn required that anyone who signed onto the list insure themselves (against marking the list as spam) for $0.075? Then idiots who flag mailing lists they subscribed to as "spam" in order to get off the list might take the time to read the .sig and remove themselves properly. You might still have malicious users sit around, collect a hundred emails, then try to collect on all of them at once, though, so something would need to be done to make sure these micropayment tokens expire if the message wasn't spammy enough to collect on when it was first read (hmm... how to do this without tracking the reading of the message, or penalizing those who might have been away on a vacation...).

Re:Centralized Email

[et764]

They don't have to be monetary micropayments, micropayments can be computational as well. It'd be as simple as adding a new authentication scheme to SMTP servers, where when you want to send a message the SMTP server says "Before you can send mail from this server, you must find a string that matches x digits from this MD5 hash." It's a lot easier for the server to verify a solution than for the client to come up with a solution, so there is a small computational cost with sending mail, but it's not prohibitive for the server. Even if Joe Spammer wants to set up his own mail server to send spam from, eventually the message is going to have to go to a reputable server, which would require computational micropayments. Granted, this solution requires changing an Internet standard that's pretty well entrenched. It's a relatively small change though, and if done right it would mean spammers would have to build supercomputers to send out as much mail as they do.

Re:Centralized Email

[StikyPad]

That a solution isn't perfect is not a reason to dismiss the solution entirely. Besides, what if there was a whitelist for people who could e-mail you for free?

Re:Centralized Email

[mewphobia]

The problem with the micropayment- or trusted-sender-model seems to be: What stops someone from setting up pop3 cum sendmail and ignoring the illicit contract?

AFAIK, DomainKey works because if your provider gets spam from another DomainKey supporting provider, they can just blacklist the provider. It's in a providers interest to no have spam on their network, as doing so makes it harder for people to get emails originating from their network through, and so makes their network less valuable.

Effectively you can force all email providers to use domain keys if they want all their messages to get through. This, like micropayments, works because it is driven on economics. People who aren't getting emails through will change to other providers that work.

What I'd like to see is a lot more press releases and news coverage including an email address autorepsonder setup to check if your provider is supporting domainKeys.

Re:Centralized Email

[DrSkwid]

Where is this magical place where divide by zero *is* possible ?

Re:Centralized Email

[c4ffeine]

You forget about botnets. If I'm not mistaken, some nets have as many as 50,000 machines, and many are supposedly rented out to spammers. If each machine is told "send spam", it will probably take longer, but it will still allow huge batches to be sent out with ease. Sure, you could make it take half an hour to send a message, but then mailing lists will die out (and the spammers will still have the upper hand anyways).

Nice try, but it just won't work as well as one would hope.

Re:Centralized Email

Zombie nets render this kind of anti-spam techniques in-effective, thousands of PC's calculating valid responses is still going to churn out a lot of spam and depending on how complex the server requests are it would be possible to pre-calculate answer lists so each email only requires a lookup.

Hacked computers also make monetary micro-payments less useful since they will use the compromised computer own mail program to spam messages at the users expense.

Not to mention getting the entire internet to switch from a working, if somewhat broken, protocol is very difficult (ie IPv6).

Re:Centralized Email

[Phat_Tony]

There's some huge misunderstanding here about the scheme. Say you're the sender- if you want to include a micropayment insurance policy with your email, you have to go buy one and attach it, otherwise there isn't one. There is no legislation or national boundary involved, and if you didn't go buy one, then your email won't have one, and there's no way you'll be considered liable for one. But if the system becomes popular, people might stop getting your email if you didn't include insurance.

Furthermore, it will be no problem for people with non-spam mailing lists, because people won't collect the insurance, and it will cost them nothing or next to nothing. The micropayment fee for a $0.02 insurance policy would probably be under a tenth of a cent, but I bet places would offer email insurance where there's no charge at all unless the insurance is collected by the recipient. So if the recipient wanted the message anyway, they won't collect on the insurance, and it won't cost the sender anything. If the recipient collects the money just for personal financial gain even thought they'd legitimately signed up for the list- great, they just earned two pennies, and the sender can have anyone who collects automatically unsubscribed from their list so they'll never email them again. I don't think that will add up fast. (Maybe they'll have to add captchas to sign up for mailing lists to stop people from automating the signup of a million addresses or something) Insurance collection would basically serve as an "unsubscribe" link- unless it was worth it to the sender to pay that much to get their otherwise unwanted email through, and then they could keep sending.

So it's impossible to be charged without warning, because you have to go buy the insurance before sending the email. For instance, if I were doing this, I'd probably just have my email client automatically insure all my email at $0.10 or something, because it'll probably always get through, and I just email friends, I don't send spam, so I don't expect any of the payments would ever be collected.

There's a few details I didn't get into, like that the insurance policies clearly need to expire eventually, because you can't let someone sign up for your daily newsletter insured at two cents, and then go redeem five years worth of back insurance coupons at once. Anyway, the whole thing requires no legislation, no changes to existing email standards/infrastructure, no centralized authority except the body that writes and updates the open standard for specifying email insurance transaction formats, it's compatible with current spam filtering schemes, it's entirely voluntary, and open to multiple levels of competition. Plus, economically, it doesn't create any inefficient economic losses due to the inability to send ads when you're willing to pay people as much as they want to be paid to read them, etc.

Re:Centralized Email

[houghi]

Who cares, markets competition will work it out between vendors and consumers.

Just like market competition worked it out on the OS issue, you mean? Say there are 100 (a low number) companies and people doing this. Say even there are 100 in one country and they are all legid.

Soon one will have a bit more money then the other and starts buying the others out. Due to scaling, the more people use it the less its operational costs will be per user.

At one moment that one company will have the majority of emailtrafic. Then it will start to implement other things to 'help' its customers.

Oh and good luck asking people who already violate the law for their money. If I sell fake watches or fake viagra or send 409 scams, do you really think I am botherd if you start asking money from me? I just use some other persons credid card for that as well.

Re:Centralized Email

[Phat_Tony]

The state of OS's is a bizarre exception that's frequently studied in business schools specifically because it is a bizarre exception. There's a bunch of factors involved- Metcalfe's law, software lock-in, shrewd business moves on MS's part, unscrupulous moves on MS's part, idiotic business moves on the parts of IBM, Commodore/Amiga, and others, etc. Still, they don't have a monopoly, there are Apple and Linux, as well as many more exotic minute market share competitors. But just because there are a few industries that at some point have had near monopolies, you condemn any proposed business venture upfront as suffering the unlikely fate of tiny fraction of industries? And what's your suggestion, that we should abandon this market without ever trying it because something could go wrong? You think MS is so bad that we'd be better off now if we'd never made any operating systems and just stopped using computers?

Anyway, there are no network effects or vendor lock-in potential with this, so it would undoubtedly go the way of fast-food, banks, furniture, computers, clothing stores, and almost every other one of thousands of markets- lots of choice, and no potential to charge monopolistic prices because someone will gladly come take your customers away with lower prices, since there aren't compatibility issues and network effects to make people stick with you despite otherwise superior competitive choices.

Your argument regarding cost not meaning anything to criminals is pure BS. Study after study has showed that higher costs to committing crimes (higher chance of being caught, stiffer penalties, more obstacles to committing the crime) reduce crime. This is obviously the case, because there is generally no where near as much trouble with physical mail spam as there is with email spam, largely because it costs at least a few cents to send. You say the spammers just have endless money on stolen credit cards> Well then why are they sending spam, why don't they just keep the stolen money? You think that if spam were made more expensive, so that it costs more to send than spammers make by sending it, they'll go steal more money just to use it to subsidize their spam-sending addiction? Come on- if we raise the cost of sending spam so that it becomes unprofitable, spammers will stop sending spam. If they steal money, they'll keep that money, they won't use it to send spam at a loss just for the fun of it.

Re:Centralized Email

[shanen]

Spammers' perspective of the cost of sending email. What's another 10 million spams if they think their cost is zero? It matters because that's how they 'figure' their RoI. If they get another $39 for their verbal Viagra substitute spammed to the extra 10 million people, then they divide by zero and think their RoI is 'infinite'. Of course, the flaw is that email is *NOT* really free, and millions of other people are bearing the costs for the spammer.

Re:Centralized Email

[Alioth]

Sorry, it has to be done:

  Your post advocates a

(x) technical ( ) legislative (x) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
(x) Mailing lists and other legitimate email uses would be affected
(x) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
(x) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
(x) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(x) Lack of centrally controlling authority for email
(x) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(x) Asshats
(x) Jurisdictional problems
(x) Unpopularity of weird new taxes
(x) Public reluctance to accept weird new forms of money
(x) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(x) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
(x) Joe jobs and/or identity theft
(x) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
(x) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

(x) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
(x) Countermeasures must work if phased in gradually
(x) Sending email should be free
( ) Why should we have to trust you and your servers?
(x) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(x) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Re:Centralized Email

[dodobh]

Or just own more zombie farms.

Wait, they already do. Spammers today control far more computing resources than most of us (unless you work for the NSA or similar).

Hook up a system which deliver mild shocks to a spammer, give it an email interface and have a shock delivered every time a message is received at that address. That will work.

Re:Centralized Email

[Antique+Geekmeister]

I'm going to ignore the difficulties of setting up a micropayment, and focus on the most obvious failure of it: mail-sender security. Given the stunning lack of security on most mail servers, even a properly implemented micro-payment system means that the casual desktop or casual mail server must be secure lest the existing spam zombie installers simply take over the machines and use them to send their own spam.

Re:Centralized Email

[Phat_Tony]

Every single reply I get appears to have not payed any attention to the original post.

This is basically like Paypal. Has the existence of Paypal forced mail servers to be more secure or risk spam zombie installers taking over their machines? No. Emailing someone information that tells them how to collect a payment opens no technical vulnerabilities that aren't inherent in emailing them any other type of information people are already emailing anyway. The email simply contains the address of the micropayment company and the purchase number (or whatever you want to call it) of the micropayment. Your computer checks the URL of the micropayment company top be sure it's a valid one from your list (it starts with http://www.paypal.com/ , or whatever), then it uses something such as HTTP to contact that address and make sure the payment number provided is in fact valid. How does this open a mail server to vulnerability, when your computer parses a URL and checks to see if a payment is valid? Again, this simply automates a process people already go through every day with Paypal and many other online transactions, and I haven't heard of it creating a single exploit yet.

Re:Centralized Email

[Phat_Tony]

Some of those are valid criticisms, but most of the ones you checked don't apply.

(x) Mailing lists and other legitimate email uses would be affected
Less than with any other scheme I know of, and each affect will be on an individual basis between the two parties involved, no third party will be able to affect anyone else's email transaction.

(x) No one will be able to find the guy or collect the money
Wrong. Did you read the system? How often does Paypal or Western Union refuse to pay on a payment they've verified?

(x) Requires immediate total cooperation from everybody at once
Not at all. It can be phased in gradually.

(x) Lack of centrally controlling authority for email
Part of the beauty of the plan is that it requires no centrally controlling authority for email for any part of implementation or adoption.

(x) Open relays in foreign countries
Will have no affect on it.

(x) Asshats
It account perfectly for asshats. That's the whole point, to deal with the kind of jerks who send spam.

(x) Jurisdictional problems
I'm really getting the impression you didn't even read my idea...

(x) Unpopularity of weird new taxes
There are no taxes involved.

(x) Public reluctance to accept weird new forms of money
That's valid.

(x) Huge existing software investment in SMTP
For the umptenth time, SENDING ATTACHMENTS OR EMAIL TEXT DOES NOT REQUIRE CHANGES IN SMTP! It is, in fact, exactly what smtp does.

(x) Armies of worm riddled broadband-connected Windows boxes
Will do what?

(x) Joe jobs and/or identity theft
How?

(x) Technically illiterate politicians
This isn't a legislative solution. People can adopt this unless politicians explicitly outlaw insurance or micropayments or something.

(x) Dishonesty on the part of spammers themselves
How can a dishonest spammer get around this?

(x) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
Since spam is still a problem, no spam elimination scheme has ever been "shown to be practical" beyond theoretically. Therefore, following this objection, none could ever exist. In fact, by this argument, it's impossible to ever solve any problem.

(x) Countermeasures must work if phased in gradually
They do.

(x) Sending email should be free
It is unless it's spam.

(x) Incompatiblity with open source or open source licenses
Did you just choose check boxes entirely randomly?

Re:Centralized Email

[Alioth]

> Some of those are valid criticisms, but most of the ones you checked don't apply.

They are all valid, and here is why.

> (x) Mailing lists and other legitimate email uses would be affected
> Less than with any other scheme I know of, and each affect will be on an individual
> basis between the two parties involved, no third party will be able to affect
> anyone else's email transaction.

They would still be affected. On a big mailing list, the problem of lusers accidentally pressing 'Collect fee' will be enough to cost real money (and it sort of happens already - most people who run mailing lists have had someone whine about spam who actually subscribed).

> (x) No one will be able to find the guy or collect the money
> Wrong. Did you read the system? How often does Paypal or Western Union refuse to
> pay on a payment they've verified?

PayPal certainly seems to have attracted quite a lot of criticism for its handling of customer accounts. Without a centrally controlled web of trust, how are you going to stop repudiation?

> (x) Requires immediate total cooperation from everybody at once
> Not at all. It can be phased in gradually.

Which will be kind of pointless, because everyone else will stick to the free email system rather than use this. How is the critical mass of users going to build if the system is a waste of time at first because hardly anyone participates? Especially as the new system has to compete with the existing one, requiring extra work - when many people already have adequate spam filters provided by their ISP or simply don't get spam at all (my work email address has not received a single spam, there is no spam filtering, and I've had this address for 3 years now).

> (x) Lack of centrally controlling authority for email
> Part of the beauty of the plan is that it requires no centrally controlling ]#
> authority for email for any part of implementation or adoption.

See above (PKI web of trust required to prevent a spammer repudiating their identity to refuse to cough up the dough).

> (x) Open relays in foreign countries
> Will have no affect on it.

If there is no PKI web of trust, they will.

> (x) Asshats
> It account perfectly for asshats. That's the whole point, to deal with the kind of
> jerks who send spam.

What about an asshat who decides he doesn't like Theo de Raadt, joins misc@openbsd.org with 1000 accounts, then collects the micropayment on each of the accounts for a day's worth of traffic?

> (x) Jurisdictional problems
> I'm really getting the impression you didn't even read my idea...

Jurisdictional problems because sooner or later an asshat (see above) will cause a court case to happen.

> (x) Unpopularity of weird new taxes
> There are no taxes involved.

OK, I'll give you this one -- for now. But eventually governments would add some kind of tax to the micropayment system, just like they have sales tax now. It would be too big of a target to not tax if it were ever popular.

> (x) Huge existing software investment in SMTP
> For the umptenth time, SENDING ATTACHMENTS OR EMAIL TEXT DOES NOT REQUIRE CHANGES
> IN SMTP! It is, in fact, exactly what smtp does.

My mistake, this shouldn't have been checked.

> (x) Armies of worm riddled broadband-connected Windows boxes
> Will do what?

Use stolen identities to send mail with someone else's micropayments (i.e. the owner of said Windows machine) as an example.

> (x) Joe jobs and/or identity theft
> How?

See above

> (x) Technically illiterate politicians
> This isn't a legislative solution. People can adopt this unless politicians explicitly outlaw insurance or micropayments or something.

A consequence of the above two.

> (x) Dishonesty on the part of spammers themselves
> How can a dishonest spammer get around this?

Re:Centralized Email

[Firethorn]

Jay, I'll agree with you. It's not really a liberty bill, it's a self defense bill, adjusting law. And I disagree with all the no carry zones. I feel that the locations listed as prohibitied should, like all other places, have the option of banning carry on their premesis. I just think that if they do, they should be responsible for my safety while I'm on the premisis. IE armed guards and metal detecters.

AM, I've read the bill, it seems clear enough, if not perfect. I'd consider the bill much better if it had recognition of other state's permits(I'm a holder of a ND permit), and didn't ban carry in so many areas.

However, law enforcement officials also learn when to use their weapon

I draw your attention to section six, part F:
Knowledge of federal, state,and local laws pertaining to the use of a handgun, including, but not limited to, use of a handgun for self-defense and laws relating to justifiable homicide and the various degrees of assault

The rest of your arguments have been stated time and time again in the other 46 states with concealed carry, including the 38 with mandatory issue. None have proven true.
When CCW passed in Texas, there were howls predicting a "return to the wild west". When CCW passed in Florida, the predictions were that "The streets will run red with blood". The murder and violent crime rate dropped. Road Rage? Do you think that I am going to risk loosing my permit and my right to own a gun over a traffic squabble? Part of obtaining the permit is training on the laws involved.

Tasers and mace are often not effective. A civilian taser is a contact weapon, and has less voltage than the police model. Incapacitation after the shock is very limited, and often not effective against an attacker in heavy clothing. Mace? It's effective only about 50% of the time. Meanwhile, 90% of the time, just the presentation of a firearm is enough to stop the assault. They're a useful option for the police, who still have the option of the firearm when it's appropriate. But criminals will often continue their attack against a taser or pepper spray armed assailent, confident that they won't be killed or seriously hurt.

As for a robber just making off with money, do you really want to take the chance that they're after money only? Remember the bank shooting in Norfolk? None of the victims there had a gun, yet they all died.

Maybe not declining, but simply changing

[chriss]

My spam peaked early 2004 with about 30,000 mails per stuffing not only my inbox, but also my DSL connection. I had a "catch all" option on several dozen domains and most of the spam I received was addressed to non existing mail boxes. Due to my local spam filters very efficient handling of the problem I only started to worry about the situation when downloading all the spam started to take hours and my provider complained about the daily traffic.

The problem with the non existent mail addresses became a large one sometimes in 2003, when enough people had some kind of spam filtering that deflected most of the usual spam. I guess that sometime in 2004 even the last catch all rules have been disabled, so that today simply guessing email addresses will gain nothing for the spammer.

So maybe spam has not really peaked, but there are simply different waves of spam techniques. Some of them rely on mass, others on tricking the filters. We may simply be in a "smart spam phase". A lot of the spam that reaches me today shows the message as a picture instead of text and I have not yet figured out why thunderbird will display those pictures, since I disabled this.

But the article is right in spam becoming something like a background noise. I still have to manually mark about 100 mails per day as spam, but I got very fast in recognizing it and it only takes a few seconds. I'm always astonished if I meet friends whose email address have not been public for more than a decade and who are very annoyed if one or to mails per week pass their spam filter. To me it is like complaining about banner ads. It's just an unavoidable part of the internet ecosystem, like mosquitos.

Chriss

--
memomo.net - brush up your German, French, Spanish or Italian - online and free

Re:Maybe not declining, but simply changing

As long as we're on the subject of spamming, would you mind putting your little link in the sig, where it belongs, instead of trying to defeat those of us who turn them off?

Re:Maybe not declining, but simply changing

[jeblucas]

Offtopic, I know, I know. But I have to agree. I'm AMAZED at the number of people the take the time to type out a signature in the body of the message just so I can see it. I've started FOE'ing for this, it just irritates me to no end. Chriss, I'm sure you're a nice person, and your comment seems well written; but now you know why I'm a "freak".

Re:Maybe not declining, but simply changing

[vertinox]

To me it is like complaining about banner ads. It's just an unavoidable part of the internet ecosystem, like mosquitos.

You know, I don't know about you, but I tend to bring repellant when I go into the jungles we call the internet.

Ad Block

Almost 100% effect and is 100% lethal to banner ads.

Annoyances don't have to be. Well.. If you don't mind the DDT.

Re:Maybe not declining, but simply changing

[aussie_a]

I vote with my eyes. IGN has lost me as a reader, and other websites will as well if they go to IGN's lengths at advertising. If anyone annoys me with their ads, I leave. I don't block their ads, I simply don't read their website any more. If more people did this, there wouldn't be a need for ad blockers, as intrusive and annoying ads would be down at a minimum.

Re:Maybe not declining, but simply changing

[drinkypoo]

If everyone used ad blockers, then no one would be loading the ads any more, and they'd stop using them.

Of course, it would also deprive sites of ad revenue, meaning a lot of sites would simply die, and then where would you find porn?

Re:Maybe not declining, but simply changing

[Schraegstrichpunkt]

I'm AMAZED at the number of people the take the time to type out a signature in the body of the message just so I can see it.

Copy-and-paste is more likely.

Re:Maybe not declining, but simply changing

[chriss]

Ad Block - Almost 100% effect and is 100% lethal to banner ads.

I actually have a problem with ad blocking. I am well aware that a lot of sites depend on income from banner views and clicks. And since they offer their content free to me and I want it to stay that way, I usually do not filter banner ads. This is not a moral question, just a personal decision. I even click on ads if interested. But there is a limit how much annoyance I can bear, so I block pop ups and stopped visiting sites like macosrumors, which seem to try to compensate decline of content by increasing the amount of ads, page reloads, non working links etc.

Re:Maybe not declining, but simply changing

[chriss]

Who gives a fuck what you think of him? Even he doesn't, for christ's sake!

Well, actually I give a fuck and I also think he is right. I didn't realize that putting the sig into the text prevents filtering, and basically he told me about the intended way in a mannerly fashion. So I changed it.

Re:Maybe not declining, but simply changing

[chriss]

Copy-and-paste is more likely

Automatic appending, actually. But no more, since I have been enlightened about the proper application of signatures on slashdot.

Re:Maybe not declining, but simply changing

[madprof]

On P2P networks along with all the other copyright-protected material

Re:Maybe not declining, but simply changing

[vertinox]

I actually have a problem with ad blocking. I am well aware that a lot of sites depend on income from banner views and clicks.

I don't usually block ads unless they become annoying. However because only a handful of companies supply ads and I've blocked *.doubleclick.net and most majors sites. But because of that all sites tend to be blocked.

Personally, I suggest text ads and better business models (sell some t-shirts or ask for donations) other than annoying people by non-related ads.

Re:Maybe not declining, but simply changing

[mgrest]

>If more people did this, there wouldn't be a need for ad blockers, as
>intrusive and annoying ads would be down at a minimum.

If more people did this then sites such as IGN wouldn't exist.

Here, help yourself to some more of that free beer. Who cares, as long as you're not paying, eh?

Oh, while we're at it, you couldn't do me a copy of some of your 3 terrabytes worth of MP3s, could you?

Re:Maybe not declining, but simply changing

[aussie_a]

Of course, it would also deprive sites of ad revenue

Exactly. If all it takes for a site I enjoy to remain profitable is to have one banner ad at the top, who am I to deprive them of that?

Re:Maybe not declining, but simply changing

You changing your mind changes nothing.

Ok, suppose he just made you a foe without telling you why - giving you no explanation and no chance to change anything. What would be the point?

Re:Maybe not declining, but simply changing

[Siberwulf]

Yeah. Sometimes they filter out on incorrect items as well. I had to change the name of my header image on my own website, becuase I put "banner" in the name of image. Norton picked that up and killed the image, even though it wasn't a "ad" per se.

Re:Maybe not declining, but simply changing

[chriss]

Ok, suppose he just made you a foe without telling you why - giving you no explanation and no chance to change anything. What would be the point?

If he had just made me foe without telling why, this would have been a wasted opportunity for me. But he would not be annoyed anymore due to improper signature handling. He actually told me, I changed it, since he had made me foe he could not read it, so I mailed him about the misunderstanding and the fix, he mailed back, now he is a fan. I collected five other foes, most likely due to the same reason without realizing it. They will never learn about it.

I am a very firm believer in diplomacy and discussion.

Re:Maybe not declining, but simply changing

[Guido+von+Guido]

Yes, and the sites which will prosper will be those who learn to advertise unobtrusively. Just because a site is free, no one is obligated to put up with ads that pop up or block half the screen. Pop-up blockers and the like don't work well with their advertising model and may reduce their income, but they can always change their advertising model.

Re:Maybe not declining, but simply changing

[claar]

A lot of the spam that reaches me today shows the message as a picture instead of text and I have not yet figured out why thunderbird will display those pictures, since I disabled this.

If it's like the spam I've received, the picture is displayed because it is an attached image, not a remote one. Thunderbird displays attached images in the preview pane -- you can tell it's an attached image and not part of an HTML body by the horizontal line above the image, or simply looking at the message source (ctrl-U).

Re:Maybe not declining, but simply changing

[chriss]

the picture is displayed because it is an attached image, not a remote one

I don't see a line (Thunderbird 1.0.5 MacOSX), but I see a base64 encoded GIF in the source, so that's it. Any way to get Thunderbird to also ask about these inline pictures first?

Re:Maybe not declining, but simply changing

[tompaulco]

I don't have much problem with relevant ads on a free site. However, when I start to see ads on a site which I have to pay to see, like a support site, or a site for software which I have purchased, then I figure that they are double dipping and can go fsck themselves. I mean that';s sort of like having to pay for cable and then still having to watch commercials. Oh, wait...

Re:Maybe not declining, but simply changing

[teh+moges]

I tend to agree, to an extent. I don't visit sites with ads that make noise or come over the screen. banner and text ads are acceptable though, as they make (most of) the internet free.

Re:Maybe not declining, but simply changing

[zobier]

Ad Block - Almost 100% effect and is 100% lethal to banner ads.

I actually have a problem with ad blocking. I am well aware that a lot of sites depend on income from banner views and clicks.

Adblock has a setting that will let you download the ad but not display it so you still support the site. Someone else mentioned getting false-positives, if you use Filterset.G you'll rerely get a false-positive.

Re:Maybe not declining, but simply changing

[Matt+Perry]

Don't forget to install the Adblock Filterset.G updater.

Re:Maybe not declining, but simply changing

[zobier]

rarely, whatever.

Re:Maybe not declining, but simply changing

[aussie_a]

Here, help yourself to some more of that free beer. Who cares, as long as you're not paying, eh?

But I'm not taking the "free beer" as I don't visit the website. If I used a ad-blocking technology then I would be taking the free beer without paying (paying being viewing the ads).

Re:Maybe not declining, but simply changing

[jlarocco]

I block all advertisements. Even Google's text ads. If a person or company is providing useful content, and they want to make money to pay for hosting or whatever, they can charge me a reasonable amount for it. If it's really useful, I won't mind.

But the idea that I somehow owe someone a look and a few clicks on their advertisements because I'm looking at their website is ridiculous.

Re:Maybe not declining, but simply changing

[chriss]

Adblock has a setting that will let you download the ad but not display it so you still support the site.

Regarding the big picture, this does not solve the problem. Websites can finance themselves by placing banner ads because people actually see (and click) those ads and purchase something, giving the ad publisher revenue which he can invest in banner ads. If you make banner ads inefficient by downloading, but never displaying them, there will be no more initiative to place any ads, therefore removing support from the website again. And I honestly do not believe that T-shirts and donations are a business model for more than a very small number of fan sites.

Of course all this only applies in an "if most people act that way" scenario, but this is how economy actually works.

Re:Maybe not declining, but simply changing

[chriss]

But the idea that I somehow owe someone a look and a few clicks on their advertisements because I'm looking at their website is ridiculous.

This is not about owing anybody, its about common goods. Nobody can force you to drive an environmental friendly car and you owe it to nobody, but it is obviously good if you act in a way that keeps the environment intact, even if there are only long term benefits and maybe short term reduction of convenience. At least as long as you have no proven alternative to the current environment.

Re:Maybe not declining, but simply changing

[sp3d2orbit]

If anyone annoys me with their ads, I leave. I don't block their ads, I simply don't read their website any more.

This strategy isn't too well thought out, it just makes sure that everyone loses. Using an adblocker means that I get to see the content on X site while not having to see the add. I come out ahead and it costs the company a little bit to show me the content. They also don't recoup any of that cost in terms of advertising dollars since I never saw the ad. Overall the company is slightly worse off and I'm slightly enriched.

The strategy of avoiding the site, however, means that no one sees the content or ads. No one is any better off, and no one is any worse off. A better strategy would be a combination. Adblock, and visit, sites that have annoying ads. Don't adblock the non-annoying ads. Viewing non-obtrusive ads on certain sites leaves both you and those socially responsible marketters better off. On the other hand, annoying advertisers will see their costs soar with revenue stagnant. ...and knowing is half the battle.

Re:Maybe not declining, but simply changing

[qbwiz]

So you're saying that I should buy products from companies advertised in banner ads, not because I want them, but because I feel that it is my duty to sustain the market for banners?

Re:Maybe not declining, but simply changing

[krunk4ever]

I feel the same way. I tend to block all flash ads though because those are the most annoying. Also if the ad contains an annoying animated gif, I block those too.

Re:Maybe not declining, but simply changing

[Schraegstrichpunkt]

Eh? What browser are you using?

Re:Maybe not declining, but simply changing

[aussie_a]

But by not seeing the content on the annoying website, I have to then search for the same content on another site, which will have to have better ads. Ad-blocking and pirating software doesn't hurt (too much) the companies you are "stealing" from as it increases their brand recognition. But it does hurt alternatives which may have conditions that you like (such as less ads), but they will have less readers despite this fact, and will either die out or need to load more ads onto their website.

Re:Maybe not declining, but simply changing

[dusanv]

Try browsing with ads blocked and you'll be amazed how much quicker everything is. The slowest part of loading a page usually are the ads and it easily gets very annoying if you are going back and forth a lot within a set of pages. I don't have a problem with ads but I do have a problem with waiting for a page to load too long.

Re:Maybe not declining, but simply changing

[The+Ultimate+Fartkno]

> I am a very firm believer in diplomacy and discussion.

Evening, sir. I'm from the Internet. We're going to have to ask you to leave. We just can't have that sort of talk around here. It attracts the wrong element, you know? Sorry for the inconvenience.

Re:Maybe not declining, but simply changing

[chriss]

So you're saying that I should buy products from companies advertised in banner ads, not because I want them, but because I feel that it is my duty to sustain the market for banners?

No, you should not buy anything you do not want. And its not your duty to sustain the market for banners.

But if you want to buy a product advertised for by a banner you should not NOT buy it because it was advertised on a banner. And it would actually help to sustain the market for banners if you would not decide to ignore all banners by principle.

This is not a question of right or wrong behavior of a single person, its about the average behavior of a large group of people. Its like voting: You are aware that your single vote will most likely not change the complete vote. So in theory it does not matter whether you vote or not. But you know that the whole voting process only works because a lot of people do not think of it in terms of their single vote, but in terms of the votes of all the people.

Banners are similar. Blocking banners will not kill the banner market any more than not voting will disrupt democracy. But this is only true as long as the people blocking ads or not voting are a minority.

Re:Maybe not declining, but simply changing

[eugene+ts+wong]

I haven't been using the friend/foe system for quite sometime, however, you definitely deserved to be friended. Anybody who is this considerate must be worth listening to.

Thanks for your consideration.

Re:Maybe not declining, but simply changing

[wondercool]

Before 1999 the web has numerous good sites, almost all without advertising, chock a block full of good content.

Sites like Slashdot started like that.

More adverts != better sites. It's a fallacy that ads are required.
Don't become a Pepsi, Coke, Apple, Google... drone.

I block every advert and hope the sites that thrive on adverts lose out.

My preference is for sites based on enthusiasm and maybe a small fee if necessary.

That most sites now consider the internet as an extra sales outlet, does not mean I have to agree with it. Hell, if I could block TV ads I would. Actually, BBC Free is sufficient for me, but unfortunately not for other members of my household...

Re:Maybe not declining, but simply changing

[eugene+ts+wong]

1 technique that I've found helpful is to sort them out into folders. For example:
* senders which I know don't exist because they don't have email accounts on our servers
* recepients of the same kind
* username in subject line
* financial, mortgages, etc.
* education
* sex
.
.
.
etc.

The reason for sorting out is that it makes it easier to check if it is spam. You can zip through them much more efficiently, and not get tired.

Re:Maybe not declining, but simply changing

[TomRitchford]

That was a very civilized exchange -- which sent me to the site in the .sig where I'm fiddling with my German vocabulary and will soon work on my French...

Re:Maybe not declining, but simply changing

[Reziac]

It's not the ads I mind. It's the ads that sing and dance, hang up the proceedings while being called from some remote server, jump in front of my face, or are too large thus a waste of MY limited resources (being stuck on dialup). Any of that ilk, I block just to keep from putting my fist thru the monitor. But text ads, small banners, and the like are unlikely to get blocked... why bother if they're not annoying me?

Way back in the early days of banner ads, ISTM there were more interesting ads and fewer obnoxious ones. I even saved a few of the more clever banners.

Re:Maybe not declining, but simply changing

[Reziac]

This is why I don't "foe" anyone. Who knows what they might have to say later on that I want to read? even one of my freaks, I occasionally think has worthy comments. He may not see my replies, but others will, and maybe find something there to discuss.

(I gave up marking friends early on, except as tracking for a few special cases, because there are thousands of people here that I find worth reading, and befriending 'em all was a hopeless task!)

Spam is sorta like our friend/foe/mod system. An occasional shotgun ad (contrary-opinion post) that doesn't try to be deceptive is okay, and may even be informative. Even moronic spams (annoying or just-plain-wrong posts) wouldn't be annoying if they only came ONCE. It's the 10,000-times repeated stupidity (trolling) that makes me want 'em out of my mailbox!!

And here you thought we were off-topic. :)

Re:Maybe not declining, but simply changing

[Malc]

"My spam peaked early 2004 with about 30,000 mails per stuffing not only my inbox, but also my DSL connection. "

and

"I still have to manually mark about 100 mails per day as spam"

So if spam peaked for you in 2004 and this year you're going to see 360,000 spam mesaages, how many spam messages did you actually get in 2004?

On my Yahoo account, Yahoo tagged over 16,000 messages as bulk in 2004. In 2005 it tagged under 12,000.

Re:Maybe not declining, but simply changing

[ggvaidya]

Totally agree. That's the exact reason why, every time I want interesting news on India, I'll check out Google News rather than India's best English newspaper.

Re:Maybe not declining, but simply changing

[4D6963]

"Almost 100% effect and is 100% lethal to banner ads."

Personally, I can't get rid of some text-only banners of Flash ones. Flash ones is the main problem actually

Re:Maybe not declining, but simply changing

[jlarocco]

There is a proven alternative. It's called "paying."

And your analogy is flawed. The internet isn't a common or public good. It's owned by the people who pay for hosting or have servers. They can do whatever they want with their sites, including filling it with advertising.

Like I said, I don't mind paying for useful content, and I think most people will pay for useful content if it's made available at a reasonable price. Though it is a catch-22, because if there's an ad supported page with the same content, I'm not going to pay when I can just block the ads.

The way I see it, it's not my problem.

Re:Maybe not declining, but simply changing

[kerrbear]

I mean that';s sort of like having to pay for cable and then still having to watch commercials. Oh, wait...

Yeah! It's like spending $8.00 on a movie ticket and then having to watch commercials on the big screen before the show.

Re:Maybe not declining, but simply changing

[devonbowen]

If you have a Mac, try AdSanity. It doesn't block ads, it stops animation and "fades" the ads so they blend with the background.

Devon

Re:Maybe not declining, but simply changing

[psymastr]

WTF? Every time the word "ad" is spelled on /. we have to have someone tell us about adblock? Grow up already, we know about that.

Re:Maybe not declining, but simply changing

[Antique+Geekmeister]

You mean dancing and singing ads like www.doonesbury.com, right? That one is extremely annoying. Its volume makes the site unsuitable for viewing on a work break, because that music is so irritating.

Re:Maybe not declining, but simply changing

[Viper+Daimao]

Try Ad Block Plus It has a whitelist feature. Also works with filterset.g

Re:Maybe not declining, but simply changing

[WuphonsReach]

I draw the line at intrusive ads. Any ad that pops up windows (browser or DIV tags) or makes noises gets the block. If the ads are well behaved and don't annoy me, I have no problem letting them through.

And I'm just using a custom hosts file with maybe half a dozen entries.

Re:Maybe not declining, but simply changing

[Reziac]

[goes to look] EEEK!! Good example of why I *prefer* using old Netscape 3, with no plug-ins, and with both javascript and images disabled. That site tried to foist 6 MEGS of Flash ads on me... yeah, that's real pleasant on dialup, good thing I didn't go there with all the bells and whistles active, eh?

So I'll never see their ads. But if they'd put the same info in a text box, I'd probably see it, maybe even read it, and possibly even follow any included links.

Same for spam. Most tries to get my attention by either poking me in the eye or clogging my inbox, no wonder it's unwelcome. But maybe once a month I get one from some legit Chinese manufacturer, in plain text with nothing but a polite "Hi, we make this" and a link to their product site. They never send more than one such message, and the message itself is very small. No reason to block those, in fact some are actually interesting or useful. If all unsolicited email, indeed if all advertising was this polite, we'd have nothing to complain of.

Insert...

[bod1988]

millions of anti MS remarks here.

Words Matter

[American+AC+in+Paris]

When you're talking about news sources, an "article" is something substantively different from an "opinion" piece. Articles are (ostensibly) researched and based in demonstrable fact, whereas an opinion piece is just that--opinion, nothing more or less.

As it stands, this is simply an opinion piece, and is labeled as such on the Observer's website. Apart from a loose reference to remembered statistics on the website of a company that sells spam-filtering software, there's nothing in the way of solid evidence to support this guy's claims. What's more, he asserts that things like phishing mails and penny stock solicitations somehow fall outside the realm of "spam". He further goes on to claim that the "new wave" of spam won't actually last, because things like penny-stock spam "rely on credulousness"; he basically asserts that common sense will prevail against the "new" spam where it failed previously. I seriously doubt that the same caliber of individual who falls for the Nigerian e-mail scam will somehow be immune to the siren call of the "penny stock" scam--which, incidentally, has been around for years.

While the author has some valid points, I think he's drawing conclusions on bad assumptions and gut reactions, not hard data.

Re:Words Matter

[pilkul]

I wonder, too, if most spammers actually manage to turn a profit out of their stuff. I've heard many people say, "well some people must send money to the spammers, or they would give up", but I'm not so sure.

Small-time white-collar crooks like spammers tend not to be too bright, and are always trying harebrained schemes to get rich quick. I think it's perfectly possible that most spammers spam just because everyone else is doing it, and they wrongly believe it's an easy scheme to make money.

Re:Words Matter

When you're talking about news sources, an "article" is something substantively different from an "opinion" piece.

Actually, they're both articles. One is a news article, the other is an opinion or editorial article. So long as the word "news" is not in front of it, it should not be assumed to appear in the news section.

Article simply means it's a piece of nonfictional prose writing. It has nothing to do with whether it's opinion, news, or feature article.

Re:Words Matter

[Ryan+Amos]

I don't disagree with you about the "article," but spammers are finding it increasingly difficult to get messages past spam filters to people who are ultimately less receptive to it anyway. My SpamAssassin filters block out probably 4-5000 messages a day and maybe 5 or 6 a day get through and are just deleted by the end user. With this level of effectiveness from such a commonly used filtering setup, it wouldn't surprise me if the volume of spam started decreasing because people no longer see it as an effective marketing tool.

Google AdWords is basically just as cheap and reaches a much more targeted (while still enormous) audience. AdWords also has the benefit of not pissing off your customers by flooding their inboxes with crap. Not astroturfing or anything, but if I was going to spend $100 on advertising, I think AdWords would be a better use of my money than spam.

Re:Words Matter

[deathguppie]

I think he's drawing conclusions on bad assumptions and gut reactions, not hard data

It's just funny to me when someone responds to someones unsupported opinion with thier thoughts on the matter. Not that I dissagree with you. Infact, I think you are entirely correct!

Re:Words Matter

I have a feeling its not so much the recipients sending them money as it is companies paying them to do these mass mailings for their supposed products/services.

Re:Words Matter

[jazman_777]

When you're talking about news sources, an "article" is something substantively different from an "opinion" piece.

When reading the New York Times, how do you tell the difference?

Re:Words Matter

[WolfWithoutAClause]

Yeah, but on the upside, detecting that kind of stupidity with software filters isn't as hard as you might think. They tend to use give away phrases like 'opportunity of a lifetime!' 'make money fast' etc. etc.

Re:Words Matter

[coljac]

Unfortunately, I know someone who works or worked for a spamming operation. They were awash in cash. Perhaps just a few big outfits are making money - who knows? But you'd have to think that, like the Nigerian 419 scammers, too many spammers are treading on each other's toes and destroying their own market.

Re:Words Matter

[damneinstien]

"I seriously doubt that the same caliber of individual who falls for the Nigerian e-mail scam will somehow be immune to the siren call of the "penny stock" scam--which, incidentally, has been around for years."

I fell for both you insensitive clod!

Re:Words Matter

[Pecisk]

You hit the nail on it's head.

They _are_ crooks. And they certanly aren't smart people, because, well, they overflood us with spam and then they hope we won't fight back? If they have cept their ammount low level, they would somehow get away with moderate protection and all. But so forcefully push to people accept spam resulted in big resistance, like laws, cases against spammers, better tools, etc. Yes, it was annoyance for some time, but for example all my three mailboxes are getting EXCELENT spam protection - Evolution with SpamAssasin turned on (SA was quite a memory sucker in previous versions, now it works just fine), work mail who is going trough OS X 10.4 (which has also SpamAssasin/ClamAV built in and have a nice configuration interface) and lands on OS X iMac II who has Mail program with spam protection too (who also works, no more no less). And in the end, for webmail I use gmail, which handles and fights with spam quite fine.

So what is the result? In reality checking, spammers brought an end to their business - common people get aware of the problem, they getting suspicious about their computers when they get slower and slower - there is no more urban legend that it should be and you have to buy new procesor or additional memory.

They are stupid and annoying (additionally - stupidly stubborn). Is the second twos which brothers me.

Re:Words Matter

[Mugros]

Look at what amount of profit some known spammer make.
And if you wonder where it comes from... search for the rate that people react to spam messages and advertised products. This rate is especially high in the US. (Well, most spamvertised products are useless outside the US). Compare the rate with the amount of sent emails.

Conclusion: If people would stop to react to spam emails spam would be much less.

Someone Forgot To Tell The Spammers

[ackthpt]

In the past 72 hours I've got over 300 spam which got past my ISP's spam filters. 98 yesterday alone. When I clean out the spam trap for my mail account it still has thousands piled up in there I need to erase.

Nostadamii these people ain't. A little logic may explain the diminishing amount of spam by their measure, such as changing behaviour on the internet. I find much of it is directly linked to postings on USENET groups, some of which have seen floods of cross-posting trolls. Some newsgroups seem to be dying out, others are flourishing. I expect the spam is quite targeted, as some is obviously tied to the newsgroups I've posted on.

virii, virii, virii! muah ha ha ha haaaa!

Re:Someone Forgot To Tell The Spammers

[pilkul]

Usenet is such an old and well-standardised technology that all the address harvesting programs have support for it. You are opening yourself up to massive spam if you make so much as a single post there. It's not really representative of the state of most of the Internet.

Re:Someone Forgot To Tell The Spammers

[Threni]

> You are opening yourself up to massive spam if you make so much as a single post
> there

I post to Usenet all the time, using an unobfuscated email address and I don't get any spam, so either what you're saying is no longer true, or gmail's spam protection kicks ass!

Spam is dead for me.

[dada21]

I've had an e-mail address for over 15 years. My spam in the past 2 months is less than I had 10 years ago.

I post my main address unobfuscated on /. and 25 other public forums. My signal to noise ratio is 100:1. In 5 days I received about 200 real e-mails and 3 spam.

I gave up hosting my own e-mail late last year. I moved all my employees and family to gmail. I'm saving $4000 annually in labor and maybe $4000 in hardware, software and bandwidth.

With giving up my corporate domain name address I'm giving up headaches and spam.

Try it, you'll love it.

Re:Spam is dead for me.

[captain_craptacular]

I did the same and get so little spam it's not even funny. I use both gmail and yahoo and both are excellent at rooting out the spam. The one difference being that I get a small amount (couple times a month) of Yahoo spam on the Yahoo account, which is a small price to pay for free email. I don't remember the last time I considered spam a serious problem.

Hows that for a useless "me too" post?

Re:Spam is dead for me.

[Cheapy]

You switched to a service that will archive all e-mails?

Hope you don't decide to follow Enron :)

Re:Spam is dead for me.

[dada21]

Hows that for a useless "me too" post?

No such thing if its for a minority opinion :)

Re:Spam is dead for me.

gmail for business? so, to you, email is not mission-critical? what about downtimes? even gmail might have them. what do you do in this case? oh, and what about google scanning your work-mail? don't you have some sort of "secret" or such mails? sheesh

Re:Spam is dead for me.

[drinkypoo]

I, too, use gmail. Like you, my address is on my slashdot account. Unlike you, I get about three to eight spams per day. I consider this to be pretty fantastic for an address plastered all over the internet...

Re:Spam is dead for me.

[amitola]

I've had an e-mail address for over 15 years. My spam in the past 2 months is less than I had 10 years ago. I post my main address unobfuscated on /. and 25 other public forums. My signal to noise ratio is 100:1. In 5 days I received about 200 real e-mails and 3 spam.

Me too, me too, me too. Except that 3 spam in 5 days would be unusual for me.

I gave up hosting my own e-mail late last year. I moved all my employees and family to gmail.

Oops, not me too. I still run my own mail on my own domains and have given up nothing. I didn't have to turn over the storage and routing to some distant corporation (even though it's maybe not so distant for me, I work at Google). It's called server side Spamassassin. Mix with sendmail, postfix, or Exim, season with procmail, it's really not that hard. At least not for somebody that was already running mail servers on their domains. There have been good times and bad times in the last 10 years' arms race with spammers, but for now, spam is a solvable problem.

Re:Spam is dead for me.

[zeroduck]

I was thinking it'd be wise for Google to do a gmail appliance, much like their search box. Easy for a customer to brand the interface, and use their own domain. Hell, even make it tie into existing enterprise products. I'd think something like that would be a cash cow for google.

Re:Spam is dead for me.

[dada21]

E-mail should never be mission critical until the protocol "standardizes" priority return-receipts and failsafe addresses better.

I have a 1-900 number for mission critical phone calls. We charge more for e-mails sent to us than non-emergency phone calls, so my customers tend not to e-mail things.

My secrets are in my head. I don't write them down.

Re:Spam is dead for me.

[Buran]

I wouldn't buy from someone whose corporate address is run out of a free web-based email service. If a company can't bother to have its own domain name or is blatant about using free-mail for its official corporate functions, then they appear no better than the stereotypical pimply kid running a business out of his parents' basement. I don't know how many customers bypass you because of this amateurish idea, but I know I would.

Why not register a domain and have all the corporate email addresses just forward everything to the corresponding gmail account? (you say you gave up your domain, so I'm guessing you're all joeblow@gmail.com). It would look a lot more professional. Domains are so cheap these days that there's not really an excuse to continue to use amateur-appearing tactics. You'd probably be better off with this compromise, or a similar one.

Re:Spam is dead for me.

[dada21]

I bet we'll see it.

Set up your MX-record to yourdomain.gmail.com. Set up POP3 & SMTP to the same. Set up A-record for mail.yourdomain.com to some gmail server's IP. Send e-mail to initialize@yourdomain.com. Wait 24 hours or less :)

Google can brand it and stick ads in the AJAX interface.

Re:Spam is dead for me.

[cp.tar]

Yeah, but did Netcraft confirm it?

Didn't think so.

/ducks

Re:Spam is dead for me.

[DesertBlade]

Gmail for a business account is un-professional. If I receive an email from a gmail account expecting an email from a business I would ignore it.

I use gmail for my business but I forward it through my web host email server. You can go under settings and then accounts and add another account. It allows you to send and email as another account through Gmail. Most web hosting charge under $3 a month to host a email server, and many include it with web hosting free.

Re:Spam is dead for me.

[dada21]

I don't know how many customers bypass you because of this amateurish idea, but I know I would.

We turn away 2 out of 3 calls for our services. We're likely in the top 10 of all businesses in our market in Chicago. I personally have consulted on 60% of the high rises built in the past 5 years in the city.

I'd likely turn you away and call your competitor in a heartbeat over such a stupid statement. Our job is to save our customer a guaranteed $1.50 for every dollar they pay us. Guaranteed or I pay it. Most save $3-$4.

My customers love that I've saved my company $8000+ per year switching to gmail. One of my customers is the second biggest contractor in his city, he's switching to gmail. He'll save $45,000 a year.

It would look a lot more professional.

But I don't look professional. I wear shorts, I have rockstar hair and I'm loud." My work is why I'm hired, not my "look."

Come visit us, I'll take you out on my daily work. You'll see customers who smile when they see me or any of my employees. Why?

They save fortunes. So do I.

Re:Spam is dead for me.

[Buran]

Where did I say that everyone has the same standards as I do? I didn't. I don't care if you'd call me stupid for actually expecting professionalism, for actually expecting people on the internet to not call people "stupid" for disagreeing with something they post on an anonymous discussion site. How professional is that? It just makes you an asshole. I'd hang up and call YOUR competitor in a heartbeat if I asked you a question, you didn't agree with my reply, and you called me stupid.

I just happened to want to make a polite suggestion and I got called stupid. Way to go, asshole. I'll bet you don't pull that shit on your actual paying customers. Because, you know, that would be stupid.

Re:Spam is dead for me.

[dada21]

Gmail for a business account is un-professional. If I receive an email from a gmail account expecting an email from a business I would ignore it.

We're switching 3 big companies from Exchange to gmail.

They'll save $100,000+ annually.

They'll have access from their cells.

They'll have reduced spam.

Vanity domains are a commodity for spammers. Gmail polices their network nonstop.

Professional? That title comes from doing your job ahead of time and under budget.

Re:Spam is dead for me.

[Tony+Hoyle]

Ditching exchange is good. Replacing it with gmail??? Bloody stupid.

I for one would not do business with a company that used something like gmail for its address.

Re:Spam is dead for me.

[dada21]

"Professional" doesn't mean a pretty logo or business card or domain name.

Professional means doing your job ahead of time and under budget.

No offense needed, though. Sorry.

Re:Spam is dead for me.

[nwbvt]

"We're switching 3 big companies from Exchange to gmail."

Unless you work for Google (in which case you should have mentioned it before you started this thread) that is almost certainly a violation of their Terms of Use.

Re:Spam is dead for me.

I agree!

Re:Spam is dead for me.

[Jaknet]

You wanted to make a polite statement.......... Sorry but ..If a company can't bother to have its own domain name or is blatant about using free-mail for its official corporate functions, then they appear no better than the stereotypical pimply kid running a business out of his parents' basement. I don't know how many customers bypass you because of this amateurish idea

Pimply kid running business out of parents bedroom... amateurish.... cannot bother.

Hardley polite and I thing you deserved every comment

Re:Spam is dead for me.

[jaseuk]

If you forward your mail into your gmail account, the spam checkers don't work anywhere near as well or even at all, google must rely heavily on blacklists.

So this approach doesn't work very well at all.

Jason.

Re:Spam is dead for me.

[rhandir]

I have had good luck with this approach, actually. Spam does get through...to my "spam box" in gmail. Marking it with spamassasin before forwarding did seem to help. -r.

Re:Spam is dead for me.

[ares284]

Yep, it would be a violation:

  Personal Use Only

The Google Services are made available for your personal, non-commercial use only. You may not use the Google Services to sell a product or service, or to increase traffic to your Web site for commercial reasons, such as advertising sales. You may not take the results from a Google search and reformat and display them, or mirror the Google home page or results pages on your Web site. You may not "meta-search" Google. If you want to make commercial use of the Google Services, you must enter into an agreement with Google to do so in advance. Please contact us for more information.

http://www.google.com/terms_of_service.html

-Ares

Re:Spam is dead for me.

[mythosaz]

It's also pretty bad for their business, as Google gets to read all of their business mail, they can never delete any, and even if they have a data retention policy, Google's superceeds it.

It's a pretty phenoninally stupid idea, and I can't belive any legal department worth its salt would agree to allow that to happen.

Also, as others have pointed out - your mail will seem...unofficial. Any fool can get a *real* gmail address. You can't get a real email address on my domain without a little work.

How will your companies -- who already have working Exchange infrastructures and EXISTING KNOWN EMAIL ADDRESSES -- maintain any confidence in their email transactions.

Wait...I know the answer :)

Re:Spam is dead for me.

[Mugros]

And you don't care that all your business correspondence will be able to be read by Google? If i were a customer i wouldn't want another company to get insight in confidential email i send to a company i am doing business with.

Re:Spam is dead for me.

[Tech]

You don't even necessarily need to give up your corporate domain name email address to get the benefits of Gmail. (I guess, depending on how much email you are handling.) I have my own private domain name with DNS provided by zoneedit.com (free for small time users such as myself). They also have an email redirection facility which I use to redirect everything into my Gmail account. Result is I get to use my personal email address, with all the benefits of Gmail's filtering. You can also tell Gmail to use your personal email address as your return address if you want to. I then run Mercury/32 mail server on my laptop, which periodically downloads mail from Gmail via POP3* and sorts it out into individual mailboxes for all my family members.

[*] Gmail insists on SSL connections for POP3 downloads, which Mercury/32 can't do, but I worked around that by using stunnel as a mediator.

If anyone wants more detailed information on how I set this up, reply to this and I'll see what I can do about writing it all down. I've been meaning to do that for a long time anyway.

Re:Spam is dead for me.

You're either lying, or stupid, or both. How any company could think of switching to a free email system and not know the legal implications is beyond me. If they're spending 100k a year, they can afford it or have the ability to lower costs by more effectively using the their applications/hardware.

Less spam

[hcg50a]

I get less spam now than I used to, but I assume that is because my ISP filters a lot of it.

I report all of it to SpamCop.

Nothing To See Here

except an endless stream of adverts for the same ol' same ol' tacky world of finance, medications, beggars blah blah blah

its so predictable, yet not (or we would of eliminated it)

Web 2.0 says no friggin way

[tiltowait]

Anyone with a comment-enabled blog knows that e-mail spam is small worry compared to comment spam, Splogs and the like. Wikis and the like are vulnerable to spambots as well.

Re:Web 2.0 says no friggin way

[krack]

Mod Parent Up.

I host several personal blogs for friends of mine, and I've had to tell them to turn off the 'recent referrers' sidebar because of bots hitting it with commercial referral pages that have nothing to do with the content of the blogs. It isn't traditional googlebombing, as the link text is just the URL, but they are still annoying.

At least they haven't started to write their own comments with links back to their own sites. Yet.

Re:Web 2.0 says no friggin way

How hard is it to do what /. does? Make someone type out a word displayed on an image (for example, I have to type out "biotic") to prove that they're not a spambot.

The moment I did that, my comments spam went from 20 a week to maybe 1 every three months.

Far more harder to get spam when it requires someone to be physically at a terminal to type it out each and every time. Possible, yes, but chances are, cost-benefit is not in the spammer's favor. Soon as places like blogger get that figured out, spam in comments will die out. Anyone who knows anything about Wordpress has practically eliminated that spam.

Re:Web 2.0 says no friggin way

[jroysdon]

Comment spam is exactly why I switched to WP. I'd been using an add-on module with MovableType to help filter it... mt-blacklist. But then the maintainer stopped hosting/taking input for the blacklist. WP is a bit different and take some figuring out compared to MT, but the user community is there, and it's a great solution. I'd been wanting to switch from MT (not free) to WP (GPL) for some time... but as WP was working, I hadn't bothered to switch.

Re:Web 2.0 says no friggin way

[Kremit]

I've started getting a lot of this crap on the few blogs I host and some contact-form pages as well. The best way I found to take care of this was to (a) serve up a cookie on the blog page, then check for this when a comment is posted -- this blocks the basic script spammers, which don't support cookies; (b) only allow comments on a new blog post for 7 days -- I started getting spammers hitting the blog post about 10 days after it was posted. YMMV. What is really needed is some sort of accessible CAPTCHA feature... or the easiest way, just require people to login securely first, with one login allowed in a set time period.

Spam is Dead

[TecKnow]

For marketing purposes no one receives 'spam' anymore, now they receive 'supper surprise funmail!' it tests much better focus groups.

Re:Spam is dead

[Antique+Geekmeister]

The small amount of spam you see also means that GMail and Thunderbird are having to do more and more shoveling for you. There is almost nothing in place now that actually discourages spam: the filters merely decrease its effectiveness in reaching customers. But the cost of sending spam is so low, and its normally modest rewards enough, that it's still believed to be profitable, especially for thieves who don't face the costs of really doing business.

So the amount of spam has been continuing to increase, and will continue to increase. The problem is a social and economic one: there is far too little actual cost for spamming. And there's no cost to the ISP's for allowing spam, only for delivering it, so they continue to sell accounts to the spammers. Take a good look at what happened with Cyberpromo and agis.net for an example of how and why an ISP will continue to sell connectivity to a known spammer.

I don't recieve less spam

[TedTschopp]

I view less spam thanks to the wonderful filters infront of my email client.

Re:I don't recieve less spam

[willfe]

Oh, believe me, you still receive them, you just don't see them. Somebody's still paying for all that cruft to be transported safely to your filters.

Having said that, spam filters do make e-mail more pleasant these days :) My gmail account gobbles up thousands of spams per week.

Is spam dead?

[Black+Parrot]

Maybe if you don't consider phish to be a kind of spam. That accounts for 90% of what gets past my filters these days. (And I suspect that that's because of the distribution of message types, rather than a problem with the filters.)

It depends

[PIPBoy3000]

There's lots of factors.

At work, I get very little spam. My company's filter, coupled with SpamBayes with a year of training does extremely well. The bigger problem is that I occasional miss e-mails that vanish in the ether.

With my GMail account, about 30% of my e-mail is spam that gets through. I'm hopeful that number will go down with training or Google tweaking their service.

It does seem that the days of getting wildly pornographic images in my work e-mail are long gone. Sniff.

Re:It depends

[kfg]

The bigger problem is that I occasional miss e-mails that vanish in the ether.

Because you are not actually receiving less spam. You are seeing less spam because you are filtering it.

The net still sees the whole lot.

Throwing junk snailmail in the trash doesn't mean the carrier didn't have to haul all that shit around and put it in your box.

KFG

Re:It depends

[PIPBoy3000]

True.

My hope is that as spam becomes less effective (e.g. it gets to few people and fewer people take action based on it), the spammers will start giving up. The problem is that sending spam is so cheap, it's hard to do anything as cost effective.

Re:It depends

[Robert+The+Coward]

As an admin Wednesday I blocked 65,000 Spam attempts (Rejected). Caught about 4000 Spam and received about 20,000 Real emails from the inet I can tell you that spam hasn't really slowed down if anything it has tripled for me over the last year. I am getting better at keeping it away from my users with greater and greater hardware processing requiring to process the mail.

Robert

Re:It depends

[Dunbal]

The problem is that sending spam is so cheap, it's hard to do anything as cost effective.

      I dunno, ammunition is pretty cheap, too...

Re:It depends

[jaseuk]

Give greylisting+spf a try. You lose a few messages from retarded mail servers and a slight delay in receiving messages from a sender the first time, otherwise stops virtually all spam and viruses dead and is very lightweight.

You don't need to train anything in order to get it working and is excellent for large scale deployments with lots of users as they don't need to do anything in order to get 100% out of the system.

I measured performance recently by manually filtering two days mail to approx 1200 mailboxes, over 9000 manually messages. NOT a single SPAM and only 3 fraud mails and only 4 e-mail viruses that were detected by additional measures further downstream.

What is also interesting is that once you've been successfully blocking virtually all SPAM for a while, you tend to receive a lot less of it. If your users are not triggering the web bugs or clicking the links then your are targetted by spammers alot less.

Many people are skeptical about greylisting due to the fact that some mailservers are broken and do not work well with it and also the fact that a delay is added onto messages. For the first complaint, at least the same people will be blocked so you will have some chance of detecting the problem and at least it will be consistent, compare that to content matching techniques which will mislabel random messages all over the place. The message delay in practice is not really a problem either, very few users have even noticed the delay as it in most cases it's only a few minutes long and it is only for the first message. People who are being very impatient tend to try sending the message again, this usually forces the mails to arrive quite promptly.

Jason.

Spam can't be forced out.

[gasmonso]

The ONLY way spam will go away is if stupid people stop buying the products advertised in it. If spam pays, they will find a way to send it. That's the bottom line.

http://religiousfreaks.com/

Re:Spam can't be forced out.

[Mr_Tulip]

Consider a newcomer to the internet, they have probably never used a PC before, and as yet, knowing how to "google" things, how to recognise spam etc., is not in our genetic knowledge, and they have not had time to acquire it.

The only way we could ensure noone buys spam, or at least, to minimise it is to require a license to use the internet, on an international scale. Seeing as that ain't gonna happen, and rightly so, marketers and scam-artists can safely rely on this demographic to provide their sales.

Re:Spam can't be forced out.

[FuzzyFox]

So your solution requires that stupid people stop being stupid.

We are doomed.

Re:Spam can't be forced out.

[Dunbal]

is to require a license to use the internet...

      Would that include different types of internet license?

      Class A - academic searches only
      Class B - all of class A plus news, lifestyles
      Class C - all of class B plus entertainment
      Class D...

      Class XXX - restricted to porn only (requires a complete physical exam first).

Re:Spam can't be forced out.

[Mr_Tulip]

Class Zero - How to recognise and differentiate between spam and legitimate advertising. Cost of class: Free. Brought to you by Microsoft, Pepsi and Crazie Charlie's Chicken Shed Restaurants Co Pty Ltd.

Well, Duh!

[Shadow+Wrought]

You ever try to get live pig parts into a can that small? I think not.

Anecdotal evidence...

[captainclever]

*checks inbox*

Nope, spam isn't declining for me.
Wtf is a "Penis Launcher" anyway? :|

Re:Anecdotal evidence...

[kfg]

Wtf is a "Penis Launcher" anyway?

Hold on to your pants, buddy, you're about to find out:

10

9

8

7
.
.
.
.

KFG

Re:Anecdotal evidence...

[ceoyoyo]

Yeah, even declining doesn't mean "dead." Spam will be dead when I can turn off Apple Mail's filtering and seeing a spam in my inbox is an event. Too bad the world wouldn't just get some critical thinking skills, then we could get put a serious dent in all the stupid advertising, not just the spam.

Apple Mail's spam filter works great though. My only false positive ever was a message from the university but they were asking for money, so I can understand Mail's point of view. ;)

Spam really is dead!

[Noryungi]

Rejoice! And while we are at it, we have some fantastic investment opportunity for you, as well as dirt-cheap brand name software, the cheapest meds you'll ever find, (including potency meds, hint, hint, nudge, nudge) and the addresses and phone numbers of thousands of sexy singles in your area!

So don't hesitate and click on this link NOW! You won't regret it, your satisfaction is guaranteed and your personal data is safe with us!!

Gotten More, but Seen Less

[chill]

The spam that *tries* to get to my mailbox has been on an ever increasing curve for years. It did not slow down in 2005, nor in the first part of 2006.

However, the amount that actually makes it to my inbox has dwindled to maybe 1 or 2 a month. Spam filtering technology has outpaced and outperformed the spam sending technology beginning last year (IMHO).

On the other hand, I have not noticed an serious change in the spam algorithms in the last 6-8 months. It may be that there is a sufficient number of unguarded mailboxes so those that have protection aren't worth the effort.

Yet.

  -Charles

Re:Gotten More, but Seen Less

[lumbercartel.ca]

> ... It may be that there is a sufficient number of unguarded mailboxes
> so those that have protection aren't worth the effort.

I doubt it. Most spam filters work on eMail messages after they've been successfully received by the target system, and as far as the spammers are concerned this equates to a successful delivery (note that irresponsible filters will generate a bounce/warning to the trivially-forged sender's eMail address).

The only time the spammers even know about this is if they even care. Usually they don't, but that never stops them from trying again. For those spammers that are interested in knowing how many messages in their spamruns failed, they'll see the SMTP rejection codes that normally occur during the SMTP Envelope stage, but this functionality depends on the spamware that they're using.

Bell curve

[Tango42]

"I guess I exist outside the bell curve on this one."

What? The whole point of a bell curve is that extremes are possible. If you're accepting that spam follows a bell curve then your single data point is competely meaningless. A bell curve isn't a trend that you can follow or not follow - it's a distribution.

Re:Bell curve

When something is exaggerated to the point of being impossible, it becomes a joke. Much like "It's so cold in Canada we can see icicles on the Sun".

Re:Bell curve

[Tango42]

Exaggerating means increasing the degree of something (coldness in your example). Mis-using a word like the editor did is not exaggerating, it's just wrong.

Yes

[smartin]

The reduction is do to the very effective CANSPAM legislation (snicker).

Article interprets data wrongly

[silsor]

The Postini site that the article cites as showing that spam volume has increased 20% over a few years actually says, on its stats page, "Spam activity has increased over 65% since January, 2002". Additionally, the article author used a single moment to make his predictions, rather than checking out any statistical trend.

Re:Article interprets data wrongly

[silsor]

Sorry, the first "increased" in my comment should read "decreased".

Invalid association

[Toby+The+Economist]

Someone big says something big will stop soon.

Something big begins to slow down.

Invalid conclusion: the two are associated.

Useful thought: maybe it would have slowed down by itself.

(I think spam must eventually tail off, because it operates on the basis of effort vs profit; as spam increases, I suspect the value of an individual spam decreases; it's not a stable system. In the end, the volume of spam should therefore level off, entirely without outside intervention.)

Gates Quote

[Animus+Howard]

"Nobody will ever get more than 64,000 spams."

Re:Gates Quote

[ceoyoyo]

Per minute. Don't forget to use complete units. ;)

Re:Gates Quote

[ch-chuck]

With one old version of Outlook, I started getting strange, scary, cryptic error messages. Then I noticed the folder they were going in had 16383 messages in it and figured they'd only allocated 14 bits somewhere.

Re:Gates Quote

[slavemowgli]

It takes me less than two months to amass that much. :) And my spam rate's gone up from about 150 or 200 a day in June 2004 to 1000-1100 a day nowadays - so I definitely can't confirm this journalist's conclusions.

Re:Gates Quote

[cheaphomemadeacid]

*cough* 65536 you mean

Re:Gates Quote

[Jonathan_S]

With one old version of Outlook, I started getting strange, scary, cryptic error messages. Then I noticed the folder they were going in had 16383 messages in it and figured they'd only allocated 14 bits somewhere.

I ran into that too. I failed to empty my deleted items for a couple months, and my spam rule failed because it could no longer delete the mail because deleted items was full.

(Not that the error message told you that. It was, as you said, cryptic)

Re:Gates Quote

I guess you mean 65536, unless you work for some HD manufacturer...

I've not noticed a decline

[erick99]

My gmail spam folder holds 30 days worth of spam. It steadily goes up over time. For a while it was holding about 24,000 but it recently jumped to nearly 26,000. I don't get much spam in my inbox as the gmail spam filters seem to work well (my ten year old email account that I used before gmail is forwarded to my gmail address).

Mea culpa

[Vainglorious+Coward]

You're totally right, I should have written "piece", not "article".

/me lashes self

It's Still There

[pipingguy]

Although Thunderbird catches 95% of the crap in my inbox (I'm up to about 200 junk emails per day) and I've trained it, a few get through. The ones that get though are almost always good-sounding terms jumbled into a "sentence" (sort of like some Slashdot replies). What's the point of that?

Is this designed to poison the filtering? Why bother?

But Postini sezzzzzz!!!!!

[scaryjohn]

From the article:

Yet the amount of spam seems to be declining. Postini (www.postini.com) keeps real-time data on the amount of spam it stops. A few years ago, it said spam made up around 80% of all the email circulating. When I looked last week the figure was about 60%.

Or maybe this one application / website (the only source cited for concluding spam is down) is just letting more spam get through undetected...

Re:But Postini sezzzzzz!!!!!

In fact, at Postini web site they say "spam activity has increased over 65% since January, 2002".

Maybe there is something ot all of this....

[slashslashdotdot]

...well I am taking a different approach.
I am going to buy some "ultra hot" OGX stock and send it to Nigeria so Umbatu can buy some "V|agr@" for "p3n|s ennlarginating". Embrace the evil. Embrace it!

Spam is dead?

[XL70E3]

I received less than 10 spam mails a day during the last year, and that is a big improvement over the previous years, i could receive something like 30-50 a day in my hotmail account alone. With my yahoomail account, almost no spam since i susbscribed(~3 years) it stayed the same. So hmm, it has been improved greatly i would say.

almost dead, well caught at least.

[CDPatten]

Since the latest Exchange Service pack introduced the upgraded spam filter I get, maybe 1 spam email, every few weeks. It seems to catch them all and put it in the junk-email folder. Only one false spam id so far. Spam still comes in, but it never gets in my way... not to mention it doesn't cost me anything extra for the filter so I'm pretty content.

I know you guys are going to flame (like usuall) for saying anything that is pro-ms or suggests they did a decent job, but could we at least reserve the flames to people who have actually set it up and used it? Thanks in advance.

-C

Want to stop it?

[SCHecklerX]

Yes, this does take some work, and no it isn't for everybody. But this has totally eliminated all spam to my inbox (mostly due to greylisting, I think)

1. Get a high speed connection
2. Use some dyndns service, or register your domain, or get a business class line.
3. Set up a sendmail server
4. Use mimedefang, spamassassin, and milter-greylist
   • set up the greylist for 5 minutes or so. Spammers don't retry.
   • discard obvious stupidity in your mimedefang filter(no '.' in helo argument, trying to say they are you in the helo, helo is RFC1918, sender is on spamhaus RBL/XBL, etc)
   • set up things like receipt throttling and greet pause in sendmail

I was getting 2-3 flagged by spamass after passing through the mimedefang stuff before implementing greylisting. Post greylisting I've yet to get a single spam in my spam folder (they never made it to my inbox before, but I still had to deal with them.). I have things configured to flag at 2 points, discard at 7. My bayes filters have about 2 years worth of training on them, and I use RBL scoring too.

Re:Want to stop it?

[SCHecklerX]

Sorry to follow up to my own post. I just wanted to add that this also works very nicely on the corporate mail servers that I manage.

Re:Want to stop it?

[rmallico]

I have to agree here... for the last 2+ years I moved my 12 domains to a hosting provider and the first 6 months things were okay... the last 18 have been horrible.. mail alias' disappearing in the cpanel admin application, getting spammed up the wazoo (when they upgrade the cpanel app it seemed to reset EVERYTHING, include spamassasian rules and such... last straw was when they restored some files after a drive died and they reset EVERYONES password to their username to username123 and did not tell anyone except by posting it to their support website... uh... hellooooooo..

anyway, i signed up for freedns.afraid.org, moved the 8 domains i still have and i can point to anywhere i want and have it running on exchange 2003 with sp2 (gasp)... the nice thing about E2k3 is that they finally GOT the idea of allowing RBL type checks and SenderID checks when connections are intiated... it works... i turn it off and i get 250 spams a day, i turn it on using just 1 RBL and it drops to around 25-30... I am sure that if i added some other RBL checks it might drop a little more...

just using common sense and some knowledge on configuring your given mailserver things will definately start to get better...

Re:Want to stop it?

Just to play devil's advocate, when measuring of the effectiveness of a SPAM prevention tool, number of SPAM messages that make it through is much less important than the number of false positives. Do you have logs showing that your prevention measures aren't stopping legitimate messages from getting through?

Re:Want to stop it?

[japa]

Greylisting may work fine for you, as long as you accept that your mails may be delayed undefined time. Think about some major mail hub. If all the mail it tries to trasmit is greylisted, then it will have huge amount of mail in its outgoing queues.

Even now it's normal to have huge number of mail in outgoing queues, mostly bounces to spam. Those are tried deliver every once and a while. So add your mail to the queue and be prepared to wait retransmission from 5 minutes to even few days. (seen that happend).

Re:Want to stop it?

[Kadmos]

Hmm, those are two good points, with just two minor problems:
1. If greylisting is done properly, for most mail server connections there is no delay. IE check the auto whitelisting feature of your greylisting software.
2. If your queue is full of spam bounces you are part of the problem. Has it ever occured to you that most spam is from forged email addresses? So why are you boucing to it?

Re:Want to stop it?

[Kadmos]

Or for those who perfer postfix the Postfix Anti-UCE Cheat-Sheet works well for me. My mail server gets about 500 hams per day only 1-2 spams per week (usually those which have not been picked up by spamhaus.org lists) and have only had 1 false positive.

Re:Want to stop it?

[dodobh]

Greylisting works, until a few really large organisations do it. If $WORK were to start greylisting, spammers would start retrying in a couple of days.

I wish we could just block on non FQDN HELOs, but the support requests coming from exchange administrator weenies are just too high.

Re:Want to stop it?

[2grhms]

We have a home server which handles our email on our domain name xq.se.

Say you want to give John Doe your email address. You give him John.Doe@xq.se or rh2325@xq.se and then set up sendmail to forward that name to your real user name at home. Even posting to usenet and webpages seems to be safe with a real but disposable email address.

Very occasionally, when you get spam, just disable the address and send a polite email with your telephone number to the culprit. We have never had a spam problem. Why doesn't everyone do this?

Re:Want to stop it?

[Henk+Postma]

I find it disturbing that I have to run my own mailserver to get rid of spam.

My experience with gmail is different.

[winkydink]

Like you I publicly post this address, but only on /. 22.7% of my gmail inbox is spam (20 of 88 messages). However, there are another 1394 in my spam folder.

Au contraire!

[Diordna]

Think again! Much of what you think is "spam" is actually legitimate. Contrary to popular belief, Nigeria really *is* filled with millionaires. Of all of these, the most prominent seems to be Esenam Ayele.

Why are you all so prejudiced against these great offers? I myself have bought many of these products *nudge nudge* and, although I haven't seen any results yet, I have great faith.

Re:Au contraire!

[TubeSteak]

Step 1. Commit Bank Fraud
Step 2. Put traceable money in an account
Step 3. Give account details to Nigerian Spammer
Step 4. ???
Step 5. Profit

Spam: The social problem

[lumbercartel.ca]

The real crux of this problem is that spam is a social problem. Although many people treat it as a problem that can be solved by purely technical means, in the long run the problem will always be there because:

0. There will always be a criminal element determined to make "a quick buck" without regard for others as long as there are people willing to do business with this criminal element (in this case, the spammers).

1. Many people use the internet who aren't computer specialists, thus are easily fooled by eMails which are designed to imitate messages normally generated by a trusted internet site (usually in an attempt to gain access to confidential information).

2. The up-front costs for the spammers are very low (and quite high for their victims, society, etc.), and there are no serious penalties thus the risks associated with getting caught are minimal (if there are any at all).

3. Marketers stubbornly and vehemently hate (in general) the idea that everyone has a right to "consent." Confirmed opt-in is key because "opt-in" alone isn't enough due to forgery.

There are many ideas for solutions, but unfortunately one of the big challenges societies face today is international differences when it comes to law & order, moral, ethical, and other standards. The internet, by its design, completely ignores international borders, and spammers are enjoying free reign as a result.

So far a combination of DNSBLs (DNS-based Block Lists) and various filters seems to work well for many ISPs, but spammers continue to find ways around these things, hence the fact that it is a social problem.

Education is key, but so far has proven to be impractical. Does anyone have any ideas for solutions (violence works, but is illegal in most civilized nations, so we need to be creative in a different way)?

P.S.: Challenge/Response systems are not the answer because they are, essentially, fighting abuse with abuse.

Education

[spect3r]

I think what has happened is that the population has a greater awareness on spam detection and spam removal/blocking/avoidance. Since I closed my HOTMAIL account in 2002 and switched to my own domain, I hardly ever receive SPAM - and if I do, it all gets filtered anyways. Have the people finally become more educated? Perhaps. That, or the masses truly believe in miracle herbs.

It's just you

I got an average 2spams/mth last year, and I haven't had any this month yet, so I can't comment.

Depends on the sense of dead

[hahiss]

Are we talking dead as in ``Biggie Smalls is dead" or dead as in ``Paul is Dead"?

Re:Depends on the sense of dead

[Hosiah]

It was supposed to mean dead as in "Look, mate, I know a dead parrot when I see one...and I'm looking at one right now!"

Re:Depends on the sense of dead

[bobcat7677]

I was thinking dead as in the Disco sense...

Spam is dead

[mattwarden]

I got almost a third more spam in 05 than 04. I guess I exist outside the bell curve on this one.

Why? Between GMail's filtering and Thunderbird's filtering, I have to deal with maybe 2 spam emails per week. I "get" plenty of spam. But it's DOA... in my spam folder.

Oh, ye of little faith!

[Hosiah]

You're only still getting SPAY-UM because you LACK FAITH in the HEALING POWER of the Almighty Bill! BLEY-ESSED be his AH-HOLY NAY-UM! Yeah, he hath only to extend HIS HAND and take your blemishes away from your inbox! Now holds hands and UH-PAR-UYUH, PAR-AY with me brothers and sisters, that in this hour these doubting unbelievers will yet turn their hearts to the ONE TRUE FAITH, that they might be YET SAY-UVED from their hour of darkness!

It's not just more...

[cuerty]

It's more, but they can't detect it like they use to, so that's why they are claiming that it's declining.

Not really

[Life700MB]

Gmail must have not receibe that Bill's memo, because my account not only receives almost 80 spams a day but about 7 o 8 make their way to my incoming folder.


--
Superb hosting 20GB Storage, 1_TB_ bandwidth, ssh, $7.95

reason

spam has not reduced in traffic, the spam filetering mechanisms are getting smarter, and as people above have mentioned, gmail is really good in this respect.

Explanation

[Spy+der+Mann]

Year / Amount of SPAM
1999 - N
2000 - 2N
2001 - 4N
2002 - 8N
2003 - 16N
2004 - 32N
2005 - 31.999 N <- decline! :D

Re:Explanation

[lumbercartel.ca]

Oh I wouldn't worry about that -- count on the spammers to make up for it in 2006. =(

So...

I got almost a third more spam in 05 than 04. I guess I exist outside the bell curve on this one.

I'd imagine that'd be true, yes. Probably even worse for cowboyneal@slashdot.org, but CmdrTaco is still pretty high on the list...

Greylisting cleared this thing away for me

[daniel23]

spamAssassin and the junk filters in Eudora, Thunderbird all helped to ease the problem but I was still deleting lots of them by hand until I switched to greylisting on my mail server.
Since most of the spam gets sent by minimal smtp on hijacked pcs which just dont know how to queue mail suddenly there was silence.
It takes some whitelisting at first and some kinds of traffic, like listservers take another route, but I could finally dare to open some known for long mail adresses that had turnend into spam sinks for long.

Re:Greylisting cleared this thing away for me

[trandism]

Adding my experience to that... Greylisting and in my case the postfix-oriented implementation of it called postgrey solved the problem 99.9%
I was amazed at the ease of configuring it, at the success in stopping almost all spam and more importantly at the fact that it need practically no maintenance after the first week which goes with whitelisting..

Re:Greylisting cleared this thing away for me

[muleboy]

I've had good results with greylisting too. In fact, I recently turned it off after using it for about 18 months and I have almost completely stopped getting spam. All I can figure is that spammers take me off their list when the greylist bounce happens, thinking it's a normal bounce. I didn't see 99% success back when I was getting 30-50 spams per day, I saw about 80% success. That's still really good for an anti-spam technique.

Spam isn't getting smaller

[i_ate_god]

Spam filters are getting smarter.

More people should use SpamCop.Net

[lumbercartel.ca]

More people should report spam to SpamCop.Net. Even if busy people reported only one spam a week to SpamCop.Net, they would be making a tremendous contribution to this war against spam.

Over the years we've encouraged hundreds of individuals to report spam to SpamCop.Net, and many of them still do so today. Those with more free time (or a need for revenge because of a very strong feeling of hatred towards spammers) report all of it, and those who are busy report whatever they have time to report.

As more ISPs have been using BL.SpamCop.Net to automate the blocking of IPs known as sources of spam (because they obviously agree with SpamCop.Net's criteria), the more effective SpamCop.Net is.

Everyone should ask their ISP if they're using BL.SpamCop.Net to block spam. If the answer is negative, then insist that they look into it and follow up with them later to find out if they acted on it. It's free, easy for a server administrator to implement, and it eliminates the need to maintain your own blacklist.

Re:More people should use SpamCop.Net

[jaseuk]

SpamCop is awful. We've been placed into the blocklist on more than one occassion as a result of one or two completely daft individuals who continually report our messages as SPAM, with no easy way out for us. The messages were sent BY HAND, by a GOVERNMENT agency with whom the individuals regularly have sit down meetings with AND WANT the messages through.

On each occassion I've phoned the individual who made the complaint to see what the problem was, each time it was "oh did I, must have clicked the wrong button", I've actually now threatened to blacklist the two of the most troublesome people and they are absolutely horrified by that idea as they rely on us for grants, free advertising and business advice etc.

The SpamCop system is completely flawed and your comment about those with free time reporting everything just about proves it. I've not seen some of the mail client addons for Spamcop, but it wouldn't at all surprise me if there is a certain class of user who uses it as a delete key.

Jason

filtering and giving up on accounts

[sd.fhasldff]

Probably the main reason for any fall-off in spam is blocking by the likes of hotmail, yahoo and gmail. I would have to assume that the VAST majority of users have email addresses on major hosts such as the aforementioned. Another reason is probably that people tend to give up their spam-filled email addresses in favor of new, pristine ones. I know I certainly have a few addresses in this catagory.

Less Spam

[Jaro]

My spam has actually declined from about 100 messages a day to 2-5 messages a day, that inludes the message which get caught by my spam protection. I would estimate that only one or two messages a week get through the Thunderbird protection. Just don't openly publish you address on the web... put up images which include your email, create a little java script which hides all the different parts of your email in different variables... or even putting it online like bla 'at' blup 'dot' com really seems to help.

Spam spam spam...

[Dvondrake]

In 2005 I used to get over 100 spam emails a day, now I'm getting less, probably about 10-20 a day. "I DON'T LIKE SPAM!!" -Monty Python

spam is dead, long live spam

[circletimessquare]

fighting spam, much like "the war on terror" or "the war on drugs" or fighting pedophilia, is mostly a policing activity. that is, it never ends, nor will it ever end, nor should you think it will ever end, if you really understand the nature of the problem

spam/ drugs/ terror/ pedophilia/ etc. will always require personnel and effort to prevent, forever. it's just a cost of civilization. for to not fight these things allows them to proliferate and spread. it's a maintenance issue, just like taking out the trash to the curb every thursday. it's not like you take the trash out one day, and you never have to take it out again. no, trash constantly accumulates, and it always will. if you think terror, or hard drug use (really only hard highly addictive drugs are a problem), or spam, or pedophilia, or other problems like these, is something you can oppose or (even worse) accept, and the problems just go away, you simply don't understand what these problems are really like

every generation, there will be some group of idiots who think bombing the feberal building in oklahoma city or flying airplanes into office towers is a wise move. likewise, every generation some group of a**holes will see smuggling heroin and cocaine as a good business move (it is, but its the social byproducts of the business itself that is the problem). and, every generation, someone will think "hey, i can just send out a million emails." nothing you will ever do will stop such people from constantly being reborn anew in every generation, forever

these thinks, just like spam, must always be fought, for all time. yes, you can change protocols, but there is no technological fix to human ingeniousness and cravenness: someone will always try to game the system for their benefit, despite all of the suffering it creates for the rest of us. a lot of slashdot types would be thinking "technological fix!" "technological fix!" ...no: there is no technological fix to ingenious asocial behavior. a bored teenager is always smarter than your protocol, and always more craven then the good intention of those who create the protocols. it's the tragedy of the commons. so those who see email spam going away with a technological fix are missing the larger point: you don't destroy the behavior, you just move it around: IM spam, blog spam, etc

true wisdom on the issue of spam and other social ills like it are ones of acceptance of the problem, and constant vigilance of the problem, at the same time. it's not like you can accept the behavior as OK, and its not like you can fight it and kill it once and for all. what is needed is more people understanding the true nature of social ills like spam/ terror/ hard drugs/ etc and understanding that, by their nature, they are mundane criminal policing issues like burglary and vandalism: always with us, but always unacceptable, all at the same time

this is wisdom on these issues. beware anyone who says you can accept these things, and the problems go away, or people who say you can fight these things, and kill them once and for all. such people don't know what they are talking about

Re:spam is dead, long live spam

spam/ drugs/ terror/ pedophilia

Please add "non-capitalizers" to the list.

Re:spam is dead, long live spam

[misleb]

ighting spam, much like "the war on terror" or "the war on drugs" or fighting pedophilia, is mostly a policing activity. that is, it never ends, nor will it ever end, nor should you think it will ever end, if you really understand the nature of the problem,

The problem with these never ending "wars" is that they keep building up. With this "nor should you think it wil ever end" mentality is that it gets to the point where you are actually making things worse by being so relentless. Take the war on drugs, for example. How many people are hurt because drug use is criminalized rather than treated as a health issue (which it is)? That is what you get when you start waging "war." How much farm land in Columbia is destroyed and people poisoned because the US dumps herbicides all over the place to kill coca crops? Lots. At some point you need to back off theses never ending "wars" and ask youself if the casualties are really worth it.

As for the "war on terror," how much terrorism is CREATED by the war on terror? You go into a country thinking you are going to kill all the terrorists and guess what? You've just pissed off a whole bunch of people who previously didn't feel particularly strongly. Also consider the freedoms that people are willing to give up once "war" declared. "War" is a very powerful term and I think we should reserve it for big things. Pretty soon people will start believing that "war is peace, peace is war."

And back on topic... why is there a "war on spam?" Just install damn filters and be done with it. Any half decent spam/virus filter (and there are many out there) can stop at least 90% of all SPAM. So what is the big deal? Just push your services provider to install better filters and get on with your life.

-matthew

Re:spam is dead, long live spam

[flyingsquid]

fighting spam, much like "the war on terror" or "the war on drugs" or fighting pedophilia, is mostly a policing activity. that is, it never ends, nor will it ever end, nor should you think it will ever end, if you really understand the nature of the problem

You pansy-ass liberal. Your defeatist comments only aid and comfort the spammers! We don't need policing; we need to strike a decisive blow and prove once and for all that the USA, the greatest country on earth, won't take crap from spammers. The only way to do that is an unprovoked, unilateral invasion of Nigeria. Only that way can we defeat this menace, and only then can the people of oil-rich Nigeria truly be free.

Re:spam is dead, long live spam

Without a doubt one of the best posts I have ever seen on /.

Well done.

Re:spam is dead, long live spam

[TallMatthew]

How much farm land in Columbia is destroyed and people poisoned because the US dumps herbicides all over the place to kill coca crops? Lots.

How many people have their lives and the lives of their loved ones destroyed as a result of cocaine? More. Many, many more. Ridding the world of the coca plant would be a good thing. It's ravaged our species. It's created the most power criminal organizations on the planet, strong enough to influence governments across the world. If the Powers That Be (TM) would commit to wholesale eradication, I don't care who is inconvenienced. However, they seem to target the crops of certain cartels. Hmmm.

Re:spam is dead, long live spam

[Robert+The+Coward]

No don't kill of the coca bean. You don't want to see my wife if she can't get chocolate at least once a month.

Robert

Re:spam is dead, long live spam

[misleb]

How many people have their lives and the lives of their loved ones destroyed as a result of cocaine? More. Many, many more. Ridding the world of the coca plant would be a good thing.

But futile.

It's ravaged our species. It's created the most power criminal organizations on the planet, strong enough to influence governments across the world.

Prohibition creates the cartels. Just like when alcohol was banned. Take anything that is in high demand and ban it, and you have almost instant organized crime. What's worse is that you raise the price and, hence, the incentive to trade it. It gets to the point where there is so much money to be made in drug trade that nobody wants to grow anything else (in areas where growing is an option)

If the Powers That Be (TM) would commit to wholesale eradication, I don't care who is inconvenienced. However, they seem to target the crops of certain cartels. Hmmm.

If you had any idea how much damage such eradication attempts do to innocent people, I doubt you would be saying that. Those crops are often grown by otherwise innocent farmers who can't make enough money growing legitimate crops. They have families and neighbors. All of whom are severely damaged by "wholesale eradication" attempts.

Frankly, cocaine isn't even really that bad. In some ways it is like marijuana. Many, many, people consume it casually and infrequently and you would never know it. I'm not saying it is a good idea to use cocaine, but the idea that cocaine has some megical ability to ruin lives just by its mere pesence is a myth.

The war on drugs is a failure. It is time to step back and rethink things.

-matthew

Re:spam is dead, long live spam

[TallMatthew]

Frankly, cocaine isn't even really that bad. In some ways it is like marijuana. Many, many, people consume it casually and infrequently and you would never know it. I'm not saying it is a good idea to use cocaine, but the idea that cocaine has some megical ability to ruin lives just by its mere pesence is a myth.

Well, it almost killed me. It did kill two people I know off the top of my head. And countless others I've spent time with are doing serious jail time, like the kind with "life" at the end of it. So watch what you say.

Cocaine affects different people differently, like most drugs, both illicit and otherwise. Some people don't even feel it. But more importantly, the craving reaction; while you may have the occasional thought from time to time it might be fun to do, I feel about cocaine the way I feel when my head's stuck under water and I need some air. People like you have fun. People like me go insane, go to jail or die a miserable death. Such is life.

The difference between individuals' reaction apparently has something to do with the brain's inborn ability to regulate neurotransmitters, particularly glutamine and dopamine. I found this paper on the net about six months ago: http://www.nature.com/npp/journal/v30/n1/abs/13006 00a.html when my life was going, shall we say, very poorly. Apparently this drug corrects the imbalance that creates the cravings. They went away and I haven't touched it since.

Addiction is an experience that can't be communicated properly. If you don't go through it, you can't understand it, not really. Trust me when I say to you it's not pleasant.

Not quite dead

[Vainglorious+Coward]

You may not be seeing it, but it's still taking up gobs of bandwidth, disk and CPU, and *somebody* has to pay for all that. I think that the costs to transfer, store and process spam outweigh the cost of individuals' time spent reading/deleting it.

Re:Not quite dead

[dada21]

I've offered to pay Google $10/month for better uptime.

They do a better job as they aggregate "Report Spam" into fighting future spam. Better for me and millions of others.

Re:Not quite dead

[Kuciwalker]

If fewer people see the spam, it's less profitable and less of it is sent out. Spam filters *do* actually fight spam.

Re:Not quite dead

[Vainglorious+Coward]

If fewer people see the spam, it's less profitable and less of it is sent out.

That doesn't follow at all. There's compelling evidence that improved filtering rates act as an incentive for spammers to increase their sending volumes, simply to try and maintain the same return rate.

Phishing

[helioquake]

I get more phishing emails than spams these days.

Not that I actually *see* them, since spamassassin hasn't missed one to filter them into my spam box.

It was amazing at first!

[KeiichiMorisato]

On the first few days after the new, my spam mailbox, which usually fills up with ~100 spam emails a day, was only registering 20 or so spam messages. However after a week, the spam started flowing again.

I wonder if some of these spam mailing lists had an arbitrary expiry date set?

Also, although the spam filter is pretty good, it seems to me that more spam is getting through the filter that my ISP provides.

Here we go...

[ZeldorBlat]

This article advocates a

( ) technical ( ) legislative (x) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
(x) Requires too much cooperation from spammers
(x) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(x) Lack of centrally controlling authority for email
(x) Open relays in foreign countries
(x) Ease of searching tiny alphanumeric address space of all email addresses
(x) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(x) Armies of worm riddled broadband-connected Windows boxes
(x) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
(x) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(x) Extreme stupidity on the part of people who do business with spammers
(x) Dishonesty on the part of spammers themselves
(x) Bandwidth costs that are unaffected by client filtering
(x) Outlook

and the following philosophical objections may also apply:

(x) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
(x) Blacklists suck
(x) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
(x) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
(x) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(x) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!

Re:Here we go...

Geeeezzzz what ya smoking dude?

Re:Here we go...

[donnz]

Great post. How long did that take!

Currently in NZ we are looking at this approach. Basically combining an ENUM implementation with a Universal Communications Identifier (UCI) and personal proxy (PUA) for handling all IP and PSTN communications. Note, it can apply to all IP comms, not just voice.

Could have a profound impact on spam from a technoliogical *and* economic perspective. Does not require the degree of co-operation of other spam "solutions".

The feasibility study, which our company was commissioned to undertake is worth downloading if you are interested.

Re:Here we go...

[Geoffreyerffoeg]

This post advocates a

( ) technical ( ) legislative ( ) market-based (x) vigilante

approach to, um, fighting fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
(x) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(x) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
(x) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
(x) Technically illiterate politicians^WSlashdotters
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

(x) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
(x) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
(x) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

( ) Sorry dude, but I don't think it would work.
(x) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!

Re:Here we go...

[ravenspear]

Great post. How long did that take!

You must be new here.

Re:Here we go...

[aeoo]

LOL. You're the one that's new! Look at your Slashdot ID and then look at the Slashdot ID of the person you are replying to.

Re:Here we go...

You have too much time on your hands.

Re:Here we go...

[wodow]

I've seen this a few times now. Where does the form originally come from?

Wodow

Re:Here we go...

You must be really new here.

I haven't gotten spam for years ...

[Matt+Ownby]

Ever since I started using TMDA (http://tmda.sf.net/ my spam has dropped to almost zero (I probably received 2 spams in 2005). TMDA isn't a perfect solution because valid senders have greater difficulty in getting through, however, since I don't know they are trying to email me, I don't miss the emails :)

Personally, I prefer losing an unknown amount of email rather than manually checking the Bayesian filter to see if there are any false positives. Is that so wrong? :)

Re:I haven't gotten spam for years ...

[Greyfox]

I tried tmda for a while and it worked pretty well. Problem was I was storing a lot of spam on my hard drive and sending out a lot of bounce messages. I find Postgrey blocks a similar amount of spam and doesn't involve having to store messages or bounce mail to nonexistant addresses on a regular basis.

Re:I haven't gotten spam for years ...

[compgenius3]

I have religiously clicked on the unsubscribe links on the bottom of the messages, and I get virutally no spam, in my spam folder or otherwise. GMail filters the one or two a week and I check just to make sure no legitimate mail got messed up, but so far, not a one

Re:I haven't gotten spam for years ...

[macshit]

The downsides to using challenge-response are (1) lots of people will hate you, and (2) you'll lose a fair proportion of real mail.

If you're ok with those, then er, go ahead, I guess. I don't think this applies to most people though...

The page is upside down

[FishandChips]

I don't think the spam problem is declining if you include all forms of unsolicited bulk email. Phishing is a real problem now - ask any bank. In the old phrase, it's not just the quantity it's the quality. Half as much spam that is four times as effective in fooling filters and/or fooling users is not a decline in spam. And would I like young members of my family or my mother to get even one spam a day offering the delights of, say, bestiality? Nope. One spam is too many and no jail is big enough for some of these operators.

I think it's necessary to turn the page with all the graphs on it the other way up. These will show an increase in governmental and IT industry self-satisfaction, cheerleading and (some might say reckless) optimism. I guess they've decided to declare the great spam war won and the problem fading. Except it isn't.

Re:The page is upside down

[Dunbal]

And would I like young members of my family or my mother to get even one spam a day offering the delights of, say, bestiality? Nope.

      And just what is wrong with bestiality, you insensitive clod?

      Heheh... grinning, ducking and running....

spam catch-22

by making spam filters that catch more spam, you are making the spammers send more spam to try to get thru.

catch-22 :(

Four Letter AOL Address

[Arkham79]

I have a four letter AOL address - I gave up counting spam a long time ago. Even with two spam filters (one on the AOL side that dumps into an IMAP based folder and one in Thunderbird) I still get between 50 and 100 pieces of spam a day......

Lameness filter encountered. Post aborted!

[Insert your favorite spam here]

(This was an incredibly funny idea, but Slashdot is defending itself!)

erm

[bLindmOnkey]

I get 4500 spam mails a month filtered through gmail each month since last year. Then again some asshole freshman thought it'd be funny to submit my email address along with my name and my school's telephone number to a few popup ads. Before last year I received 1 or 2 spam mails a day. So from 04-05 my spam mail increased 4500%. No decrease for me.

Error while connecting to reality - ECONNLOST

[Omega+Hacker]

"these rely on credulousness, which has a finite supply"

I don't know what planet the author of this piece is living on, but around here the place is filled with morons who wouldn't know a phishing scam from a hole in the head.

If spam is dead someone should tell IT that

[edo-01]

Since mid-December 2005 I have caught 4293 spam emails in my gmail spam filter, nearly all of which comes via a redirected email address I have been using since 1999. I know the sensible thing to do is abandon that address and start a fresh one, but I refuse to let the bastards win.

GMail spam increase in 2006

[lumbercartel.ca]

Some of those spammers must've just come back from their holidays at the garbage dump (I just can't bring myself to describe their usual hang-outs -- it would be a complete waste of SlashDot's resources).

Since when has Bill Gates...

[Hymer]

...been right in anything else than his financial predictions for MS ?
Why should we trust him in his spam prediction ?
...oh and btw. mr. Gates my hotmail mailbox is beeing spammed with worthless info from MS...
--
Where is \ on a Mac ?

Crackberry

[XB-70]

Here's my experience: I bought a CrackBerry this year 'round September through Rogers Wireless. Within FOUR HOURS of getting it set up, I got spam. I had never browsed to any web sites, I had not done anything other than set up my email account. My biggest question was: how could the 'bots harvest my email address that quickly? It really was astounding to me to have basically not used the device and suddenly get spam on it. Outrageous. These guys who claim that spam is declining are either crack addicts or Bush advisors.
It's time for ISP's to start fighting back on behalf of their customers: creating weapons to attack machines that are perpetrating spam and letting the (possibly un-suspecting) owners know that their machines have been co-opted as spam servers. With all the malware tools available, shouldn't we be able to use them to shut down bogus mail servers?

Help me smuggle $6,000,000,000 out of Nigeria

[anonymous_wombat]

Hello, I represent some dead person in Nigeria, and would like to smuggle 6 billion dollars out of the country. Also, I would like to marry you. Please help me. I am a man or a woman, whichever you prefer.

Re:Help me smuggle $6,000,000,000 out of Nigeria

Lucky U... I only got an offer for 10% of $80.000.000
have you btw. talked with somone about your strange problem with sexuality ?

Re:Help me smuggle $6,000,000,000 out of Nigeria

[Dunbal]

Sorry Mr. Dead Nigerian I can't help right now, but since I just invested in a surefire work from home and earn $100,000 a week in my spare time business I will soon have enough capital to help you out...

Re:Help me smuggle $6,000,000,000 out of Nigeria

[rubycodez]

I have a plan to get your money out, all I need is a roll of a hundred of the new 39 cent stamps. Send postage paid to me and I'll fix you up.

This is not true

[Ars+Dilbert]

I run a mail server for a medium size tech/sales company. The spam levels have peaked last year and are remaining the same, if not getting worse. 70% to 80% of all incoming mail is spam, before the spam filtering of course. The filtering probably catches better than 9 out of 10 spam messages, but what remains is still a large number of junk messages that need to be dealth with by hand. This seems to the the norm according to my fellow mail admins from other orgs.

Computer centers

[michelcultivo]

The first article tell us more about the Microsoft funds to install computer centers on another countries than spam.

Long Live Our New Spam Overlords

[cutecub]

Sorry, somebody had to say it.

-S

The rest of Bill's quote...

[Sculp7ur3]

"The Spam is dead.... Long live The Spam!"

No more reasons to spam

-Everyone has already enlarged their penis.
-Britany Spears has had a baby, so nobody wants to see her new sex video.
What else am I missing?

Should read:

[delire]

"Twelve years since Bill Gates created 'spam, an article in [...]".

While not within the scope of the article, any implication that Gates is saving us from spam is profane.

If anything, Gates is dragging his users through the "Create-a-sickness-and-present-yourself-as-the-onl y-cure" business method (the heroin and military industries being of similar ilk).

Your business plan

[shihonage]

50% discounts on all furniture ! Only at Furniture'R Us ! ORDER NOW !

Re:Your business plan

[Dunbal]

How about 50% discount* on half the furniture? Buy half a chair for half price...

*Excludes shipping and handling

Re:Your business plan

[shihonage]

A fascinating fact about our bathtubs - they hold enough water to fill a bathtub TWICE their height, half their length !

Re:Your business plan

[Dunbal]

A fascinating fact about our bathtubs

      You're a sick puppy. I like you :)

3 in 6 Month

I got 3 Spam in 6 Month, which got filtered by the spam filter.
Ok only after I wrote a little program to protect my network traffic.
See oss-lin.

Spam?

[Dragoonmac]

In America: You kill the spam In Soviet Russia the spam kills you!

Spam still killing email

[miro+f]

I find that spam is still doing a decent job of destroying email, the amount of email that gets picked off by spam filters is incredibly high and oftentimes I've had legitimate messages filtered by spam filters, meaning I have missed out on important information. Due to spam, email is now no longer a reliable means of transportation, which I think is worse than having to delete a few spam messages every day.

Currently my account gets absolutely no spam, I have a second email account I use to sign up for stuff and funnily enough it gets no spam either. Spam filters may be getting rid of most spam but unfortunately sometimes they stop needed messages too. And the truth is so long as one person in a million responds to the spam messages then it's still worth it for the spammers

Re:Spam still killing email

[wasted+time]

Due to spam, email is now no longer a reliable means of transportation, ...

Dude, that whole information superhighway thing was just a metaphor, or something.

The Nietszche would kill me, but....

[Pesh+Hawksfire]

Have you not heard of that madman who lit a lantern in the bright morning hours, ran to the market-place, and cried incessantly: "I am looking for Spam! I am looking for Spam!" As many of those who did not believe in Spam were standing together there, he excited considerable laughter. Have you lost it, then? said one. Did spam lose his way like a child? said another. Or is spam hiding? Is it afraid of us? Has it gone on a voyage? or emigrated? Thus they shouted and laughed. The madman sprang into their midst and pierced them with his glances. "Where has Spam gone?" he cried. "I shall tell you. We have killed it - you and I. We are Spam's murderers. But how have we done this? How were we able to drink up the sea? Who gave us the sponge to wipe away the entire horizon? What did we do when we unchained the earth from its sun? Whither is it moving now? Whither are we moving now? Away from all suns? Are we not perpetually falling? Backward, sideward, forward, in all directions? Is there any up or down left? Are we not straying as through an infinite nothing? Do we not feel the breath of empty space? Has it not become colder? Is it not more and more night coming on all the time? Must not lanterns be lit in the morning? Do we not hear anything yet of the noise of the gravediggers who are burying Spam? Do we not smell anything yet of Spam's decomposition? Preserved meats too decompose. Spam is dead. Spam remains dead. And we have killed him.

Internet is Dead

[aleator]

The Internet is Dead!
    -- Spam

Hormel went bankrupt?!

[VGPowerlord]

Oh, wait, wrong kind of Spam.

Spam is on the decrease!

... BUT! A new wave of "next gen" spam is surfacing! Help put it to a quick death by downloading our product for only $39.95! Signing up is easy, simply fill in your e-mail address for every field of the following link: www.shitloadofsponsers.com

And you will be dynamically profiled, hooked up with several of our referrers, taken to our order form, and sent updates not only from us, but from our reliable referrers! Join now!

Bill still has over a week to go! Be fair!

[AndroidCat]

He made that statement Friday, January 23rd, 2004 so he still has 11 days to pull it off. So he can still slack off for ten days and pull an all-nighter of something. (Maybe he could offer each spammer 2 million dollars to go away? For less than billion, problem solved .. right? ;)

Re:Bill still has over a week to go! Be fair!

[AndreiK]

But of course, to get the money, you have to register with your local authorities first.

Re:Bill still has over a week to go! Be fair!

[Surt]

In fairness to Bill, 3 years ago I was receiving about 700 spam / day. Last year I received 20 spams. Total. I'd say he achieved his goal, and I thank him profusely for gmail!

*SPAM is dying!

[Joseph_Daniel_Zukige]

It is official; The Observer confirms: *SPAM is dying

One more crippling bombshell hit the already beleaguered *SPAM community when The Observer confirmed that *SPAM market share has dropped yet again, ...

erm,

No, I'm not up to this one. Somebody else do it.

Has anyone figured out how much $ spammers make?

The whole "if it stops paying, they'll stop doing it" solution is the simplest, most efficient solution I can think of but for the life of me I can't imagine anyone stupid enough to click it. Obviously someone must be, and I know the profit margins are probably astronomical (zero cash outlay to send a few hundred thousand emails and if you get 3 people out of the 300,000 then you're 3 people's cash wealthier) but seriously, how much money do these spammers make.

Wouldn't a better option be a kind of backwards responsibility... if a product is advertised using spam, then the distributor/manufacturer is held responsible. I know it's not very legal, and then there's the problem with people fake-spamming to get competitors in trouble, so it's not a perfect plan.

Spam is dead.

[mejesster]

Long live spam!

*cough*

[TechnoGuyRob]

*cough* *cough* *cough* Gmail *cough*

Darn colds this time of winter.

Ah yes:

I, for one, DO NOT WELCOME our spam overlords. GTFO.

Bill Gates, prognosticator

[ConceptJunkie]

So Gates declared war on spam 2 years ago. Well, he declared war on Windows security problems 5 years ago.

Given this track record, I expect he will next claim that he will eliminate corruption in Congress.

Re:Bill Gates, prognosticator

[mattwarden]

Sounds like someone needed a 'Mission Accomplished' banner.

Re:Bill Gates, prognosticator

[Dhalka226]

Given this track record, I expect he will next claim that he will eliminate corruption in Congress.

Ironically, to get such legislation passed he would have to buy himself more than a few congressmen.

Re:Bill Gates, prognosticator

[ScrewMaster]

Yeah. And it would help if he would declare a War on Bugs while he's at it.

Re:Bill Gates, prognosticator

[FFFish]

You are being so unfair: he has managed to eliminate Windows as a serious OS! The security problems have reached the stage of being so inane as to be comical: a WMF vulnerability on purpose?! Fer cripes sake, Bill, I can't take your OS seriously. I need a bit more security than that.

Re:Bill Gates, prognosticator

[ConceptJunkie]

Ironically, to get such legislation passed he would have to buy himself more than a few congressmen.

Eliminating corrupt doesn't require changing the laws, just enforcing them. Of course, there's also the route MS took... if they find you guilty, let them give you a slap on the wrist, promise to be good and pretend it never happened.

After all, if MS was _really_ a monopoly, the government would have punished them. Despite the finding that MS did some monopolistic things, I don't recall any punishment, ergo... were they really guilty?

Re:Bill Gates, prognosticator

[ConceptJunkie]

Hey, Windows meets Government security standards... if you unplug it from the network.

(Seriously, you could get NT 4.0 to the C2 standard... but I don't think anyone tried using metafiles with that version.)

Spam Is Dead

[Stan+Vassilev]

"Spam Is Dead"
Let me guess, some sort of pun related to the fact that most of the spam comes from zombie pc-s and can't be stopped.

Less spam? Or just seeing less of it?

[scdeimos]

Choice quotes from TFA:

First, there are multiple spam filters between me and the outside world: some at the companies that forward my email (Google Mail does a very good job), some on my machine, some in the email programs I use.

So he's not really getting any less spam at all, it's just getting hit on the head before it gets to his inbox.

Yet the amount of spam seems to be declining. Postini (www.postini.com) keeps real-time data on the amount of spam it stops. A few years ago, it said spam made up around 80% of all the email circulating. When I looked last week the figure was about 60%.

I wonder if by "amount" he means "proportion"? With many more users getting on the internet now than "a few years ago" it's not surprising that the proportion of spam may have dropped a little (overall), but I'd be very surprised if there's actually less spam being generated.

In the last three years I think I've received one spam and two eBay phishing e-mails. I run my own mail domain, so when I register an e-mail address for anywhere I use nospam-[their domain]@[my domain]. This makes things very easy to trace and would seem to have some discouraging effect on places selling their address lists. The phishing e-mails were due to a hardware supplier whose customer database had been comprimised, for example.

Re:Less spam? Or just seeing less of it?

Well, in fact, at Postini web site they say "spam activity has increased over 65% since January, 2002".

Big deal.

[Ethan+Allison]

With Gmail, and I think most of the other webmail services (Hotmail, Yahoo, etc.), roughly all spam is sent to the spam folder, and I never have to look at it. So how is spam doing any significant "damage" to email? The average person probably wouldn't be annoyed by having a spam filter.

I get zero spam

[BassKadet]

I get *zero* spam on my gmail account. If you use your email account carefully, you won't get spam. Just as if you use your internet browser carefully, you won't get spyware.

i lost hosting because of recieving spam!

[johnpaul191]

i have gotten so much in 2004 and 2005 that i had to change hosting companies. they said my spam flooded out the mail server, and my current host deactivated my main email address without telling me in advance. it now just goes to blackhole. before i tried sending unrouted mail to :fail: and the bounce backs got me flagged as a spammer. it was a combination of my main email address getting picked up and unrouted mail to my host (once upon a time i used a catch all). all this with spam assassin and whatnot installed at the servers.
darn virtual hosting. if it was a commercial site i would spend money to resolve it (that always works!), since it's just for fun i have to cope.

Is your spam declining?

[Kesch]

Is your spam declining? Having a hard time with your output? Have your old victims dumped you for spam blockers? Well look no further. V!@gr@ will have you performing at levels you never thought possible. Order today from the www.BigBigSpam.com, the cheapest source on the net.

I did try it and loved it

[Firehed]

I'm a bit more cautious, but I very, very rarely get spam as well. Of course, even my parents don't know my email address. Which is definately for the better.

Though back when I was on a "spammed" domain, Thunderbird nailed, I'd estimate, 99.5% of it. One message of spam a week making it to my inbox really didn't bother me.

In fact, I almost feel lonely now. Most of my new messages are forum reply notices or "you've been outbid". I don't wake up with a triple-digit list of new messages, even if only a single one of them wasn't spam.

It comes to knowing how to avoid it. Don't give it out to Vistaprint is a good start. I'm pretty sure they were the company that got me "on the books" for spam lists, as up until getting business cards with them, I got almost no spam. I'm a bit surprised my gmail is safe though, unlike my personal site, gmail isn't exactly unheard of by mass-mailers. I've gotten the odd random one (which doesn't even make to to thunderbird, as gmail filters it out of the inbox automatically), but in effect I've gotten nothing since having to switch emails back around September. It's like reformatting... you just purge out the old crap you didn't need enough to back up. I rather like being out of the loop. No personalized acts of general stupidity.

That was my mistake too

[Macka]

I remember when I first got my business domain some 6 years ago. I was ok for the first year. Kept it very quiet, only used it for business and I never got a single spam. Then one day I posted on Usenet and forgot to hide my address. I realised seconds after I'd clicked the send button, but it was too late. A few days later I got my first spam :-( Now I'm getting them at the rate of:

Today: 40
Yesterday: 35
Day before: 45

etc, etc. My Junk folder holds about a months worth on any given day. Before Xmas it dipped from around the 1000 mark to below 900 and held there. First time in ages, and I thought maybe it was finally lessening off. No such luck, its back up again to 1150 now. Arse!

Apple's Mail.app does a great job of filtering. Most of the time I don't notice the junk. But of late more with a specific style format (I won't describe it in here just in case) have been getting past the Junk filter. So I don't think its going down at all.

why not

[t_allardyce]

Email spam probably will die or decrease - its just starting to get old. People will realise that its not worth the hassle. What with spam filters, spam laws and people getting used to hating it, its slowly going to be less appealing to use. On the other hand there are a whole host of new mediums spammers can use - windows holes are a great delivery system for adware, and instant messaging is quite good - especially if a bot can trick someone for a few seconds, enough time to make the hit.

I'll agree

[Basilius]

Looking at my prismemail.com stats, my spam peaked in March 04 at 5682 pieces of spam. Things dropped significantly after that down to 1900 pieces in May 04, just two months later.

I've since dropped as low as 700 in a given month (Aug 05), but I have seen a bit of an increase lately.

I don't get spam.

[pxc]

The closest thing I get to spam is the Borders newsletter, and I signed up for that, and I actually read it. I just don't get spam. PS: I have Gmail, too.

Corporate email on Gmail?

[nwbvt]

You moved your business to gmail? As far as I know, Google has not come out with a corporate email solution. I hate to second guess your business decisions, but doesn't that sort of violate Google's Terms of Use? You know, the one saying "The Service is made available to you for your personal use only"? And add to that, I don't think Gmail has the security needed for business operations. Screw the fact that it makes you look unprofessional, it makes you look like you don't give a crap about security or business agreements, both of which make you look really bad to your customers.

My Adblock filters

[pinano]

I didn't even notice that TFA had ads. My Mozilla AdBlock filters are pretty minimal, too:

*.falkag.net/*
http://adserver./
*.atdmt.com/*
*.indieclick.com/*
http://adsrvr./
*.burstnet.com/*
*.tribalfusion.*
*.doubleclick.net*
*.loanweb.com*
*/ad.asp?*
*/ads/*
*/sponsors.*
*/advertise/*
*/adimage.php?*
*googlesyndication.com*
*personals.yahoo.com*
*/banners/*
http://ads./
*.valueclick.com/*
*.chitika.net/*
*/bannerads/*
*/marketing/*
*.adrevolver.com/*
*&adspace=*

24 filters, and I don't see more than 10 or 15 ads a DAY. I can't beat Yahoo, though, because they store their ads right in with the pictures for news articles and stuff. Keenspot uses the same dirty trick; I can't read some Keenspot comics without having to see Keenspot ads.

Re:My Adblock filters

[znx]

I'll admit to the fact that Adblock+NoScript makes for a combination that really does improve my browsing experience. Furthermore the likes of Greasemonkey is now allowing me to "improve" on the layout shape type and item of content that I view. It isn't long before my favourite sites are ad free, annoyance free and a real joy to browse. Recently I have started to move over to using a proxy to filter out the content, mainly because I am now offering my local net to friends and I wish to enhance their experience without them even knowing.

I think that the most important thing on any site is content, if I can't view the content without huge amounts of ads I am must less likely to return.

Oh and you might be interested in the Filterset.G, a present group of filters (some quite advanced in style) for Adblock http://www.pierceive.com/

Re:My Adblock filters

[PReDiToR]

This is pretty much the accepted standard for Adblock rules, Filterset.G.

The latest version is 2005-12-11a.txt, download it (Right click - Save link as). Open up Adblock (CTRL-SHIFT-P), go to Adblock Options, click Import Filters and browse to the file that you just downloaded and load it in. Appending the list is probably a better idea if you have added items to the block list.

really?

[Phil+Urich]

My own gmail account remains Free and Clear; I actually got one spam message ever on it, and I've had it for quite awhile now (and get quite a few e-mails and even subscribe to a few yahoo groups via it). And it's not like my e-mail address is that obscure, just my own first name followed by two other letters (and then the @gmail.com, naturally). The same could be said of my ISP e-mail address, or my university e-mail, or my hotmail/msn address, or even better my yahoo mail address which I fling around willy-nilly to sign up for things or whatnot whenver they require an e-mail address. And yet none of those e-mail addresses, all of which (except for my Uni one) I use astonishingly frequently and throw around all over the place, get any spam. Whatsoever. None. Except for that one gmail one (which ruined my perfect record, grr).

Note, also, that I turned off spam protection in hotmail, turned it off in yahoo mail, have none for my ISP one or my Uni one (both would only mark e-mail as spam instead of blocking it anyways, so I would know), and etc. Considering how high the signal-to-noise ration is, the possibility for false-positives understandibly outweighs the miniscule spam concerns I would have.

So what the hell am I doing right that most people seem to be doing wrong?

First off, none of my addresses are entirely intuitive or plain. No numbers even, nothing other than pure letters, but nothing that would show up unmodified in a wordlist or namelist (not even with good ol' "two random letters at the end of the string"). My sister has a gmail address of the same length as mine, but gets literally hundreds of spam messages every single day. The difference is that hers is her last name, while mine is my first name with two letters from my last; so hers is likely to show up in wordlists. That seems to be the kicker.

Meanwhile, my yahoo address seems to attest to the idea that signing up for things online won't get you spam, BUT the things I sign up for are message boards at places like BeyondUnreal.com or the official The Trews webboard or maybe to view some newpaper online (for those amnesiac days that I don't remember about BugMeNot). So nothing particularily sketchy.

In other words, as long as a person is relatively smart about how they handle their e-mail, they should be fine, 'tis my theory. This theory is not without major flaws, though, I'll admit. And furthermore, sometimes a person just wants a specific e-mail address, and it sucks then that it might just doom them to spam.

And further going down the questionable route of using my own personal experience as a scientific study, seeing as I had no spam until that one message, it would look something like this, starting arbitrarily in 2000:

2000 - 0%
2001 - 0%
2002 - 0%
2003 - 0%
2004 - 0%
2005 - 100% OMFG 2005 IS TEH SPAM APOCALYPSE
2006 - 0% (so far...)

So, in other words, I can prove anyone right. Parent? Sure, spam has
increased DRAMATICALLY in the last while. Naysayers? Bah, spam isn't
a problem! Etc. Ah, subjectivity.

Re:really?

[Nogami_Saeko]

I suppose the amount of spam that I get on my home email account seems to have gone down a bit, but there is still plenty coming in on Gmail - most of it gets caught in the filter, but the occasional one gets through, but even that gets filtered because I usually have my home email client check Gmail through POP3.

For my home system, I use POPFile (http://popfile.sourceforge.net/), which has a nearly perfect (99.34%) accuracy rating after using it for almost three years now.

N.

Re:really?

I work for the FDA, and last year, our email system stopped about a million spam messages a month from clogging our system. I don't think it's getting any better...

Re:really?

[ToasterofDOOM]

I have gotten very few spams, mostly from Indians wanting to send me their resume or some Nigerian telling me that our business relationship could earn me 13 million dollars (US$13,000,000) since his son was killed in the civil war. All the rest are is Spanish, or even recently some Portugese ones which want me to install a screensaver to see explicit exclusive pictures of the RFK assassination. I get so little Spam that I can take the time to read most of it for a laugh. Interestingly enough, I have never been offered viagra or anything of the like, or any product/service for that matter except for a Spanish diet ad.

Re:really?

[Bobartig]

I only started getting spam when I started sending emails to sales reps using PC computers full of virii. Before that, all my email correspondences were with mac users and conscientous PC users, and I had basically zero spam for years.

Nowadays, I keep getting this wierd spam full of cyrillic characters. Maybe a few a week. I have no idea what they're shilling (although I'd bet its related to viagra), no idea how to contact them, or buy what they're selling. ;(

Re:really?

[fingusernames]

So what? Your steps to avoid spam don't disprove that it is a massive problem, or that it is worsening or lessening.

I have had the exact same email address since 1990. It is just three letters long, and is plastered all over the place on Usenet from the 90s, various old web pages, mailing list subscription lists from before they were confidential. I receive about 1300 spam messages per day on average, every day. And that is AFTER the MTA (Postfix) eliminates a lot of spam through DNS blacklists, RFC and RDNS compliance checking, and so on. I'll be doing greylisting next.

I also help to run the mail system of an ISP. Spam and viruses, by far, are most of the email these days. By far.

Spam is a horrible disease on the Internet. It increases the cost to everybody, in bandwidth, the cost of staff at ISPs battling it, and in end-user time wasted on it.

Larry

Re:really?

[andersa]

I had basically the same story until I started "advertising" my email address on www and other places. I am talking about using my email address on usenet and on forums and other websites. Once I started doing that, the can was open, so to say and the spam started clogging up my inbox. I managed for about a year with kmails mail filters, but in the end they just couldn't cope and I turned to spamassassin.

Spamassassin has been 99% effective in sorting out the spam. Very few false negatives when the spam writers figure out a new scheme to fool the filters. The bayesian filters usually catch on pretty quickly, and blacklists help a lot too. Note that blacklists doesn't cause mails to bounce when you use spamassassin, it just counts positive in the evaluation of a particular mail if it comes from a known open relay.

I get a few false positives. Mostly a couple of obscure mailinglists that rarely send out stuff. Other false positives are notification emails from online shops. The "artificial" look of these emails sometimes sets off spamassassin's alarm bells big time.

Re:really?

[arivanov]

You cannot turn off SPAM protection on neither Yahoo nor Hotmail. Both use greylisting with positive feeback loop and per netblock statistics on their border. This cannot be turned of on a per recipient basis.

This approach alone kills 98%+ of all SPAM out there.

Speaking based on experience deploying it. It works (TM). If you one or more RBLS of relatively low viciousness like SBL+XBL and spamcop the SPAM goes to sub 1% of its 2005 level.

Re:really?

[dodobh]

Join the club. Abuse and postmaster mailboxes are hell for spam too.

Which DNSBLs are you using? And what header and body checks?

Re:really?

[kormat]

My own gmail account remains Free and Clear; I actually got one spam message ever on it, and I've had it for quite awhile now

Dude, it's just a junk email, let it go. It's not like it's a family heirloom, you don't have to pass your one junk email down to your children and your children's children.

Steve

Re:really?

[alan.briolat]

I have to say, I also have had very little in the way of spam in the past couple of years. Its mostly just a case of learning not to put your email address all over the damn place. Actually, the only spam I have had in the past year is people on MSN deciding to use my address for their annoying crappy "Sign up for this free service by referring 10 friends" things.

Re:really?

[mrmeval]

That's fine and dandy till some fucksmudge takes your email and broadcasts it on a mailing list to every Dom, Tick and Hiary out there.

Re:really?

[xoyoboxoyobo]

The major email services like yahoo, earthlink, & hotmail use filters before the mail even gets to you. Yahoo used to use Brightmail, at least before it got bought out. MS got in trouble once because they had their filters cranked too high and real mails were getting dropped.
Just because you don't see as many spam in your inbox/bulk folder doesn't mean that less spam is being sent. I'd wager that it's more a function of more spam being caught.

Re:really?

[qwp]

Hey, I know this guy that sells viagra real CHEAP!.. I know it cause he keeps telling me about it.. ~chris Awe, looks like you've been spamed on /. ;P

Re:really?

[Wikipedia]

Since its pop3, you can get that protection for hotmail yahoo and other web-based email with: http://mrpostman.sf.net/ and http://freepops.sf.net/

Re:really?

[ACMENEWSLLC]

My gMail account gets thousands of spams a week. Yes, thousands. I get 100% spam rate on it. This is because my gMail account is used for one thing only. Posting to newsgroups. Because of the posting via Google Groups, the account is in just about every spammers list. I have other accounts that get no spam because no-one knows about them. Others have been clean until directory harvest and figuring out how to bypass Thunderbirds blocking of remote images.

Re:really?

[superflippy]

I have had the exact same email address since 1990.
I actually stopped using my oldest email address for anything a few years ago, even though it's way cool, just because it became such a spam magnet. My main address is only 8 years old but it still gets quite a bit of spam.

Any address that's been out and around for a good long time is probably more likely to have been harvested. I know a lot more about protecting my email addresses now than I did back then.

Re:really?

[DiarmuidBourke]

Hi, nice post.
I have 3 email accounts, yahoo (yahoo.com), college (mail.dcu.ie) and gmail.com. I rarely use the yahoo account, I used to use it more often when I had a hotmail address, but I only used it for forums that were gimmicky and potential "spammer farms". I recieve the odd spam in that account, about 1 per week (very low, right?). Now that I have a gmail account, I rarely use the yahoo email. It's only with the last 4 months that I get the odd spam email in my gmail account from ebay phishers. (I don't have an eBay account. The emails were very frequent at christmas.)
My dcu college email is all forwarded to gmail and I get none on that account because the college filters out spam with spamassasin and other filters.
I'm not incredibly careful with my email addresses and if I'm asked by a website, I will generally give them my gmail address but, I will only give an email address if they state they will not sell it or spam me. I also opt out beforehand from any mailing list they have. This, I believe is what will prevent the majority of spam from reaching you. Thinking before Giving. ie: Don't go putting your email address on forums like this or CoolSuperForum.xyz, because these are farms for spammers. So if you like you can sum it up like this.
1)Does this site say they won't sell your email?
2)Is it a known business/company?
3)Don't post it on any forum.
4)Don't go signing up to porn sites or gimmick forums.
Following these will help you stay spam free.
Diarmuid.

Re:really?

[arodland]

On the flipside: I've got a gmail address that's been registered for a year or so, but which I've hardly ever used or given out. During the past month, the account received 70 pieces of spam that weren't filtered by gmail, and over 1800 pieces that were. That's 62 spams a day, and a 3.7% miss rate on the filter. Sure, people with addresses that they've had for 10 years get worse, but I still think this is pretty harsh ;)

Re:really?

[lamp540]

You don't get spam...that's great, but it has nothing to do with your own actions besides that you didn't do anything particularly stupid.

Re:really?

[Farmer+Tim]

you don't have to pass your one junk email down to your children

You mean those children he should be having with Ali and Ali's sister? http://homestarrunner.com/sbemail35.html

Re:really?

[0xC2]

The best way to get spam is to have a dictionary address with a popular isp/email provider. The following is a genuine bullshit re-creation:

3fr2gn78qn@gmail.com No spam!
dragonfly@gmail.com 18,579 spam emails and counting...

I always got in early (earthlink, yahoo, gmail) for that "designer" email address, thinking I was smart, now I'd like to switch to unguessable addresses.

lucky

I guess I've just been lucky having changed companies several times (and hence email addresses) and in the last 5-6 years always having at least two seperate email addresses. Spam has never been a problem for me so I just don't get all the fuss.

Instead of clicking their ads you could donate -nt

nt

Bad Attitude from Lack of Understanding.

[twitter]

An article praising Bill Gates' infamous attempt to charge everyone for sending email and points to a page that requires Macromedia Flash? Well, it's good to know what the other half thinks, I suppose. This guy lacks a clue about the origin and motivation for spam and clearly does not understand why it's a problem that will grow.

His "Oh, it's not so bad," attitude is unfounded at best and what you might expect from M$ or the DMA as they promote, "legitimate" spam at worst. Spamhaus tells us that there's still a big problem, despite steps that most ISPs have taken. The problem will get worse again as the spammers learn to get around those mostly trivial steps. It won't take much effort to read configuration information on broken Windoze machines and make them point to the ISP's SMTP to send mail like the end user does. In the mean time, the botnet continues spew network clogging spam, and DDOS and we all get to pay the price in slow networks and broken computers. It's not enough to sit smug behind your spam filters while the average user gets creamed. The nasties are strengthened and encouraged by that kind of attitude and they can get still you with a DDoS or Distributed Mailbomb.

Flaws in Microsoft's operating system are what enables the nasties. They have to be corrected or avoided to fix the problem. Until then, the botnet will be both a weapon and profit center at everyone's expense. No, the answer is not "trusted" computing or mail servers that waste your time with MENSA puzzles and collect a penny for Bill. The answer is fixing what's broken. Email works despite it's great abuse by a few idiots.

Spam is dead

[CFrankBernard]

God, BSD, and now spam?

640kb is all we need

[catzpjz]

spam gone in two year i wish, but then again that prediction is comming from a guy who said 640kb is all the ram u'll ever need.

Are you disagreeing?

[wardk]

Hey, if Bill says it's declining, it's $#@^&%#&^ declining.

get with the program

Spam never touches my permanent inbox

[bdwoolman]

I use Ultrafunk Popcorn, a completely textbased POP client, to vet my mail server before I use Thunderbird (or any other Mime enabled pop client)to bring in the mail. Popcorn loads in a snap. It only dowloads headers, unless told to do otherwise, so I can delete suspicious mails en masse with a few clicks. If I am unsure of something I never fear to open it since Popcorn lacks any of the decoders that transform the ASCII mail into nastyness. Even an open virus will sit there as text as far as I can figure. Anyway, Popcorn only opens the first fifty lines of any mail unless otherwise instructed. It leaves everything on the server, of course, unless deleted. And deleted is really deleted.

I do get spam because I am lazy and still post my real address on things from time to time. I tried Mailwasher (same theory) but I like Popcorn better. It can also be used in an internet cafe. Even more secure under this circumstance than webmail. Download, configure, check mail, delete whole program directory. It is green so no registry shadow. My hosting company uses Brightmail so not a lot gets through in the first place. Spam comes in waves it seems as new counter strategies get developed by the scumbuckets.

BTW I have no connection whatsoever to Ultrafunk, just a happy customer sharing his experience. Unfortunately I just found while creating the link that Popcorn is in eclipse. See the low down here: http://www.ultrafunk.com/

Latin quibbles

[WilliamSChips]

pop3 cum sendmail

Shouldn't "sendmail" be in the ablative? What is(or rather, would be...I don't think the Romans ran sendmail) the ablative of sendmail anyways? And actually, it would probably be better as an ablative of means(roughly "using", for those of us in the audience not speaking Latin), which would mean no preposition.

And finally, do you really think it's a good idea to use a Latin word which most English speakers, especially on Slashdot, will associate with sex? At least spell it as "cvm", this is for your own good.

Re:Latin quibbles

[lumbercartel.ca]

> ... At least spell it as "cvm", this is for your own good.

If you do that, the non-*nix crowd (yeah, yeah, deny it all you like) might assume it's a Unix command rather than a Latin word.

Re:Latin quibbles

[(1+-sqrt(5))*(2**-1)]

Shouldn't "sendmail" be in the ablative?

Classic; sendmail is in the ablative, actually. It so happens, though, that the ablative is invisible in English.

Sendmail, by the way, is missitabella in Latin; but I'm afraid cum missitabella isn't any more visible.

And finally, do you really think it's a good idea to use a Latin word which most English speakers, especially on Slashdot, will associate with sex?

That was at least part of my pregnant intent. ;)

Re:Technical Solutions solves all problems

[vertinox]

...no: there is no technological fix to ingenious asocial behavior.

Yes there is. It is called a gun.

And its application is a bullet to the head of the anti-social person given by the governmental authorities of the day. The anti-social person can no longer affect society and can no longer by pass any methods intended to keep him in check.

But of course there is a major moral problem with my suggestion and should never be taken as advice.

I'm just stating the theoretical situation in which technology trumps social behavior. Obviously, its an extreme and we don't want to be going around shooting spammers (even though I'm sure some of you want to) but eventually given enough technology you can prevent everything.

Or rather what I am saying is that all social and political problems can be solved with technology. It just depends on your application of the technology and how far you are willing to go with the application. I'll take a bit of annoyance with my freedoms though.

Are you sure he's dead?

[porkchop_d_clown]

Maybe he just needs some cheap drugs!

I know a site that can hook you up, guaranteed!

post-spam filter count

[chroot_james]

I'm sure the reporter was judging this based on spam in their inbox regardless of whether a spam filter caught it. I wonder if they even know about spam filters...

spam loves me

[sammcj2000]

i belive spam levels are on the rise, i recieve far more now than ever!

Only if filtered

[captaineo]

I agree that spam is on the decline IF you assume the use of a state-of-the-art filter. Modern filters have basically won the war; they bring spam down from "making email unusable" to the "very minor annoyance" they once used to be.

Of course the amount of spam traffic is higher than ever. But perhaps that will decline as more and more ISPs default to strong filtering, lessening the likelihood for newbies to get scammed, and thus the original motivation for spam.

I would be interested in an analysis of spam types over time... e.g. mortgages vs. Viagara vs. penny stocks vs. replica watches vs. phishing. Maybe that would provide a hint about which industries to invest in :)

Re:Only if filtered

[Steve+B]

I agree that spam is on the decline IF you assume the use of a state-of-the-art filter.

A combination of good filters and rational laws (i.e. treating the evasion of spam filtering the same as any other form of cracker break-and-enter exploit) would solve most of the problem. Given the latter, the former could be loosened a bit to minimize the risk of screening out valid e-mail because of false positives -- the filter would simply need to be good enough that no measure capable of actually beating it could possibly be passed off as an inadvertent trait of a legitimate mass mailing.

Micropayments for eMail

[lumbercartel.ca]

This couldn't be handled at the client's end reliably because that would defeat the whole purpose (not to mention being a target of all those SpyWare vendors) -- in order to prevent bandwidth waste, it would have to be handled by the server.

For this to work, servers would have to indicate the going rate for messages (either by size, number of recipients, number of messages, etc.), and then the sending system would have to either accept it and actually transfer funds before sending the message, or just abort the transaction. The sender could choose how much they want to pay for this "ePostage" before sending it, and then the server could handle it automatically.

The main problems I forsee with such a system are eMail lists (as someone else already pointed out), and automatically generated eMails from other services (free or otherwise) that the user has signed up for. Why should Google AdSense or PayPal or eBay have to pay to notify me that my contact information is invalid, for example (I'm sure a skilled con-artist can see obvious ways to exploit something like this)? And do the users also deserve a share of this income, or just the ISP?

In addition to that, a few technical matters will need to be resolved before anyone can start thinking about even implementing such a system:

0. A new protocol to replace SMTP will be needed (it's not appropriate in my view to add this to SMTP, which is based on a trusted model rather than a costed/financial model). The protocol could be exactly the same as SMTP, but with one additional step inserted immediately after the "HELO/EHLO" stage in order to reduce development overhead for everyone.

1. Automated micropayment transfer protocols will need to be available to these new mail servers, and high-volume servers will need to be set up by the various providers of these financial services. Features will need to be able to handle currency exchange in a simple manner. Dispute procedures will need to be very, VERY well thought out.

2. The potential for criminals to launder large amounts of money by setting high rates or just claiming high volume when it doesn't exist (and both sides indicating this to be correct) in order to facilitate transfers between one another would be of great concern to government and military organizations aiming to impede the funding of so-claimed enemies (e.g., mafia, terrorist groups, trade blocked nations, etc.).

3. Micropayment service providers will likely compete on such things as percentages (e.g., they keep 0.05% of each micropayment to help cover their costs), various service charges (including fees for dispute resolution), usage fees, monthly service fees, etc. Banks are well-known for these types of tactics, and these micropayment providers will likely earn the same notariety.

In the end it will all just end up being very expensive and time-consuming, and I suspect that people will simply abandon it in favour or reverting to SMTP again in order to save money.

It's an interesting pipe dream, but I don't see how it will catch on in our current global economic climate given the current costs of doing business.

Re:Micropayments for eMail

[Phat_Tony]

The whole purpose of stopping spam is to save bandwidth? I don't give a crap about the bandwidth. Even on my spamiest days, it only takes my client about a second to get my email. I think most people would be happy with a perfect spam filter on their computer, even though such a device would save no bandwidth. I care about my time and my inbox not being cluttered with crap, not the approximately 2k that most of my spam messages take.

At any rate, if the system were successful, it would still reduce bandwidth by a huge factor, because they'd stop sending spam if no one was getting it unless they paid.

The whole insurance model can't work server side, because the insurance isn't collected until the recipient evaluates it and, if they end up looking at the message, decide to collect the insurance.

0. As for a new protocol- why not just use SHTTP to verify and collect the micropayments? All the micropayment data goes in an attachment, there is no need to modify SMTP or any other protocol in any way. You just need to modify email clients to recognize and evaluate standard micropayment attachments. With some clients, this might just be done with plugins.

1. There's no need for any mail server to be changed in any way. They just do what they're doing right now, there's no reason for servers to be micro-payment aware.

2. I don't understand how there's any potential for anyone to launder money or rip people off by setting high rates. Say I set the high rate of $0.25 in my email client, and tell it to trash anything without an insured value of that much. I basically wouldn't get any email. Who gets ripped off? Say someone decides to insure their email for $1. Well, they could lose a lot of money if they send a lot of email and people collect, but who's fault is that? If you buy the $1 insurance, you're not getting ripped off when people collect it.

3. Well, like any other financial dealing you ever have, you should look at the terms and make a decision. People handle dealings like this with banks, cell phones, cable, utilities, credit cards, and hundreds of other things all the time. Yes, someone could get ripped off at some point, and they should probably have been more careful and should find a different provider. But just because, like in pretty much any business there's ever been, there's the potential for someone to be unscrupulous, I don't see that as a good reason to abandon a new undertaking. If it were a good reason, we might as well stop all economic transactions of any kind due to the potential of some form of shady dealings. There's no reason for this to be at all expensive or time consuming, unless you're a spam house, in which case it'll probably be very expensive and put you out of business.

C*al*s! XXX! Your PayPay Account

[qazwart]

Spam has been going down recently. I've noticed it. Problem ain't solved, but it isn't as bad as it once was. I chalk it up to the following:

* A few major spam court cases. Suddenly, there might be a downside to being a spammer.

* Filtering has made spam less effective with fewer people replying.

* People are more use to email and are less likely to respond to spam.

* Last, but not least: There is a self-regulatory process here. When there's too much spam, people, each individual piece of spam becomes less likely to be noticed. What are your chances of selling your junk if 10 other people have packed that mailbox with the same ad? Spammers drop out. This is where we are right now. Unfortunately, this tread won't last. Fewer spams means each piece of spam is more likely to get noticed and generate a response. Fewer spams means more people are starting to use their email. This makes spamming more effective which will attract more spammers.

I predict that we'll go through several waves of spam over the next few years as the amount of spam reaches its "optimal" level.

Must be true, FTC said so

[Lead+Butthead]

According to our tax-dollar-paid government agency, CAN SPAM act is working, so SPAM must be on the decline and we should all simply breath a sigh of relief and go about other business, there's nothing more to see or talk about on the subject of SPAM. (Can you smell the sarcasm yet?)

So in a week or so...

[bforsse]

...an announcement from Gates:

MISSION ACCOMPLISHED!

The world should no longer fear emails of mass destruction, the tyrannical rule of spam is over!

Increase and decrease on the spam-o-meter

[VX1984rr3]

Since about Sept. I've received about 50% more spam on my company account and about 10% of that is making its way through the spam filters (had a few this week already). So from that perspective I've seem an increase in spam. But my Yahoo account used to get 150+ a week in spam, that has trickled down to 10 or so. Gmail is the best with almost nothing, just a few and no adult or pron spam.

My email accounts

[RingDev]

about 4 years ago I dropped the email address Ringmstr666@hotmail.com. It was getting 200+ spams a day. Shortly before droping that addy I opened another hotmail account that I have been using ever since. My current hotmail addy is on all of my web registrations, forums, posted publicly on numerous forums and pretty well circulated. I get maybe 5 unsolicited spams a day.

I get good spam too. list activity, news letters, tech product offers (that I'm actually interested in), and Joel Spolsky's spam (although those ones I can't quite classify as "good".)

5 with a decent filter on my inbox is nothing to worry about. Spam might not be "dead" but it has been beat back quite significantly.

-Rick

The age of your address matters

[fab13n]

I got almost a third more spam in 05 than 04. I guess I exist outside the bell curve on this one.

Simply your e-mail address is one year older in '05 than in '04, which augments its chances of having been harvested.

To check the article's assertion, you should compare the amount of spam received in '04 on an address you started to use on year n with the amount of spam received in '05 on an address you started to use on year n+1.

1st mistake, listening to Bill Gates

[Locutus]

your 2nd mistake, thinking what he says has any truth to it. IMO, 99% of what he says is self serving trash and has been for the last 10+ years.

LoB

Re:Yes, New Year's

[cryptor3]

Me too. I think that on New Year's Day, at least seven spammers emailed me to wish me a more fulfilling and enlarged new year!

You're lucky.

[porkchop_d_clown]

I'm getting 20-30 spams a day that get through the server's filters. About half get through the spam filter on mail.app because of the collection-of-random-words method of masking themselves.

you can solve all the problems in the world

[circletimessquare]

just kill everyone

this observation isn't really useful, neither is yours

any government that acts as you suggest will gradually lose legitimacy in the eyes of the people that it governs. and then it's just a matter of time and creativity. sure, it might take a long time and it might involve a lot of suffering but a government that acts as you outline is doomed eventually. like i said, any technology can be overcome by enough committed individuals: where there is a will there is a way. no technology can defeat human creativity. simple logic: if a given technology/ protocol/ system was made by a human, therefore, another human can circumvent it/ surpass it/ destroy it/ render it ineffective.

as a corollary, this is why democracy is the only government that really works: it is the only government that manufactures legitimacy. all other governments, of whatever form, lose legitimacy over time. this is because the will of the people it governs are not periodically consulted. people are naturally distrustful. distrust only grows when people aren't consulted

democracy is messy and ugly and has lots of problems, but in terms of legitimacy and stability, it comes out on top. this observation trumps all of the negatives you can say about democracy, and so democracy comes out as the best form of government in the world, simply because all other forms of government are worse off in the aspects of government that matter the most: legitimacy and stability. a lot of other things matter in terms of making an effective and successful government. but none as much as these two

Re:you can solve all the problems in the world

American Democacracy has also spawned the largest and most frequent number of wars in history. The glorious USA has fought a major war every 20 years. There's other governments that haven't - and their people aren't suffering.

There's other systems out there Red White and Blue Boy.

Re:you can solve all the problems in the world

[Reziac]

"No population -- no popular unrest!!" -- Groachi saying [Keith Laumer]

Missed the Memo

[Reddragon220]

Apparently the 183 spam messages in my Gmail box missed the memo.

Re:Missed the Memo

[ObjetDart]

Apparently the 183 spam messages in my Gmail box missed the memo.

Maybe their spam filters blocked it?

japanospam

[m0u5y]

then why is my gmail inbox chuck full of japanese sex spam?

New form of attack

[Ex-MislTech]

I am seeing they are using a new form of attack via embedding spyware
on machines that force pop-ups/pop-ins .

Some of this new stuff even disables pop-up blockers, spybot, and
anti-virus software .

Firefox seems to work well against it for now, but they are making
flash and java based critters in the near future is the buzz .

Ex-MislTech

i already addressed you in my orig comment

[circletimessquare]

you can't solve a problem by just accepting the problem

you simply don't understand the nature of terrorism or drug addiction

the war on terror and the war on drugs has many problems, flawed initiatives, etc. i don't care about the specifics, i'm talking about the principles involved: there will always be malcontents who seek violence, and unconstrained access to highly addictive substances just results in a lot of addicts. those are hard, real problems. the principal of fighting these things is what i care about, not the specifics of the fight. you don't understand the scope of what i am saying if you attack what i am saying. don't ascribe to my words meanings i am not implying

there will always be malcontents who seek violence, and unconstrained access to highly addictive substances just results in a lot of addicts. do you deny either observation? then you don't understand what terrorism/ hard drug use really is

simply put, every single negative you can demonstrate about the war on drugs/ war on terror i accept and acknowledge. except that the negatives of not fighting these things is worse. that's really about the entire argument we can possibly have on the issue

bring up every single problem with the war on drugs/ war on terror you want, if you were smart, you would realize that rationalizing not fighting them doesn't make sense. you really just want to fight them in a different way. then you realize we don't have a disagreement at all, we are just proposing different policies to fight the same war we are on the same side of

except i don't care about policy, i'm talking about the principal involved. so if you think i am supporting gw bush, or you think i think marijuana should be illegal, then you don't understand what i am really saying. i'm not arguing policy, i'm arguing principal. get me now? don't ascribe to my position that i am defending something i am not defending. the principal of waging war on heroin or al qaeda is not the same as defending the actual policies of the bush administration. got me now?

welcome to reality: there is no such thing as route which hurts no one, only the route which hurts less people than the other route. not waging war on hard drugs/ terrorism is a route which actually winds up with more people hurt. if you don't understand that, you have no idea what terrorism or hard drug addiction is

therefore, you wage war on heroin, meth, cocaine (the highly addictive drugs ONLY... marijuana, lsd, nonaddictive drugs: these should be legal), and you wage war on terror (bush invading iraq might be called part of "the war on terror", but again, the specifics of a flawed policiy don't matter to me, it's the PRINCIPAL of opposing terrorism that matters to me: you have to take out the trash, or it just accumulates and stinks up the place)

i'm merely demonstrating to you simple maintenance issues, police issues, involved with maintaining civilization. it's just taking out the trash. it's mundane, and there's no way around these tasks, unless you want your house to gradually fill up with garbage (just remove a problem by not calling it a problem, as you suggest) or do nothing that makes garbage, and therefore not really live (the all-out war that believes you can kill a problem completely without utterly hobbling and impoverishing the existence of good people who have nothing to do with terrorism and hard drugss)

do you understand me now?

Re:i already addressed you in my orig comment

[misleb]

you can't solve a problem by just accepting the problem

Apparenly you don't solve it by going to "war" with it either. I'm not talking about acceptance. I am talking about doing what you can, but at a certain point recognize that you can only do so much before you are doing more harm than good.

there will always be malcontents who seek violence, and unconstrained access to highly addictive substances just results in a lot of addicts. do you deny either observation? then you don't understand what terrorism/ hard drug use really is

I understand that the magnitude of such problems are influenced by certain social and cultural conditions. There are conditions that tend to lead to drug addiction and terrorism. They dont' just come out of thin air for no reason. Sure, there are SOME people who are just "anti-social" and tehre are SOME people who who are just prone to drug addiction, but a significant portion get involved with these things for reasons that can be addressed without going to war with them.

simply put, every single negative you can demonstrate about the war on drugs/ war on terror i accept and acknowledge. except that the negatives of not fighting these things is worse. that's really about the entire argument we can possibly have on the issue,

Look, I'm not saying we shouldn't address theproblems. I'm just saying that "fighting" them isn't necessarily the answer. It is not difficult to see that many of the problems with drugs are CAUSED by our "war" attitude towards them. Do you understand the implication of the word "war?"

therefore, you wage war on heroin, meth, cocaine (the highly addictive drugs ONLY... marijuana, lsd, nonaddictive drugs: these should be legal), and you wage war on terror (bush invading iraq might be called part of "the war on terror", but again, the specifics of a flawed policiy don't matter to me, it's the PRINCIPAL of opposing terrorism that matters to me: you have to take out the trash, or it just accumulates and stinks up the place)

Sure, you have to take out the trash. But starting a "war on trash" would be ridiculous. Just take it out. No need to turn it into a battle between you and a bag of rubbish.

-matthew

Re:i already addressed you in my orig comment

I think the only way you two can resolve your arguments is by having a war. The survivor wins.

Re:i already addressed you in my orig comment

And the route that hurts the least people is to:

* Treat drug abuse as a health issue
* Treat terrorism as a criminal issue
* Use filtering and criminal prosecution to deal with spam

The war on drugs is a colossal failure. It has not stopped drug abuse, it has pushed addicts from the health professionals that they need to consult, it has jailed large swaths of the population, it has driven up sentences for real crimes to ludicrous proportions, it has all but destroyed the fourth amendment, it has enriched drug smugglers by artificially limiting supply, who then use their monopoly profits to kill policemen, it has not even mitigated the problem of drug abuse.

The war on drugs is a colossal failure.

"They kicked our butts"

[TheCarlMau]

Notable misjudgments include the rising popularity of open-source software, epitomized by Linux, and the success of the Google search engine.

"They kicked our butts," he said, while promising a better next-generation Internet search engine from Microsoft, due as early as next year.

Yeah, you can say that again.

CmdrTaco

[wicka_wicka]

Curve breaker!

Spam Free for Two Years

...since I got server-side SpamAssassin and Thunderbird working for me.

the number of spams is not important

[alonsoac]

I have no statistics of how many spams I get each year because I don't care to count them. However I can recall how much annoyed I have felt, and I can tell you that I am similarly annoyed with spam this year than last one. The only recent development worth metioning is that local spam houses have popped up here in my country (Costa Rica), but they are not particularly annoying.

Another way to measure it is the compexity of the anti-spam infrastructure. That has centainly increased for me since last year. I manage a dedicated server, and if I had to reinstall all the spam software that I have running today it will take me a lot more time than it would have taken last year. I now not only have spamassassin, but now I have to take measures regarding secondary MX and also now I have an antivirus running. I'm sure it will only get more complicated with time.

Too many email accounts!

I would say I'm behind the bell curve too, until I start thinking about the dozen or so email addresses I have all funneling into my unified inbox. If I broke it down to how much spam per email I'd have to say that I'm at least not doing worse than I have been in the past.

Ya, he promised that for MSN users, not the rest..

[Zantetsuken]

if you are still unfortunate enough to be stuck with Yahoo, the ungodly AOL, or a half dozen other e-mail providers, including MSN that is supposed to get less spam now due to whatever M$ did - find somebody you know that has a GMail account (for those of you who dont know, GMail = Google Mail) and bug the hell out of that person until they send you an invitation email to let you register for a free Gmail account. I've had virtually NO spam using Gmail - I used Yahoo mail before, and yes, it has improved, but I still most of my messages were spam - now with gmail, the only thing that makes it through are automatic responses from /. and site registration responses.

declining by # or declining by %age

[krunk4ever]

Yet the amount of spam seems to be declining. Postini (www.postini.com) keeps real-time data on the amount of spam it stops. A few years ago, it said spam made up around 80% of all the email circulating. When I looked last week the figure was about 60%.

At first I assumed he was only couting spam that made it past the spam blocking softwares, but as it appears his theory is proven based on a different set of assumptions and facts.

His entire article bases on the fact that the % of spams from all emails caught has dropped. This can mean one or more of many things which only follows his theory.

1. Spam has actually decreased
2. Spam has found ways to avoid being detected
3. The volume of email has gone up, with more actual email while spam increased at a slower rate

Honestly, I'd like to see more statistics and figures to decide how spam has changed in these past few years. Just by looking at #s from one company and what percentage they've stopped isn't enough to say much in my opinion.

Bill Gates lacks human empathy

[weierstrass]

If you look at his proposed solutions way back when, they seem quite bizarre now - micropayments / microforfeits of computational time to a problem that has now been largely solved using combined machine/human intelligence eg Bayesian filtering etc.

Bill Gates seems to lack a real understanding of how people think and work. For him technical solutions come so naturally he seems to miss the human side to questions like this. Look how MS were blind to the potentials of networked communication in the mid 90's.

People say that he is a genius. Not just a 'real smart guy' but the likes of newton, da vinci.. Sometimes I wonder if people like that really think completely differently to everyone else, or if they just think they do since other people seem so backward to them, at least in certain areas.

I believe it.

[volpe]

spam has passed its peak and is now declining.

For me the peak was two weeks ago when I received 30 emails a day from the FBI and the CIA telling me I visit illegal websites.

What if...

[TheSpoom]

What if I'm greedy and take all the insurance payments for anyone sending me any email?

Could add up to at least a morning coffee, y'know.

Wierdly, CAN-SPAM is working. But not as expected.

Much of the improvement, surprisingly, is due to the CAN-SPAM act. Yes, it "legitimizes spamming". Yes, it's too weak. Yes, it overrides state law.

What CAN-SPAM does do is make it a criminal offense to forge headers. As a result, spam from any "legitimate business" is easily identifiable from the header. So it gets filtered out.

This wasn't what the Direct Marketing Association expected. But that's what happened. As a result, the spams from legitimate businesses don't get delivered, and that class of spam is dying out.

This leaves the people who forge headers. They're now criminals. They've been forced out of legitimate web hosting services onto "bulletproof" web servers in marginal countries. They can't send directly any more, or their connection will be pulled. Most of the open relays have been plugged. They've been reduced to spamming through zombies taken over by viruses. This means they're committing felonies, and jail is a very real possibility.

That's why spam is declining.

Useless is right!

[Penguinoflight]

Just because you didn't have to click the delete checkbox by each and every spam doesn't mean they are not an irritation. Every piece of spam that goes to your account (inbox or spam) is a load on the server, of course that's google/yahoo's problem now. Don't underestimate the power of entropy, and remember there is a tiny chance legitimate emails are being filtered.

Gmail Filters fooled.

[Israfels]

I recently decided to try and stop the sudden increase in spam that I'm getting on Gmail by creating a filter that moved all emails containing "CIALIS" to the trash. Needless to say, it didn't work. I'm not sure what they're doing to make a simple word get past a word filter. Especially against Google who seem to be masters of word recognition. Any ideas?

My spam level has been decreasing...

[cparisi]

In the past year or two I have had much less spam.
Now I just get Deviled Ham. (ha ha)

But seriously,
Earthlink does a great job filtering out the spam. I go some days with no spam at all.
At its peak I used to get 50 or more a day...

Spam

[Z34107]

I've had my current, free netscape address (look above) ever since I was 11 - call it about 5 years. (The mathematically inclined amongst you may be able to guess my age now!) Although a Hotmail account I held briefly got the occaisional spam, I actually never got spammed on my netscape. For a bit over a year now, I've had a secondary college address, which has also received no spam in the year it's been active.

I must have existed outside the bell curve since my pre-teens.

Re:Spam

[lintux]

Instead, right now many people use the netscape.net domain for forged source e-mail addresses. So actually, I'm surprised you don't get at least a couple of bounces a day...

Re:Yes, New Year's

[(dp24.biz)+Denis]

You too? :P

Barracuda networks spam appliance did it for me...

[Hyperx_Man]

Once I installed my barracuda networks spam appliance, I don't get any spam.

Better depending on how you see it...

[joshjoneswas]

The real questions would be:

1) Are email servers still getting more and more spam? I'd bet that they are, indeed.
2) Are we, the users, getting more and more spam with the implementation of better filtering? My answer to that is no and I still like to use Yahoo. I even use my email address for alot of risky things online and still have managed to train the SPAM filtering on Yahoo to a great degree.

So what do they mean when they say it is getting better? Less spam is ultimately getting to inboxes or less spam is being sent in the first place?

I get the most spam from MSN/hotmail

[bgalbrecht]

If Microsoft wanted to kill spam, a good start would be for them to run spamcheckers on all their outgoing mail. 80% of my email that SpamAssassin marks with 90% or higher probability of being spam through bayesian analysis is coming from MSN or Hotmail (and I've never seen a false positive).

Re:I get the most spam from MSN/hotmail

[Robert+The+Coward]

And you confirmed by looking at the header that it actually came from MSN / Hotmail as I can say I can't remember seeing spam coming from IP address that used MSN or Hotmail or Microsoft in there name as well as yahoo or gmail as well. I get lots of spam to calm @hotmail.com / @yahoo.com / @ebay.com and I am starting to see @gmail.com some. But none actually seems to come from there servers.

Re:I get the most spam from MSN/hotmail

[bgalbrecht]

Oh, it's definitely from MSN/Hotmail. My mail server reports that it received them from XXX-XXXX.bayNNN.hotmail.com, and they contain the X-Originating-IP and X-Originating-Email headers that are always in real hotmail/msn emails. I've been too lazy to auto forward these messages to report_spam@msn.com, but it's on my list of things to implement when I'm bored. I rarely see hotmail forgeries, probably because they usually don't get past my greylist filter.

This morning, my bayes_99% folder had 6 true hotmail spam, and one from tin.it.

I wouldn't notice...

[localman]

I've been using the bayes option on spamassassin for the past several years, and I get just about no spam in my inbox. And I get over 500 per day in my spam folder. I get maybe one or two false positives a year, usually business email that I actually wanted. I train on ham and spam regularly with a script. I tweaked the scores of the bayes tests to be more extreme than the default. I don't even think about spam any more.

I think the key is training on personal email, as opposed to doing something systemwide. And with spamassassin, you've got to boost the bayes scores. Here's the important part of my user_prefs:

required_hits 5

# I don't want spamassassin to mistrain my filter!
bayes_auto_learn 0

# I'm going all out with this Bayesian stuff:
score BAYES_00 -2.0
score BAYES_01 -2.0
score BAYES_10 -1.0
score BAYES_20 -1.0
score BAYES_30 -1.0
score BAYES_40 -1.0
score BAYES_44 -1.0
score BAYES_50 5.0
score BAYES_56 5.0
score BAYES_60 5.0
score BAYES_70 5.0
score BAYES_80 6.0
score BAYES_90 6.0
score BAYES_95 7.0
score BAYES_99 7.0

But you 've got to train it a lot first... after that the maintenance is easy. So as far as I'm concerned, spam is solved. Maybe not for everyone, bur for me.

Cheers.

Huh??

[Eggplant62]

Based upon my logs and those of two other machines that I do mail admin for, I'm not seeing that at all. If anything, there are more infected Winboxen out there than ever before, spewing tons of trash, and it's usually the Russians, Soloway, or some mysterious spammer hosted in a block of Chinese servers, all sending via these compromised Winboxen. If anything, my numbers are down at home, though that's because I can be a bit more restrictive about my firewall rules. Spamassassin is doing a very good job at filtering a large majority of this drek.

Media Bubble

[professorfalcon]

I got almost a third more spam in 05 than 04. I guess I exist outside the bell curve on this one.

Nah, you just live outside of the media bubble.

Re:Technical Solutions solves all problems

[Reziac]

That's actually a pretty good parallel to the notion that if only some ubertechfix were forcibly applied to every compromised system, all the ills of the internet would magically go away.

As I've sometimes put it, "Enough duct tape silences anyone."

Better tactics

[LiquidEdge]

Spam has become less a piece of mail in my inbox that my filter is trying to block and more about me having to waste (more) time on Friendster or MySpace denying requests from people that are suddenly interested in my hot sex.

The War on Spam

[xanadu113]

We won the war on Spam according to Bill Gates,

Just like we won the war on terrorism, according to John Ashcroft...

How Lucky You Are To Get Mail In English

[patio11]

I keep three email boxes -- work (also has my old college address forwarding to it, for business/professional/family use only), gmail (general use, except I give all US-based or English-using websites this address), and yahoo Japan (general use, except I give all Japan-based websites this address). I get zero spam at work in my inbox because the address is non-published, and all of the spam comes to my university address where it gets munched by Spamassassin and spat out by Thunderbird. I've never gotten a single spam at gmail in a year of using it. Yahoo, despite everyone telling me "Their filtering is great, gets almost as much as Google", is *buried* in spam every time I open it, all very sickeningly spammy content in Japanese (can you imagine an email saying, in plain text, "Local girls want to meet you tonight to have SEX! Join our matching site, only $10 a month!" getting through your spam filter in this day and age? Thats what all my spam looks like -- they don't even bother trying to obfuscate.) I can only assume that this is because yahoo and Thunderbird's content analysis breaks down on Japanese... probably for lack of a decent segmenter for languages which aren't written with whitespace. Someday I've got to take a look at Thunderbird's filtering and see if I can't improve it a little bit. I work at a technology incubator in Japan and when they say, "Hey, patio11, got any ideas for what you would do if we gave you a lot of money?" I've got a pretty good idea :

1) Take Spamassassin
2) Make it work in Japanese
3) ???
4) Profit.

Re:How Lucky You Are To Get Mail In English

[havill]

http://www.unicode.org/reports/tr29/#Word_Boundari es

Its ability to pick out words in Japanese is pretty primitive (relies on the transition from katakana to kanji/hiragana and the transition from hiragana to kanji), but (the spec) works relatively well.

You need heuristics for Chinese though.

Re:How Lucky You Are To Get Mail In English

[milimetric]

"Hey, patio11, got any ideas for what you would do if we gave you a lot of money?"

Ok, where do you work and how can I get a job there? I'm a very bright young programmer and I would love an opportunity like that.

Re:How Lucky You Are To Get Mail In English

[LubosD]

75% of spam I get (on gmail.com) is in Chinese. I totally don't know why - I don't visit and register on Chiniese websites and I don't speak Chinese.

But I am quite happy because all this crap gets filtered by gmail.

You're the exception

[Eric+Damron]

You're the exception. The problem is that once a spammer figures out that your email address is a live one, it'll be added to more and more lists. So you got 10 last year. That's great but this is only January and I'll bet that by the end of this year you'll have a hell of a lot more than 10.

I didn't get any spam for a long time but they finally snagged my email address and now the only thing that keeps my email usable are the advanced spam filters.

Story is true but phishing is on rise

[Ilgaz]

I was checking Spamcop's (my mail provider) parent company Ironport www pages yesterday.

Spam is dieing as you can see at http://www.ironport.com/toc/toc_spam.html

I think phishing by zombies are in rise.

http://www.antiphishing.org/ report available in pdf http://antiphishing.org/reports/apwg_report_Nov200 5_FINAL.pdf

BTW if you report spam, reportphishing@antiphishing.org is a good CC: target.

what was that?

[circletimessquare]

an argument against democracy? please, by all means, attack america, say you hate the usa, what do i care? where did you hear me defend the usa? i'm not talking about the usa, i'm talking about democracy. do you understand the difference?

Whose titling these stories around here?

[psu_whammy]

Spam dead? Could someone explain to me how spam reaching a plateau and slightly declining from that plateau constitutes the death of spam?

Last I checked, a zero value is not the same as a first derivative evaluating to zero.

Fix spam problems by moving to GMail? O RLY?

[Hobart]

My spam in the past 2 months is less than I had 10 years ago. I post my main address unobfuscated on /. and 25 other public forums. My signal to noise ratio is 100:1. In 5 days I received about 200 real e-mails and 3 spam. I moved all my employees and family to gmail. Try it, you'll love it.

Sounds fantastic.

Except.
GMail has no defenses against spammers who send out their spam-blasts with your GMail address in their forged "From:" field.

I've (twice) opened up tickets with GMail on this issue and gotten no human response. I've posted in the GMail help forum on two different occasions, no response. (I also saw at least two posts per week of people who were having the same issue asking for help/advice -- so it's clearly something they're aware of if they skim those forums.)

Since there are less than 20 file formats for bounce messages in common use (Sendmail's, qmail's, Exim's, etc), it would be trivial for them to flag bounce messages separately -- (they're already flagging phishing messages separately from other spam.) Until they do something, I still get an average of 10 spam a day to my Gmail account. (This started a few months after having the account, when I posted my unobfuscated GMail address on my homepage.)

--
Slashcode bug # 497457 - unfixed since December 2001 - Go look it up!

Has Netcraft confirmed it?

[mzungu]

Had to be asked.

--
This sig intentionally left

both ?

[this+great+guy]

I am a man or a woman, whichever you prefer.

Can you do both ?

Spam has not been a problem for me for over a year

[wheany]

Bayesian filtering, specifically POPFile, has made spam pretty uninteresting to me. I check POPFile's logs about once a week, but it's just not very interesting anymore. I still get several dozen spams a week, but none of it sees my inbox.

This has pretty much been the situation since the late 2004. People said that spammers will find a way past statistical filters, but that hasn't happened yet.

Re:Technical Solutions solves all problems

[Vellmont]

Or rather what I am saying is that all social and political problems can be solved with technology. It just depends on your application of the technology and how far you are willing to go with the application.

Well, I guess if you count destroying the source of the problem through murder or suicide, you're correct. How do you solve any problem with technology? Shoot anyone who thinks the situation is a problem.

While you're technically correct, you've really stretched the definition of "solving the problem" to the point of absurdity and pointlessness. This serves no end other than making it obvious the problem wasn't rigidly defined.

"Spam is dead! And no one cares..."

[Bushido+Hacks]

"Spam is dead!
And no one cares!
I there is a hell!
I'll see you there!"
--Heresy from The Downward Spiral by Nine Inch Nails, sort of.

RE: Periods

[thePowerOfGrayskull]

Dude... the comment was good, and while I don't agree with it, it was interesting. But the reason I'm writing is... well, for the love of Dog, man, learn to use periods!

Someone's gotta say it....

[suwain_2]

Mission Accomplished!

Wierdly, CAN-SPAM is working. But not as expected.

[Animats]

Much of the improvement, surprisingly, is due to the CAN-SPAM act. Yes, it "legitimizes spamming". Yes, it's too weak. Yes, it overrides state law.

What CAN-SPAM does do is make it a criminal offense to forge headers. As a result, spam from any "legitimate business" is easily identifiable from the header. So it gets filtered out.

This wasn't what the Direct Marketing Association expected. But that's what happened. As a result, the spams from legitimate businesses don't get delivered. Attempts to get around this "problem", like Bonded Spammer, didn't really catch on. So spam is almost useless to legitimate businesses now.

This leaves the people who forge headers. They're now criminals. So they've been forced out of legitimate web hosting services onto "bulletproof" web servers in marginal countries. They can't send directly any more, or their connection will be pulled or IP addresses blocked.

So now they have to find some illegal way to send spam. Which is getting harder. Most of the open relays have been plugged. They've been reduced to spamming through zombies taken over by viruses. This means they're committing serious felonies, and long jail sentences are a very real possibility.

Spam is now a branch of organized crime, not marketing. And it's highly visible organized crime, which makes it vulnerable. It's not that hard to follow the money. We need to push for more law enforcement priority in this area.

That's why spam is declining.

Spam ended...

[-noefordeg-]

the day I started using Dspam ( http://www.nuclearelephant.com/projects/dspam/ )

Guardian not Observer

[davorg]

Actually the piece was in the Technology supplement of Thursday's Guardian newpaper. The Observer is a Sunday paper.

Dave...

the advent of spamassassin

[DragonTHC]

you haven't noticed because you're not using adequate spam filtering.

this is an illusion though.

80% of the traffic on my email server is spam.

regardless of closed relays, spamassassin and SPF implemented.

it's alot easier to send 500,000 emails than it is to block them.

Re:Yes, New Year's

[wasudeo]

And this friendly guy in Nairobi gave me a new year gift of a million dollars.

SPAM solution through personalized rcpts

[eelko]

Okay, here's quite a fancy approach to get rid of SPAM, I suppose. I haven't found a way that spammers might get around this one.

First of all, all your email will be pased through a qmail setup. With qmail you can easily create new virtual accounts under your own account. Is your account john@spamkicker.com, you can set up john-iscool@spamkicker.com or john-has_a_bad_day@spamkicker.com etc etc

When John sets up his account under his domain 'spamkicker.com', his initial email address will be john@spamkicker.com
This email address will NOT be used by him personally. This account is the spam-lure. You'll see why...

Now, when John wants to contact his girlfriend Andrea at Hotmail, a new virtual email account is created with her hashed email address in it. The emailaddress will be john-EgFuas@spamkicker.com The EgFuas-part is a hashed index pointing to Andrea's email address inside John's contact list.
  Every time Andrea answers an email from John, she'll send it to john-EgFuas@... Qmail sees this rctp address, checks to see if the mail-from is correct (the hash says it's andrea; is it really from her from-address?) and if so, qmail puts this message in John's inbox.

Now, if someone new tries to contact John, he'll email to john@spamkicker.com
Qmail detects this email, and replies immediately with a question that John has set up: "Please go to my website at www.john.spamkicker.com and tell me my dog's name in the subject of your email"
  (Of course any other question could also work, like "how much is three plus 3?")
  This email is returned to the sender. Once the sender has replied to that correctly, the sender is given a new hash and his original email is put in John's inbox. The address is considered valid.
  Spammers don't reply to email. In fact they don't even receive it. So there's no way (or very,very little way) that this scheme for new-contacts would be compromized by spammers.

Now, what if John wants to send out one message to a couple of his friends? Surely he can't use his hashed-email account -which is personalized- for a group of friends?
  Indeed, he cannot. But as John is the one who's initiating this, he is also the one who can create virtual accounts for this specific group. He won't even know it of course, cause his email program will create a new hash to which all recipients of this group can answer. Noone else.

  If a spammer would catch email addresses off the net, he would also need to fake the sender's email address correctly. This is virtually impossible nowadays; spammers don't harvest these combinations of email addresses.

  It looks like a fail-safe system to me. There's only one catch: if someone else sends out a group-message, John will receive it on his personalized account for that person (john-EgFuas for Andrea). Still, if someone else in that group does a group-reply (with all CC's in it), the john-EgFuas account should accept emails from that group too, at least for the time being.
  As Andrea has been marked as 'okay' (she's hashed) I think it's fairly safe to accept everybody on her CC-list as temporarily-okay.

  But as far as I can think, that's the only catch there is to this system. It can be done virtually transparent to the user (John, Andrea) and it catches all the shit that's send to John by either:
  - incorrect recipient to the hashed email address
  - no reply to the question-mail for newcomers

  Can anybody think of a way to trick this system?

True

[ebooborg]

i will agree with the author

i have 2 gmail adresses one public, one private

i forward all emails from the public to the private

and to be honest i only get 1-2 spam messages a week and they all end up straight
  away in the spam box

Re:Different things.

[SolitaryMan]

While I generally agree with you, I wouldn't put "spam/ drugs/ terror/ pedophilia" in the same line. There are key differences between spam/terror/pedophelia on one side and drugs on the other: drugs have sellers and customers -- both of them benefit from business in some way, while spam, terror, pedophelia is more like a violence of some sort.

Re:I track my spam

[bussdriver]

2003:9,000-10,000 (don't remember exact)
2004:11,000 (don't remember exact)
2005:20,764
I've had an unfiltered account for years (client side filter, but i still keep them for a year.)

Within a month of the can spam law starting I noticed a large increase in spam. I don't know if it was related, but since then its been almost double.

Re:Yes, New Year's

[cryptor3]

You mean Nairobi, Kenya?

Even Microsoft employees get spam

I work there and I get spam so I can share the pain.

I also get the usual "Congrats on exiting a milestone" then 10 managers following him saying "Yeah what he said"

Thats almost worse than spam :)

Reductions in Spam

[Exter-C]

I have been system administrating several large scale email servers with around 50,000 users or so in total. During the "spam peak" we would have over 400 spam emails a minute being marked which was around 60% of the total email volume through that period. Now we are seeing around 60 emails a minute with more users and domain names on the system than before. However statistics are not everything. If we look more closely at the stats we see that while we would have an average of 400 emails per minute as spam it would peak up to several thousand a minute at times and sometimes it would be less than 20-30 spam emails a minute. While now we are almost flat lining at around 55-65 spam messages which means its not as big a drop as would have originally expected but it is still a drop. One of the issues we also note is that many of the cable providers are now blocking port 25 which was traditionally a large percentage of the traffic spam on our service.

Why not using tempory e-mails ?

Why are you throwing your gmail address everywhere and not using some free temporary e-mail aliases ? (Such as spambox, jetable, or your own).

Peaked?

[Don_dumb]

Crude Oil has or is just about peaked. I don't see many companies or governments publicising that statistic much. It seems that the article contradicts the findings anyway. They say that there is a reduction from 80% to 60%, but actually the justification is that there are so many filters in place now. It is a bit like looking at the park, noting that not so much litter is lying around anymore and saying "people are dropping less litter", when actually there are just more litter pickers working in that park. - People may well be dropping more litter.

Spam capitalization (not $$$ :))

[chrj]

It's spam or Spam. Not SPAM.

You've gotta be kidding

[patbernier]

Spam declining? You've gotta be kidding.

Last October, as I was in the process of fine-tuning my SpamAssassin installation, I took the time to compute some stats to get a better idea of the big picture. The results?

Between November 11, 2004 and October 9, 2005, a bit less than a year, my mailbox had received 95708 confirmed spams.

On the other hand, in the last week of October 2005, I had received an average of 419.42 spams per day. Take that number and scale it to a year: 153193 spams per year. That's 60% more than before!!!

Given, my mailbox might not be a "typical" one, since I've been using the same address for over a decade, and it's all over the place (for example, in several WHOIS records), and I will admit that the spam that actually makes it to my mailbox has declined — the various tools I use to filter my mail keep improving, and I give them a good tune-up once a year or so — but with these numbers, I really don't see how anyone could claim that spam itself is declining... yet. It's the anti-spam tools that are improving. Or maybe spam is getting easier to detect, because "we've seen it all" already? Of those 95708 spams, 97.4% scored above 99% on a Bayesian analysis. Combine this with a few other methods, and I rarely see more than a spam or two in my inbox. And I haven't ever had a single false positive (yes, I check them all... once in a while... which reminds me that I'm overdue...)

Oh, I forgot to mention that those numbers do not include any viruses that have been silently dropped by ClamAV before ever making it to SpamAssassin. Nowadays that includes some phishing spams too.

dead huh?

If spam is dead, the the necromancer sending it to my inbox every day is doing an outstanding job.

FTFA

[thesnarky1]

Spam hasn't been solved.

Well, that answers that question... note to self, never write any self-negating articles.

A possible solution

Your post triggered an idea.
The email client, or the recieving server, should trigger an alert if the email-sender is unknown (not in your address list for example) just like IM clients do.

"Incoming email from ted.sells.crack@buyme.ru, but the sender is not on your list. Would you like to or ?"

Think about it as the communication between a DHCP server (lets say a router) and a DHCP client (a PC).
This message would be triggered *before* the email itself is delivered, in other words; the sending server must wait for confirmation from the recieving server before sending the email.

Is this possible?

P.S. Maybe I should patent this idea :-) /Jowi

Forwarded accounts

[nickyj]

Spam is rampant still. My old college account remains active and is forwarded to my gmail account and I get about 20 a day.

Gmail !

[iOsiris]

If anyone is killing spam its Gmail and not my Hotmail account with still 270 and counting messages..

bell curve

[elliotCarte]

I got almost a third more spam in 05 than 04. I guess I exist outside the bell curve on this one.

Actually, wouldn't this put you in one of the tails of the curve (upper tail), not outside of it? I'm just sayin'.

Re:Ya, he promised that for MSN users, not the res

I do maintain an AOL account for nostalgic reasons.

*pause for cries of herecy and such*

Anyway, the majority of the spam hitting my mailbox has Chinese characters in the title...which, unfortunately, AOL's custom word list refuses to accept. I think this is the first time I thought "damn, why aren't they using Unicode?" Seriously, what the hell is the hold up?

Decreased ratio vs decreased amount

The author writes..."Yet the amount of spam seems to be declining. Postini (www.postini.com) keeps real-time data on the amount of spam it stops. A few years ago, it said spam made up around 80% of all the email circulating. When I looked last week the figure was about 60%."

This doesn't prove that spam is declining, it just shows that the ratio of spam to overall email traffic is declining (according to Postini's numbers). If the number of email messages grows at a rate greater than the number of spam messages, the percentage of spam would appear to decline, even though the number of spam messages could be ingreasing. It could also mean that more spam is getting through Postini's filters.

Canned Spam

[plaid_piper]

One word... Spambayes (http://spambayes.sourceforge.net/) In 5 months at 250+ messages per day, it hasn't made a single error. And this was done with training only 20 messages as good or bad. My brother has been using it for over 8 months on two domains to the tune of 1500+ per day... and not one error.

But in response to the article, yes spam is a problem. And no, you're not the only that has noticed.

Run a trace to find the originating IP, attempt to confirm identity, try to isolate an address, then send the contents of the spam folder to them (auto mail can be useful.) Nobody likes getting 8000 spam in one day.

ad-block, javascript, javablock

[smittyman]

are my kung-fu...and it is strong. Na banners, scriptkiddie pages irritating flashy movies no nothing, except for the information I was looking for, loads faster too.

Oh and even the pages of electronic banking are working with this :D

Just 1 site is not working, the M$ upgrade site for my gaming computer called M$XP

Seems that phishing has replaced spam

[koweja]

I mean my one gmail account gets a lot of spam, but it's the account I post online, so it's pretty much expected. All of my other accounts are basically spam-less, though I get maybe one a week total.

The real problem is phishing attacks - I get three or four a day. For everything - ebay, half, paypal, hell even Amazon which I've never gotten before this winter.

I suppose if you redefine what "spam" is...

[digital+photo]

Seriously, been seeing an upsurge of spam... not a decline.

The difference between steve jobs's and bill gates's reality bubbles are that steve's produces positive results while bill's result in users getting f'd over when the "defeated" threats arrive(malware, spyware, virus(s), security flaws, a**-backward drm, etc.)

Every time I _have_ to start up IE, I', wonderiing if _this_ time, I'll get screwed over.

I guess the old joke now becomes...

[jpellino]

"Spam is Dead" - Arthur

"Arthur is Dead" - Spam

n.b.: for you youngun's out there, this is a play on a 1970's bumper sticker:

"God Is Dead" - Nietzsche
"Nietzsche Is Dead" - God

c. rice is a token

[lamp540]

Except her policies aren't carried out very well. National Security advisor? How 'bout advising the president that Iraq wasn't a threat? She blew that one... or maybe she was in on the whole lie, in that case her "political science" acumen should have tipped her off to what a BAD IDEA invading Iraq was. So she whored her way into the big time...big deal. We'll see how well the state department does reconstructing Iraq now that they've been given the job since defense botched it. This(the iraq occupation) is the real deal: ass kissing doesn't matter, being a right wing black woman doesn't matter. She's playing with the big boys now...they're going to bomb the hell out of her little school painting and power plant projects and her PhD won't mean shit.

Condi CV?

[gvc]

I've been unable to find a lot of evidence of Condi's academic career. Her PhD in Sovietology has been published as a book. One that has received some less-than-complimentary reviews. She made a meteoric rise through the ranks to become Provost at Stanford. She won a teaching award at Stanford. She has also been a US administration hack since before she got her PhD.

If somebody could point me to her academic CV - not the fluff the White House publishes - showing her journal publications and other scholarly contributions, I'd be much obliged.

Re:Wierdly, CAN-SPAM is working. But not as expect

[Steve+B]

Spam is now a branch of organized crime, not marketing. And it's highly visible organized crime, which makes it vulnerable. It's not that hard to follow the money. We need to push for more law enforcement priority in this area.

The most likely way that will happen is if someone notices (preferably before an actual incident) that spam is an excellent criminal/terrorist comm channel (by steganographically encrypting messages in the anti-filter junk attached to the spam mailing). Traffic analysis is defeated by sending the message to millions of random people, a few of whom know that the hidden message exists.

My 2 cents? Email address since 1994.

[ClioCJS]

I've had the same email since 1993 or 1994.... And now that I use gmail for a front end, there are actually about 4 addresses that all go to the same inbox.

Spam was about 20 a day until about 2 weeks ago.

It suddenly jumped to over 100 a day.

Yay... I guess the war is won. Not.