Slashdot Mirror

← Back to Stories (view on slashdot.org)

'Leak-Proof' Anti-Spam Solution?

Posted by ryuzaki0 on from the how-well-would-it-work? dept.

sikandril asks: "In an effort to help the Internet community and user-base at large in fighting spam, I have decided to put up this white paper for public review and remarks. As you will see, the system provides an almost 'waterproof' solution to spam blockage via an opt-in system. The main drawback is that everyone (except spammers or other evildoers) has to have this installed in order for it to work perfectly. A small number of installs means that unknown legit contacts still might show up as spam, albeit only for the first e-mail and/or until they too elect to install the software. I'm an independent developer located in Israel, and would love to hear your ideas regarding this."

3 of 90 comments (clear)

  1. Actually, spam filtering is working pretty well. by Animats · · Score: 2, Interesting
    Spam filtering technology is now working pretty well. That's what's driving this new "sender pays to bypass the filters" stuff. The spam filters don't care if there's some excuse under CAN-SPAM to let it through; they just recognize it as bulk mail selling something and delete it. Sellers hate that. Which is a good reason to keep the filters honest.

    The real effect of CAN-SPAM has been that most spam either gets deleted by filters, or involves a felony by the sender. The remaining spammers are either selling drugs illegally, trying to manipulate the stock market, or running a scam. That's ordinary law enforcement work, and it's now routine to hear of spammer arrests and convictions. We used to just have ineffective civil suits. That's over. Now they're doing hard time. It's not a safe business to be in any more.

    SpecialHam.com is still up, and the usual suspects are still at it: "Looking for people with botnets to run ads! pm me for more details". But it's clearly a board for the clueless now.

  2. SpamAssassin's one problem: near perfection. by khasim · · Score: 2, Interesting

    The only problem with SpamAssassin is that it is ALMOST perfect.

    Most of my users have setup rules so that the stuff SpamAssassin tags is automatically dumped into their trash. But they don't bother checking their trash much any more. They expect the system to always be right.

    Which still leads to the situation where someone thinks you've received their message but you haven't read it because it scored just over the spam level and it's sitting in your trash can.

    I would prefer a system that rejected messages at the SMTP connection time rather than one that tags suspected spam after accepting it. I run Exim4 at work and it does pretty good. Of course, I still run the messages through SpamAssassin. We're down from 80% of all accepted email being spam to only 5%.

  3. Umm wow tons of problems. by Anonymous Coward · · Score: 1, Interesting

    No offence but you are uber optimistic.

    12 hour key rotation for the database for probably the trillion e-mail addresses that are active?

    keys are inserted by the client of the sender and not by the actual smtp server? gee well I sent that e-mail to you 24 hours ago I wonder why it didnt show up... smtp servers couldnt connect for 12 hours and so my keys expired.

    wow I my name being directly tied to my e-mail address so the cops can just look at the centralize database.

    I can just see the lag as every single person who uses e-mail requests a key at the same moment.

    Nothing like a small bomb to take out the net.

    wow and people wont be able to track when I sent e-mails or when I read them.

    Centralization is great for all systems

    lets just rant more and more