.su Lives On, Stronger Than Ever

CWRUisTakingMyMoney writes "Yahoo! Finance has a story about the defunct Soviet Union's .su TLD. 'Sixteen years after the superpower's collapse, Web sites ending in the Soviet ".su" domain name have been rising — registrations increased 45 percent this year alone. Bloggers, entrepreneurs and die-hard communists are all part of a small but growing online community resisting repeated efforts to extinguish the online Soviet outpost.'"

Don't forget Poland^W the spammers.

[shanen]

You forgot the spammers on your list of .su registrants. They're supposed to be the leaders in all domain registrations. However, it gives me an excuse to post my latest proposal to reduce the volume of spam. (Excuse the somewhat polemical style from the original venue.) The directly applicable part is about the domain registrars in the Pass 1 section:

How to make Gmail the spam target of absolute last resort.

The goal of this suggestion is to intelligently leverage and focus Google's expertise and credibility against the spammers and their accomplices. But where will the intelligence come from? From me, from you, from *ANYONE* who has a Gmail account and who wants to help oppose the annoying evil that is spam. Aggressively implemented, it could make Gmail into Spammer Heck--maybe to the point where only a fool would send spam to Gmail. (Yeah, there are plenty of fool spammers--but at least we'd get the laughs without the serious spammers.) Less spam = more value in Gmail.

So do you want to fight against spam? You, too, could become a WSF (wannabee spam fighter).

SpamSlam is my 'working draft' label. The idea is roughly based on other anti-spam systems--but with more smarts. Almost all email systems include one level of feedback in a Spam/NotSpam button. (For relative brevity and because it simplifies the draft implementation, I'm focusing on Web-based email here.) Think of SpamSlam as a report-spam-button on steroids. SpamSlam would report the spam, but also do much more. Essentially this Gmail feature would do some of the automatic analysis that any spam fighter has to do, get some intelligent feedback, and hopefully be able to act immediately against the spammer. Speed of action is actually crucial--cutting off the spammers' income is a key goal of this proposal.

Here is an approach to implementing it:

Clicking on SpamSlam would first trigger a low-cost automatic analysis of the email, including the headers. Let's call this Pass 0. Basically this is just using regular expressions to find things like email addresses, URLs, and phone numbers. The results would be used to generate a Pass 0 webform with comments and options (and explanations and links). This pass should also look for obfuscation and ask the wannabe spam fighter (WSF) to help break the spammers' attempts to evade the spam filters. (This is leveraging the spam's features against the spam--if a human can't figure out the spam, then the human can't send money to the spammer.) In many cases, this Pass 0 analysis may be able to suggest answers. If something like "drop@dead.com" appears in the header, then the WSF should just click the option 'fake email'. Perhaps the WSF would only need to click a check box to confirm that "V/1/A/6/R/A" is a drug and categorize the spam. Other times the WSF can actually type in the answer to the spammer's quasi-CAPTCHA, and then the SpamSlam function can do something. At the bottom of the 'exploded email' in Pass 0, there will be the usual submit button.

After the WSF submits that Pass 0 form, more analysis can begin. The data is no longer raw, but partly analyzed, and the system can start checking domains, registrars, relays, fancier types of header forgery, MX records, categories of crime, email routings, and even things like countries hosting the spammer. This kind of analysis will probably take a bit of time, but a new Pass 1 form will be prepared for the WSF to consider. Basically, this would mostly be a confirmation step for the obvious counteractions. That's stuff like complaining to identified senders and webhosts, but also things like reporting open relays and spambots. It also needs more flexibility and 'other' options in the responses at this point--we all know the spammers are constantly going to try to devise new tactics. Again there will be a submit option at the bottom for this Pass 1 form.

That will probably cover most of the responses, but in some cases there may still be a need for a Pass 2 form. I imagine that would be a kin