Slashdot Mirror
Despite Gates' Prediction, Spam Far From a Thing of the Past
Slatterz writes "Bill Gates declared in 2004 at the World Economic Forum in Switzerland that spam would be 'a thing of the past' within five years. However, Graham Cluley, senior technology consultant at Sophos, has written in a blog post that 'with the prophecy's five-year anniversary approaching, spam continues to cause a headache for companies and home users.'"
I would contend that for the average user, spam is essentially a non-issue nowadays. IT departments still have to do quite a bit of work, but all that work means that the average amount of spam a user sees is nearing zero.
Convert FLACs to a portable format with FlacSquisher
Most of this spam comes from bot-nets made of Windows computers that have been taken over.
If you had a Verifiable College Degree from an Authentic University, then more women would listen to your opinions and you'd get MORE ACTION.
Why spend hours studying for a degree when you can call 1-800-IMAGRADUATE and get College, Masters or even DOCTORATE Degrees within One WEEK!!!
Engineering is the art of compromise.
Barracuda, anyone?
He made that prediction on January 24, 2004 - and it's only January 22nd now. So he's got two more days...
#DeleteChrome
I've slowly switched all my email accounts (business and personal) over to Gmail, and I almost never have to deal with spam anymore.
I still get a fair number of advertising emails from companies I've placed orders from, but they all provide the ability to unsubscribe.
The only people I know still drowning in spam are the ones who are clinging to some ancient ISP-provided address, or who have a poorly managed company mail server.
If those people would simply find a decent email provider, the spammers' market would dry up and spam might become a "thing of the past" once and for all. But for now there's no reason you can't switch to a decent email provider and forget about spam today.
How can I believe you when you tell me what I don't want to hear?
Where there is an financial incentive to spam (there are those dumb people that click on the v1@9r@ ads, believe it or not), there will be spam.
Spam is the reason I have a gmail account. When I first got an e-mail address I was using a small ISP and spam didn't even exist. After 12 years of using the same e-mail address that thing is about 90% spam. I couldn't find an e-mail client capable of cleaning it and my ISPs filters were useless. Finally I caved and just started consolidating it all in gmail and letting gmail do the filtering for me. So, yes, spam is still a huge problem if you're not using gmail or a work e-mail where all the work is being done for you.
You are using English. Please learn the difference between loose and lose; they're, there, and their; your and you're.
I've had my Yahoo account since at least 1996, and have used it in many a web form. I get hundreds upon hundreds of spams a day to that address, but only one or two a day actually show up in my Inbox. All the rest are relegated to the spam folder. I consider that a very good success rate.
Our Barracuda gateway, in about two years of use, processed about 10 million messages. Of which just under 3.8 percent are deemed real. This is for an office of about 50 active users at any point in time. Of the messages that funnel through the 'Cuda, I get about two dozen annually that are daft enough to fool the gateway's checks. Conversely, I get no false positives. So the 'Cuda does its job well, but end users have no idea what goes on to make their mail client less encumbered and full of their personal junk. Spam blows. As does any prediction Mr. Gates may ever front...
I've gotten 2 spam mails since i switched to gmail a few years ago.
The summary is so negative, spam is pretty much gone, gates wasn't far off the mark at all.
Bill Gates advocates a
(X) technical ( ) legislative ( ) market-based ( ) vigilante
approach to fighting spam. His idea will not work. Here is why it won't work. (One or more of the following may apply to his particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
(X) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
(X) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
(X) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
(X) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, his plan fails to account for
( ) Laws expressly prohibiting it
(X) Lack of centrally controlling authority for email
(X) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(X) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
(X) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(X) Armies of worm riddled broadband-connected Windows boxes
(X) Eternal arms race involved in all filtering approaches
(X) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(X) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
(X) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
(X) Ideas similar to his are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
(X) Why should we have to trust him and his servers?
(X) Incompatiblity with open source or open source licenses
(X) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
(X) Killing them that way is not slow and painful enough
Furthermore, this is what I think about him:
(X) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and he's a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to burn his
house down!
I am officially gone from
Previous slashdot entry dealing with Gates' predictions. It cites two years, not five years, with the spam thing.
I guess "5" looks like "2" and vice versa, but... :P
I would contend that for the average user, spam is essentially a non-issue nowadays.
Just because they don't see it doesn't mean it doesn't cost them. The users have to pay (indirectly) for the cost of the spam traversing the internet, the CPU time for their spam filter to identify and dispose of it, the server space to store it, and the IT employees to refine the filters to acceptable levels of false positives and false negatives.
Just because the users don't see the spam in their inbox doesn't mean it has no impact on them.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
It all depends on how you look at it. As an end-user of email, you're right. Almost no spam gets into the inbox on my gmail account. Some gets through the filters on my POP3 accounts, though, but most of that gets caught by the filters in Thunderbird. However, I'd bet that the people running and maintaining mail servers at ISPs wouldn't agree with you because spam is probably wasting at least as much of their bandwidth as ever. We don't see it because their filters have gotten pretty good, but then, the time, CPU cycles, memory and disk space needed for those programs adds, slightly, to the cost of business of every provider, as does that bandwidth I mentioned above. I'd bet that if spam were to "softly and silently vanish away, and never be seen again," our monthly ISP fees would drop.
Good, inexpensive web hosting
If you read Bill Gates' original prediction, he said that spam would be killed through the electronic equivalent of a stamp, also known as "payment at risk". This means that if an email gets marked as spam, then the sender will be billed for a cost whenever they send a spam email. He didn't say that users would not have to deal with spam, he said that spam would simply not exist altogether. This most certainly did not happen, so he was completely wrong in his prediction.
You both are making me feel inadequate. I've never figured out how to stop receiving spam.
Best I can think of were:
But in practice, my users were still receiving junk mail, and I couldn't seem to do anything.
Any advice?
The list of blacklists I use to reject spam outright:
sbl-xbl.spamhaus.org
list.dsbl.org
bl.csma.biz
cn.ascc.dnsbl.bit.nl
korea.services.net
web.dnsbl.sorbs.net
I've pruned this list to eliminate false-positives, but if you need to receive legitimate mail from China or Korea you'll need to remove those lists.
Next, I use a lot of custom code I've written myself, which is executed by MIMEDefang. I've thrown all kinds of stuff in there.
Finally, I use ClamAV and SpamAssassin (also executed by MIMEDefang). ClamAV can detect certain known phishing scams; unfortunately I had to disable the feature that identifies misdirected links like phroggy.com because it was catching a ton of false-positives (including legitimate mail from BANKS! You'd think they'd know better...). I use a few rules from the SpamAssassin Rules Emporium; you'll have to pick and choose which ones work for you.
Or, if you don't want to do all of that work, there are commercial solutions such as Barracuda's firewall thingie. Or, just use GMail.
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
The majority of all spam comes from home computers infected with a worm that makes it part of a botnet. The fact that some mail servers can slow down the sending of mail is not the solution. If ISPs were to block all SMTP connections from their DSL/cable customers, that would put a huge dent in the amount of spam. Most people get their email through some sort of webmail based system so there is really no need for people to be sending legitimate emails via SMTP. And for the ones that like to have their Thunderbird or Outlook express send their email, there is probably a way that you can make the client get the email through the web system the same as the way Outlook can be retrieved over SSL. Block users from sending SMTP and you block most of the spam on the Internet.
Here's a technical solution. I receive email from a botnet touting v1a@ra. I tunnel back to the infected machine, slip in, and wipe the drive.
Pretty soon, no more botnet. And we also get a nice little econo-boost from all of those people replacing their antiquated virus-ridden computers, systems, and software.
Any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.
I get 2 spam in my inbox every day with gmail.
Mind you I have seen up to 40,000 spam from the last 30 days in my Spam box.
The best solution in my opinion would be a fee payed to the recipient. I send you an email, and one cent. You reply and we are even. Even if I talk ALOT more then you, maybe I'm down a dollar a year. But suddenly the spam business model is destroyed (you cannot send 500,000 emails to make $20 of sales).
When I still checked my mail on a BSD machine using pine, I had a complex scheme set up using custom IP filters + SpamAssassin. After all that work, I still had 5 or 6 slip through each day out of approximately 140. Since switching to gmail, maybe one slips through per week.
Ironically, thanks to google, Gates prediction is largely true. For me, at least. Spam is a complete afterthought.
The false positives generated by GMail's spam filtering don't piss you off in the least? Not even the fact that you have no direct personal control over the process at all? Nor the fact that, unlike other services like Yahoo, you can't effectively disable it by passing it through, allowing you to use your own more tuned and effective local spam filtering solution (i.e. PopFile)?
It is easy to bypass the spam system, but the way to do it is not obvious. Create a new filter, with just an asterisk in the has the words field. That ensures the filter applies to all messages, even a sender-less, subject-less, body-less email. Then on the actions page select "Never send it to Spam". Apply the filter. Now the spam filtering is bypassed, and no messages will ever end up in the spam folder.
Stylish sheet to fix many problems in Slashdot's D3: https://gist.github.com/801524
In addition to your suggestions,
a) Set up some honeypot addresses, like aardvark@yourdomain.com and zzyxyzark@yourdomain.com, that will not be used for any legitimate purposes.
b) if you have some old unused e-mail addresses (i.e. people no longer with a company), monitor them to make sure that they only receive spam and notify legitimate correspondents that they are obsolete and, once they've only received spam for 6 months or so, then start using them as honeypot addresses as well
c) seed the honeypot addresses into various locations where spammer automated address collectors will be likely to pick them up (web pages, news groups, replying to obvious address trollers, etc.) - try to get it into as many spammer lists as possible.
d) take any e-mails that come in to those addresses and feed them into the learning mode of
i) a hash signature-based recognizer if it's graphical spam
ii) a bayesian recognizer if it's text or HTML spam.
e) use the resulting trained recognizers to filter out the same spam messages from your legitimate mail addresses.
A bit the same idea as noise-cancelling headphones.
Laissez lire, et laissez danser; ces deux amusements ne feront jamais de mal au monde. - Voltaire
Yeah, and the linux kernel mailing list would be bankrupt in 15 minutes. Nice try.
Non-Linux Penguins ?
...who will end up paying?
The people who refuse to secure their PCs. So far, I don't see a problem.
I've gotten 2 spam mails since i switched to gmail a few years ago.
The summary is so negative, spam is pretty much gone, gates wasn't far off the mark at all.
If spam isn't an issue anymore, then you won't mind publicly posting your email address.
I'm intrigued by your ideas. ....and I'd like to subscribe to your newsletter. Several times. Many more several times.
Don't fight for your country, if your country does not fight for you.
The problem with Barracuda boxes is that they create backscatter.
I see tons of "Barracuda has rejected your message" bounces from them, and all of it is faked. Why they can't reject mail at SMTP time I don't know.