That would be mostly fixed by only imposing the delay on mail received from networks listed on blocklists such as the SBL or SPEWS. Blocklists are just databases of IP ranges, they can be used for non-blocking purposes. Hopefully most of your business contacts use decent ISPs that don't harbor spammers (and if not, the delay would be a nice incentive for them to switch to a decent ISP that is friendlier than outright blocking).
Eh, open relays are soooo 20th century.:) Actually most open relays today are either blocked or closed, and newly installed MTAs are secure against third-party relaying by default, so this spam method is dying out. Most spam today is sent either directly to the receiving MTA, through open proxies, or through formmail.pl and similar exploits.
I think browser spoofing is a very bad thing. Yes it lets you load your page correctly, but it will never let the "powers that be" know that people use something other than IE.
Very true. What browsers *should* do is to only allow browser spoofing on user-specified sites. That would allow the user to still use badly designed sites requiring specific browser user agents without needing to unnecessarily "lie" to other sites. I wonder how come that nobody has implemented this idea, which seems fairly obvious to me.
"Testimony of Bruce Wiseman. Presented to The Pennsylvania House Democratic Policy Committee
Philadelphia, Pennsylvania July 20, 1999
Bruce Wiseman is National President of the Citizens Commission on Human Rights (CCHR) "
Consider the source. CCHR is a front organization for the $cientology mind-control multinational. Nuff said.
Also check out http://www.resultsproject.net/
Feh. That site is full of the typical quack anti-ADHD fear-mongering.
Re:alternatives and cultural rant ahead...
on
Working with ADHD?
·
· Score: 1
I knew this one family that put their 5 y.o. child on Ritalin. I ask you, what 5y.o. isn't hyperactive?
Oh... some 95% or more of them.
And what kind of parent drugs their 5 y.o. kid for being a bit rambuncious?
We were talking about hyperactivity, not about being a bit rambuncious. If you think these are the same thing, then you clearly have never seen a truly hyperactive child in your life. Hyperactivity is a dysfunction.
Now it may well be commonly misdiagnosed, but by equaling hyperactivity to "being a bit rambuncious" you are buying right into this re-definition of hyperactivity that contributes to this misdiagnosis in the first place.
Re:Ritalin in adults? (MOD PARENT UP)
on
Working with ADHD?
·
· Score: 1
If I could I'd mod you up to +5 Insightful. All my best to you.
- Someone who knows too well what it's like to be on the receiving end of ignorant and judgmental bullshit
As far as I know, microkernels were thought to be a good idea in the early 90s but eventually lost their appeal as they proved to be slower and ultimately more problematic. <snip> So far, it didn't work for any real systems.
Is that right? Not even on Mac OS X (which uses Mach)?
_Everyone_ I know use ICQ - no one above the age of 15 uses MSN.. and AOL? Uh, no. Not at all. Noone.
Location: Sweden
Here in the Netherlands (a.k.a. Holland) AIM is also virtually unknown, and ICQ used to be the thing. Unfortunately everyone seems to have switched straight to M$N, now, and neither ICQ nor AIM seem to be relevant anymore.
I have an AIM account, but only because I know overseas people who use it.
(I use gaim to log on to AIM, ICQ, M$N, Yahoo, and two IRC networks at the same time - my contacts tend to be all over the place.)
Calling the next Mozilla release 2.0 will not be justified. Although Mozilla Firebird will have a completely new ui, Mozilla does not consider such things important for releases. After all, it's not an end-user product.
Silly me, I'll just crawl back into the server rack now. Unlike the kernel, it *is* an end-user product. The Mozilla team can go "it's just for testing" all they want, but it's not the truth. It is being deployed on Linux machines as the end-user browser.
Indeed - and not only on Linux, either. Furthermore, in spite of their "not for end users" legal disclaimer, they have a dedicated page promoting the reasons why end users should be using Mozilla. So their legal disclaimer is really just that.
This is a really weak argument to continue to allow anyone to impersonate me (well, to pretend to be allowed to send mail for my domain).
Nowhere did I advocate allowing that. I just criticized this particular way of combatting the spam problem. Spam (including spam from impersonators) can already be very effectively blocked using a combination of a good spam sources block list with a list of open proxies and relays. The tools exist that deal with the problem without breaking e-mail as we know it. RMX would only force spammers to send mail from a domain belonging to the originating network and would thus only serve to legitimize spam.
Don't for a moment think that RMX would stop or even slow spammers - for example, they are already paying students to do their spamming for them from their college computers, and when they get shut down they just find another one. So with RMX we could expect spam from perfectly verified.edu domains.
Also, the next big thing will be e-mail worms that hijack home computers to spam for the spammers. Those can easily be written to set the spam's sender to an address in the domain of whatever network they have infected.
No. The reply-to field is for directing replies to an address different from your own, not for indicating who sent the e-mail. Mailing list servers and private whitelists generally check against the From field.
You could also run your own SMTP server, unless you're on a modem at home or something.
Sure, I could - but Joe Average wouldn't know how to, nor should he have to.
One of the tools, Reverse MX, is expected to be in place in several months. It would allow the receiving mail server to query a domain to determine if the sending server is allowed to send on its behalf.
According to the linked draft, this is supposed to be a "protection against e-mail fraud, especially spam". No mention is made of legitimate uses that are also killed.
When I travel abroad, I send e-mail with my own home e-mail address as the sender through the foreign ISP's SMTP server (and collect mail with POP3 from my home ISP as usual). This has several advantages such as not needing another e-mail account and still being able to post to mailing lists. This plan will lump that in with "fraud" and make it impossible. With whitelisting on private e-mail becoming more and more common, this will be even more of an issue.
If the spammers do not make e-mail as we know it unusable, trust clueless antispammers to do that job more thoroughly.
(Another sign of their cluelessness in that draft is their statement that "spam is not yet exactly defined". The definition is, and always has been, unsolicited bulk e-mail. You can't get more exact than that.)
In Europe we have 1 and 2 coins, but there have been calls to change those to bills because people tend to ascribe low value to coins and spend them too easily. This is true especially in Italy where they used to count in thousands of liras.
Here in the Netherlands we were used to coins up to f5 (2,27) before the changeover, though, so we like the coins. Goes to show how hard it is to get consensus about that kind of thing.
When diseases were feared in the past it was worth fearing them: Justinian's Plague (541-544AD) killed 40% of the population of Constantinople; [...]
If we had lived in that time, SARS would probably have killed a similar percentage of the population. Nowadays we have modern concepts of hygiene, we know what bacteria and viruses are, etc. so we know how to contain epidemics. That doesn't mean that the disease is any less worth of fear. It's that fear that motivated humanity to get to this level of medical knowledge in the first place.
Re:Keep the government out of this!
on
FTC vs Spammers
·
· Score: 1
Yeah, that's just what we need -- governments passing laws to outlaw things that the majority of the population doesn't like.
The only reason they are doing this is because it costs them time, bandwidth, server resources, and most importantly, customers who will go to other service providers who can provide a better defense against spam. All of these things translate into a loss of revenue for them - which is the only reason why they are trying to go after the spammers.
As if that's a bad reason! Or do you need reasons of a higher ethical caliber to go after a burglar who breaks into your house, costing you valuable time and resources?
The whole point about spam is that it's theft of service. AOL is taking some steps towards treating the spammers like the thieving crooks that they are, and that can only be considered a Good Thing[tm] for everyone.
I had to use AOL to check my e-mail when I was over a friend's house once and holy sheep shit batman. Right when you log on you get assaulted with tons of banner ad spam. AOL just wants an exclusive market for their spam instead of sharing it.
Please keep your terminology straight. Spam is unsolicited bulk e-mail sent postage due. Annoying as they are, banner ads are not spam any more than commercial breaks on television. Not only are they not e-mail but they are actually paid for by the advertisers and you are soliciting them by logging on to the AOL service that includes these ads, i.e. you have the option not to do so, just as you can turn off your TV.
Comparing spam to banner ads confuses the issue by making spam seem more legitimate than it really is. It cannot be repeated enough: spam is theft of service, parasitic traffic living off of bandwidth and manhours paid for by others. This is the message that needs to be hammered into those that matter in the grand scheme of things, so that the appropriate laws get passed to throw the perpetrators in jail where they belong.
It seems every article (dupe or not) on spam returns a thousand people throwing out their personal solution to fighting it. Most involve mail-server solutions, such as SpamAssassin, but I've read about MailWasher [mailwasher.net] a number of times. After the last article (the original of this dupe, actually), I finally decided to try it.
A week later, spam to my hotmail account has dropped from 30 or so a day to about 2. (Warning: Hotmail support is only provided in the pay version, but there's a 30-day trial.) Preview the spam on the server, and you're able to delete it, blacklist it, and best of all, bounce it back to the sender. In my wildest dreams, I never thought it would work so well. YMMV.
Mailwasher is effective at filtering spam, especially if you feed it with a good DNS-based blocklist to filter the Received lines against. However, the "bounce" feature is at best ineffective and at worst it turns you into a spammer yourself. It's ineffective because spammers don't and never did care about bounces (I still get relentlessly increasing spam attempts at addresses that haven't existed for years now). It's potentially abusive because spammers nowadays often forge innocent third party addresses as the sender address, and this is where the bounces go. Undoubtedly you have already helped fill a few innocent inboxes with tons of spam bounces. Spamming people with forged bounces is undoubtedly against your ISP's AUP, but even if it isn't, you need to turn off that horrible bounce "feature" for ethical reasons if nothing else.
.... is the profile of the average spammer. Most of my spam is poorly spelled and frequently points to sites that don't have anything to sell. My suspicion, and I have no way of verifying it, is that most of these messages are sent by people who get suckered into a "Make Money From Home!" offer, send a few messages to a giant list of addresses, and then give up when they're not living in MC Hammer's mansion by the end of the week.
Does anyone know who the average spammer is?
At Spamhaus they know. Not only does Spamhaus run the SBL, the most widely used blocklist of spam sources in existence, they also run ROKSO, the block-on-sight public database of notorious spam gangs. This database is used by many ISPs for background checks when signing up clients. It's also used by the FTC and state Attorney General offices.
According to Steve Linford, head of the Spamhaus team, 90% of the spam originating from America is sent by some 150 top spammers. If these were eliminated, our spam problem would virtually vanish overnight. This seems to contradict your suspicion that most spam is sent by suckers. In reality it's a small number of committed criminals that send most of it, and you can see all the publically available data on them at ROKSO. Go check it out - very educational indeed. So are many of Steve Linford's postings in news.admin.net-abuse.e-mail.
he rest of the world WILL produce an XML standard document format without them, thank heavens.
Which will be an irrelevant format because everyone will still need Word to read all the ubiquitous crippled Word XML format documents flying around on the net.
Slashdot Mirror
Eh, open relays are soooo 20th century. :) Actually most open relays today are either blocked or closed, and newly installed MTAs are secure against third-party relaying by default, so this spam method is dying out. Most spam today is sent either directly to the receiving MTA, through open proxies, or through formmail.pl and similar exploits.
Very true. What browsers *should* do is to only allow browser spoofing on user-specified sites. That would allow the user to still use badly designed sites requiring specific browser user agents without needing to unnecessarily "lie" to other sites. I wonder how come that nobody has implemented this idea, which seems fairly obvious to me.
Consider the source. CCHR is a front organization for the $cientology mind-control multinational. Nuff said.
Feh. That site is full of the typical quack anti-ADHD fear-mongering.
Oh... some 95% or more of them.
We were talking about hyperactivity, not about being a bit rambuncious. If you think these are the same thing, then you clearly have never seen a truly hyperactive child in your life. Hyperactivity is a dysfunction.
Now it may well be commonly misdiagnosed, but by equaling hyperactivity to "being a bit rambuncious" you are buying right into this re-definition of hyperactivity that contributes to this misdiagnosis in the first place.
If I could I'd mod you up to +5 Insightful. All my best to you.
- Someone who knows too well what it's like to be on the receiving end of ignorant and judgmental bullshit
Never mind, stupid comment, I just found out that Mach on Mac OS X has been modified so that it's essentially not a microkernel. Oh well.
Is that right? Not even on Mac OS X (which uses Mach)?
Here in the Netherlands (a.k.a. Holland) AIM is also virtually unknown, and ICQ used to be the thing. Unfortunately everyone seems to have switched straight to M$N, now, and neither ICQ nor AIM seem to be relevant anymore.
I have an AIM account, but only because I know overseas people who use it.
(I use gaim to log on to AIM, ICQ, M$N, Yahoo, and two IRC networks at the same time - my contacts tend to be all over the place.)
Indeed - and not only on Linux, either. Furthermore, in spite of their "not for end users" legal disclaimer, they have a dedicated page promoting the reasons why end users should be using Mozilla. So their legal disclaimer is really just that.
Nowhere did I advocate allowing that. I just criticized this particular way of combatting the spam problem. Spam (including spam from impersonators) can already be very effectively blocked using a combination of a good spam sources block list with a list of open proxies and relays. The tools exist that deal with the problem without breaking e-mail as we know it. RMX would only force spammers to send mail from a domain belonging to the originating network and would thus only serve to legitimize spam.
Don't for a moment think that RMX would stop or even slow spammers - for example, they are already paying students to do their spamming for them from their college computers, and when they get shut down they just find another one. So with RMX we could expect spam from perfectly verified .edu domains.
Also, the next big thing will be e-mail worms that hijack home computers to spam for the spammers. Those can easily be written to set the spam's sender to an address in the domain of whatever network they have infected.
No. The reply-to field is for directing replies to an address different from your own, not for indicating who sent the e-mail. Mailing list servers and private whitelists generally check against the From field.
Sure, I could - but Joe Average wouldn't know how to, nor should he have to.
According to the linked draft, this is supposed to be a "protection against e-mail fraud, especially spam". No mention is made of legitimate uses that are also killed.
When I travel abroad, I send e-mail with my own home e-mail address as the sender through the foreign ISP's SMTP server (and collect mail with POP3 from my home ISP as usual). This has several advantages such as not needing another e-mail account and still being able to post to mailing lists. This plan will lump that in with "fraud" and make it impossible. With whitelisting on private e-mail becoming more and more common, this will be even more of an issue.
If the spammers do not make e-mail as we know it unusable, trust clueless antispammers to do that job more thoroughly.
(Another sign of their cluelessness in that draft is their statement that "spam is not yet exactly defined". The definition is, and always has been, unsolicited bulk e-mail. You can't get more exact than that.)
Shouldn't that be "one wipe sheeting"?
<voiceover type="dark">
Amazon.
One wipe.
A load of sheet.
</voiceover>
Here in the Netherlands we were used to coins up to f5 (2,27) before the changeover, though, so we like the coins. Goes to show how hard it is to get consensus about that kind of thing.
ITYM "frea speach". HTH. HAND.
If we had lived in that time, SARS would probably have killed a similar percentage of the population. Nowadays we have modern concepts of hygiene, we know what bacteria and viruses are, etc. so we know how to contain epidemics. That doesn't mean that the disease is any less worth of fear. It's that fear that motivated humanity to get to this level of medical knowledge in the first place.
It's called "democracy".
As if that's a bad reason! Or do you need reasons of a higher ethical caliber to go after a burglar who breaks into your house, costing you valuable time and resources?
The whole point about spam is that it's theft of service. AOL is taking some steps towards treating the spammers like the thieving crooks that they are, and that can only be considered a Good Thing[tm] for everyone.
Please keep your terminology straight. Spam is unsolicited bulk e-mail sent postage due. Annoying as they are, banner ads are not spam any more than commercial breaks on television. Not only are they not e-mail but they are actually paid for by the advertisers and you are soliciting them by logging on to the AOL service that includes these ads, i.e. you have the option not to do so, just as you can turn off your TV.
Comparing spam to banner ads confuses the issue by making spam seem more legitimate than it really is. It cannot be repeated enough: spam is theft of service, parasitic traffic living off of bandwidth and manhours paid for by others. This is the message that needs to be hammered into those that matter in the grand scheme of things, so that the appropriate laws get passed to throw the perpetrators in jail where they belong.
According to this article, he now runs a non-spam autoresponder service. But there are a good 150 hardcore spammers who took his place.
Mailwasher is effective at filtering spam, especially if you feed it with a good DNS-based blocklist to filter the Received lines against. However, the "bounce" feature is at best ineffective and at worst it turns you into a spammer yourself. It's ineffective because spammers don't and never did care about bounces (I still get relentlessly increasing spam attempts at addresses that haven't existed for years now). It's potentially abusive because spammers nowadays often forge innocent third party addresses as the sender address, and this is where the bounces go. Undoubtedly you have already helped fill a few innocent inboxes with tons of spam bounces. Spamming people with forged bounces is undoubtedly against your ISP's AUP, but even if it isn't, you need to turn off that horrible bounce "feature" for ethical reasons if nothing else.
At Spamhaus they know. Not only does Spamhaus run the SBL, the most widely used blocklist of spam sources in existence, they also run ROKSO, the block-on-sight public database of notorious spam gangs. This database is used by many ISPs for background checks when signing up clients. It's also used by the FTC and state Attorney General offices.
According to Steve Linford, head of the Spamhaus team, 90% of the spam originating from America is sent by some 150 top spammers. If these were eliminated, our spam problem would virtually vanish overnight. This seems to contradict your suspicion that most spam is sent by suckers. In reality it's a small number of committed criminals that send most of it, and you can see all the publically available data on them at ROKSO. Go check it out - very educational indeed. So are many of Steve Linford's postings in news.admin.net-abuse.e-mail.
Well, it friggin' figgers, doesn't it? Anyone who didn't see this coming must have been living on another planet.
With the US antitrust suits off now, the EU is our only hope to curb their anticompetitive practices.