The global warming pundits are always trying to create fear and alarm in the general population. What I find funny is that they all seem to want to keep everything the same.
Reality is that things change. They have been changing since day zero and will continue to change after the Sun goes nova. What most people fail to realize is that we have been fotunate so far in that things have remained relativly stable for the past few thousand years. How many times in history have civilizations risen to simply disappear due to some realtively sudden change? It is amazing that we have managed to attain what we have in such a short time period.
One thing to keep in mind is that if we don't get off this planet and establish self sustaining colonies off planet soon one of those sudden catastrophic changes will strike this civilization down like so many others. Climate change could be the killer or a super bacteria created from all those anti-bacterial products that have hit the market. (my dollar is on that one). I expect any day to see news reports on some super strain of common bacteria breaking out across the country killing thousands of people in their own homes. All brought you to you by the over use of anti-bacterial products. Some of those bacteria survive and breed creating ever stronger bacteria which are now pissed off since we have been killing them by the billions for years.
But climate changes will work also. History is rife with examples of groups being forced to migrate with the resulting displacement of native populations.
The real question becomes "what do we do to escape the next big change?"
Everyone so far has missed the point about him saying their security plan was a 10 year plan. Microsoft looked long and hard at the trends and figured out that in 10 years Windows would be displaced as the leading client OS by Linux (or some other system).
Case in point, they are paying out huge dividend this year. Why? So they can all pocket a boat load of money before everyone finds out that Longhorn won't be delivered on time or with all features (see other recent story on/. about this).
So now that they have drawn down that huge cache of money and paid it to all those that hold stock they can cruise control for a few years as they start figuring out ways to sell of portions of the company to turn it into money to put in thier pockets.
I believe they have seen the writing on the wall and have started the process of shutting things down. Only problem is that you don't shut down a colossus like Microsoft over night. Very similar to AT&T, they have been in a downward spiral for many years. In AT&T's case they have at most another 5 years before someone picks up the carcass and finishes stripping it. Microsoft will take another 20 years before they finally have squezzed every last nickel out of the user population.
Actually they don't have to break into your house to use the phone. Most residential houses have the phones enter the house through a an access point on the outside of the house. A simple screwdriver opens the cover. Inside you will find a nice modular jack that connects your phone line with your house wiring. Just carry a standard phone with you, jack into the test jack on the outside of the house and make all the phone calls you want from that line.
Not that anyone should ever do this. It is a good way to test your phones though to prove the problem is on the line or inside your house.
25 was right, that was when Al Gore invented the Internet. It was not those geeks in 1969 that did it. No no, not them. Al Gore did it. He said so. Remember, its not real until the legislature says so.
Microsoft recognizes that a new animated image format was needed (after seeing it mentioned on/.). As such they have announced the release of a new standard, Microsoft Extended Sequential Series (MESS).
MESS will be incorporated into Longhorn and will be one of the major enhancements to the Microsoft operating system. The MESS graphics format will permit content providers to render highly complex images on a users system. The MESS format allows use of Active X components which permits all kinds of interesting effects on a users system.
When asked about using existing standards executives at Microsoft responded that no other standard in this area exists. Patents have been applied for covering this novel concept and will be agressively defended. Anyone trying to duplicate the intelectual property of Microsoft would be better off using MESS as long as they pay the royalties due Microsoft or they may find them selves in an even bigger MESS.
Executives were then asked about possible security implications of the new MESS protocol. Executives replied that security is a number one priority and that an updated SP3 patch is currently in the works that will address all security issues. The only thing holding up SP3 release is final release of SP2 patch 1 that is needed to address security issues caused by various linux distributions.
You need to run out and patent that idea. A mouse that is shaped like and feels like a breast. You could sell millions of them to all the/.'ers around here. It is the closest they are going to come to the real thing. Then you need to figure out how to get two of them working at one time so you have one for each hand.....
That happens when the people in south Florida got so confused by the ballot that they could not tell who they voted for. In the last election people were claiming that they thought they voted wrong because of how the ballot was layed out. The whole business of then trying to determine what the voter intended based on hanging chads and dimples was ridiculous. If it is not clear on the ballot that one candidate or the other was selected then that ballot gets tossed. At least that is the way it should be.
Why do they make it hard? So it is possible for them to cheat the system. Electronic voting is subject to much easier manipulation than paper ballots. Period. Anyone that has half a clue knows this. Primarly since it is difficult to prove that those little electrons on the disk are the very same ones that the person in the voting booth intended. This is worse than the "hanging chad" fiasco.
The whole issue would pretty much go away if they just implemented a paper audit trail. Of course if you are doing that then you don't really need a fancy electronic system to record it. Just issue a felt tip marker. Much less expensive and fewer issues. But then the group pushing the expensive error prone electronic systems would lose money, and since they have purchased a few politicians that won't be allowed to happen. And the politicians have a desire to manipulate the results so they are not going do anything out of self interest.
What I find so funny is that the most vocal people on this topic seem to feel that the very same people that vote for them can't seem to understand how to do it correctly. So they have to "interpet" the ballots to guess how that person intended to vote.
Make it simple. Use a ballot that has the voter mark it with a marker. If they mark it wrong they can ask for a replacment ballot. If they deposit the ballot and it is marked incorrectly, either for the wrong candidate or marked such that it is unclear, then that ballot is voided and is not counted. Period, end of vote. This may get some cry baby liberals complaining that there is some issue with people not getting their vote counted. But if they are so stupid that they can not mark a simple paper ballot correctly then they should not have their vote counted!
The fact that most of the people having trouble understanding the ballots happen to be Democrats is either a fluke or an indication that like minds flock together.
So if someone want to tell YOU their opinion then you have to sit down and listen to it?
I have the right NOT to listen to other peoples opinions. Regardless of what the content is. The problem with spam is that it obscures the legitimate traffic in your email inbox using up time and resources that you own.
Hopefully the backlash will prevent others from trying to use this loophole. Until then ISPs should be required to implement greylisting and spamassassin across the board so spam is blocked before the public sees it. Only in that way will the spammers NOT get money from the small percentage of simple minded users that seem to think it is a good idea to help the ex-president of Nigeria with his financial problem (while making a tidy profit) or solve their limp dick problem with really cheap viagra.
Real solution to this is to spam everyone with a viagra message but send out pills that sterilize these dolts so they don't reproduce. Eventually the spammers will have no one that responds in 30 or 40 years.
Get the major ISPs to implement greylisting and you will see a definite decrease in spam. Combine that with spamassassin and you may not see any spam for a long time.
But the ISPs don't care, they are probably making money from the spammers by selling your email address and hosting the spammers systems.
Implement greylisting on your server. I implemented it here and went from 3000 to 6000 spam messages a day to 5 to 10 spam messages a day. And those get tagged by spamassassin.
It was at the point that the owner of the company was seriously considering turning off email entirely. Even with spamassassin tagging 99% of the spam it was taking time to review it for false postives. With greylisting 99% of the spam is blocked before it ever gets on the server. And with proper use of the whitelist, legit email is rarely delayed. And using a short delay value gets you all the benefits of greylisting when using a longer delay value. The spammers are going to find it tough to get around since they will increase the cost of sending out millions of messages if they have to send them two times or more (depending on how long the delay is).
You just described greylisting. And it works extremely well. It is something all ISPs should be forced to implment immediately.
And for those that say this is a stop gap and won't be effective for very long, they are wrong.
The whole idea is to increase the cost to the spammer of sending out millions of emails. By greylisting they have to resend the same message at least twice, possibly multiple times, since they don't know how long the delay is.
On top of that if you combine greylisting with an RBL which is fed from a spam trap it is most likely that by the time the spammer resends the message to you a second time that machine is listed in the RBL. So the second attempt you let it in, check the RBL and reject the message.
Add spamassassin as the next line of defense and the few messages that do get through will get tagged and dropped in the spam bucket.
But the important part of all this is to increase the cost to the spammer. If they try to get around this then they have to maintain a list of sent messages that were rejected and resend. This takes time and resources to do, thus increasing the cost to the spammer.
That is the point. It is very easy to implement. There are several versions available now that can be setup quickly. Probably the hardest problem to solve is those with email server farms. One version however utilizes a database which could be accessed by multiple servers so when the message is retried it would be able to match the entry and allow it through.
I think one of the reasons ISPs have not jumped at this is that they do not perceive a cost benefit. It will cost them up front to get it configured and tested, it won't make any money for them. As such they are happy with the status quo. Besides they are most likely selling address lists to spammers and making a profit doing so. Implementing effective spam blocking tools is not really in their best interest for this quarter.
But as soon as they write their code to queue the message and retry it after the delay period we pull another little trick out. During that delay period the spammer is sending out spam to lots of other sites, including a few spam traps. The spam traps add the spammer address to an RBL. When they get back to your system after the delay period you check the RBL list and drop the message now that it is showing up there.
In over a year the spammers have not done anything different but dump and spew. You still keep spamassassin running as a second line of defense which this new tool could be used for as well. So the ones that manage to get past greylisting are stopped by spamassassin.
The whole idea is to make it as costly and troublesome for the spammers to keep up their crap. By using greylisting along with other tools you increase the cost since they have to resend the message multiple times and keep track of all the addresses and sites they send it to. Makes it more likely that they would run out of resources or at least reduce the number of messages they can successfully pump out over a given period of time.
By reducing the number of messages they can get delivered it has to start reducing their income. Hit them in the cash flow and maybe they will be convinced to cheat and scam some other way.
With junk faxes there is a way to clearly identify the sender, they can be tied to a phone number. With email that is very difficult to do. Unless you can clearly tie the email to an individual you would not be able to prosecute and punish the sender.
As long as the ISPs let a subscriber request the ports be opened for legit use I would have no problem. I think Comcast recently blocked port 25 on a large portion of their network. Not sure it has made that big of a difference. The last analysis I did on the spam I was receiving (prior to greylisting) was that Comcast was a source of the majority of the spam. Since greylisting I have not run an analysis as the samples I have are insignificant and no longer characteristic of the bulk of spam.
Ah! How to foil spammers that adapt to greylisting? That is when the longer delay has to be used in combination with an RBL system. The idea is that when the spammer trys the first time you temporarly reject the message. During that delay the spammer continues on and hits a number of spam traps which gets the IP address added to an RBL system. The next pass at your system you start to let the message in but check it against an RBL which flags it as spam now. The message is then rejected. Spam is blocked, legit email is let through. For now that extra step is not needed. This will increase the delay but then again for known correspondants you white list them so there is no delay.
I always figured buying a congress critter that was in the oposition was the way to go.:)
Legislation if it ever comes to pass, which I doubt, will not have the teeth needed to really solve this problem. Or it will create such a burden on normal usrs of email that it will in itself make email useless.
Blocking port 25 outgoing while it would be effective it would also block a large number of people that run their own email servers that are not used for spamming.
SPF is a good idea and I would also like to this widely implemented. Hopefully this will eventually catch on.
As to the issue you have with greylisting the benefits can be had with as little as a two minute delay with no real difference to using a 30 minute delay. Also if you are working closely with another group you would most likely have their email server white listed which means there would be no delay.
Barring the universal adoption of effective anti-spam measures at the client I think having the ISPs implement greylisting would be the quickest and surest way to deal a massive blow to the spammers. And I think people would more easily adapt to that than to have their email boxes over whelmed with the spam as they do now.
As a side note, I find the confidentiality statements tacked on to email laughable. I can not see such a thing being held up in court of law as valid in any way.
Not sure about everyone, but I have seen a significant increase in spam over the last 8 months. At work we used to get a few hundred spam a day. It increased to several thousand a day during the first few months of this year. Greylisting has reduced this to a small handful each day now. And so far there has been no indication that this is increasing at all.
This will make another nice tool to identify spam. But why not use greylisting at all the ISPs MTAs to simply refuse 99% of the spam that is being sent right now?
Seriously, greylisting implemented on all the ISPs MTAs would overnight block 99% of the spam being sent. Most spam at the moment is being sent from armies of bots run on unsuspecting users systems connected to cable and DSL service. The programs used are unsophisticated, they churn through a list of addresses spewing messages out by the thousands. They do not queue messages or retry them if they get an error. Greylisting uses this to great effect and blocks spam while letting legitimate MTAs deliver messages.
True, it is not 100% effective, some small number of spam messages get through since some spam goes through legitimate MTAs and the message is retried. But once you remove the bulk of spam those can be tracked down and shutdown or blocked at the firewalls.
If the ISPs would implement this spam would become a non-issue over night. Email would once again become a mostly useful tool. But I guess the problem is that the ISPs have no vested interest in solving this problem. None of them will listen or implement this simple solution which does not block any legitimate email. With 70% of the email on the network being spam (number may be higher than that at this time) I would think they would jump at a solution that would reduce the loads on their servers. But I guess they make to much money from spammers to implement such a simple solution.
Well the alternative to that is to do nothing and let email devolve into a largely useless waste of resources and time. I think if the ISPs did implement greylisting and spamassassin at thier level people would begin to wonder what all the fuss was about spam since they would see so little of it.
Do you really think people would have a problem with greylisting? email is not instant messaging. There are other applications for that.
True, with the setup I have at home at the moment I still have to process all the spam. But I don't look at it since it ends up segregated from my regular email and mailing list traffic. Other than running a script about once a week to run it through sa-learn to reinforce the bayes database for spamassassin.
At work where greylisting is implemented the spam was reduced from 3000 to 6000 a day to 5 or 10 a day. Very few bots retry the spam and the system does not read the data part so there is a savings on bandwidth and cpu time. The drop was dramatic and much better than I had expected.
You are correct about Bob Dole. It is amazing how cheap congress critters go for now a days. Maybe we should take up a collection and buy a few for our own use.....
Slashdot Mirror
The global warming pundits are always trying to create fear and alarm in the general population. What I find funny is that they all seem to want to keep everything the same.
Reality is that things change. They have been changing since day zero and will continue to change after the Sun goes nova. What most people fail to realize is that we have been fotunate so far in that things have remained relativly stable for the past few thousand years. How many times in history have civilizations risen to simply disappear due to some realtively sudden change? It is amazing that we have managed to attain what we have in such a short time period.
One thing to keep in mind is that if we don't get off this planet and establish self sustaining colonies off planet soon one of those sudden catastrophic changes will strike this civilization down like so many others. Climate change could be the killer or a super bacteria created from all those anti-bacterial products that have hit the market. (my dollar is on that one). I expect any day to see news reports on some super strain of common bacteria breaking out across the country killing thousands of people in their own homes. All brought you to you by the over use of anti-bacterial products. Some of those bacteria survive and breed creating ever stronger bacteria which are now pissed off since we have been killing them by the billions for years.
But climate changes will work also. History is rife with examples of groups being forced to migrate with the resulting displacement of native populations.
The real question becomes "what do we do to escape the next big change?"
Everyone so far has missed the point about him saying their security plan was a 10 year plan. Microsoft looked long and hard at the trends and figured out that in 10 years Windows would be displaced as the leading client OS by Linux (or some other system).
/. about this).
Case in point, they are paying out huge dividend this year. Why? So they can all pocket a boat load of money before everyone finds out that Longhorn won't be delivered on time or with all features (see other recent story on
So now that they have drawn down that huge cache of money and paid it to all those that hold stock they can cruise control for a few years as they start figuring out ways to sell of portions of the company to turn it into money to put in thier pockets.
I believe they have seen the writing on the wall and have started the process of shutting things down. Only problem is that you don't shut down a colossus like Microsoft over night. Very similar to AT&T, they have been in a downward spiral for many years. In AT&T's case they have at most another 5 years before someone picks up the carcass and finishes stripping it. Microsoft will take another 20 years before they finally have squezzed every last nickel out of the user population.
Actually they don't have to break into your house to use the phone. Most residential houses have the phones enter the house through a an access point on the outside of the house. A simple screwdriver opens the cover. Inside you will find a nice modular jack that connects your phone line with your house wiring. Just carry a standard phone with you, jack into the test jack on the outside of the house and make all the phone calls you want from that line.
Not that anyone should ever do this. It is a good way to test your phones though to prove the problem is on the line or inside your house.
A qubit? Isn't that the measurment Noah used to build the ark? Boy, was he ahead of his time in more ways than one!
I wonder if all those animals were just quantum copies of each other......:)
25 was right, that was when Al Gore invented the Internet. It was not those geeks in 1969 that did it. No no, not them. Al Gore did it. He said so. Remember, its not real until the legislature says so.
I believe there are couple of problems with this scheme.
1. The site owner will not be able to monitor hits on the site.
2. This appears to work for static pages but it won't work with dynamic pages ie. php.
I have to believe that ISPs that provide web services would find their revenue reduced since they would not see all the hits on the site.
Microsoft recognizes that a new animated image format was needed (after seeing it mentioned on /.). As such they have announced the release of a new standard, Microsoft Extended Sequential Series (MESS).
MESS will be incorporated into Longhorn and will be one of the major enhancements to the Microsoft operating system. The MESS graphics format will permit content providers to render highly complex images on a users system. The MESS format allows use of Active X components which permits all kinds of interesting effects on a users system.
When asked about using existing standards executives at Microsoft responded that no other standard in this area exists. Patents have been applied for covering this novel concept and will be agressively defended. Anyone trying to duplicate the intelectual property of Microsoft would be better off using MESS as long as they pay the royalties due Microsoft or they may find them selves in an even bigger MESS.
Executives were then asked about possible security implications of the new MESS protocol. Executives replied that security is a number one priority and that an updated SP3 patch is currently in the works that will address all security issues. The only thing holding up SP3 release is final release of SP2 patch 1 that is needed to address security issues caused by various linux distributions.
Sure they can! They just check on which candidate paid them the most. :)
You need to run out and patent that idea. A mouse that is shaped like and feels like a breast. You could sell millions of them to all the /.'ers around here. It is the closest they are going to come to the real thing. Then you need to figure out how to get two of them working at one time so you have one for each hand.....
Sounds like you eat directly over your keyboard. I supose you also use that neat cup holder that pops out the front your computer.
Get up move around a little. That is if you can get out of your chair.....
That happens when the people in south Florida got so confused by the ballot that they could not tell who they voted for. In the last election people were claiming that they thought they voted wrong because of how the ballot was layed out. The whole business of then trying to determine what the voter intended based on hanging chads and dimples was ridiculous. If it is not clear on the ballot that one candidate or the other was selected then that ballot gets tossed. At least that is the way it should be.
Why do they make it hard? So it is possible for them to cheat the system. Electronic voting is subject to much easier manipulation than paper ballots. Period. Anyone that has half a clue knows this. Primarly since it is difficult to prove that those little electrons on the disk are the very same ones that the person in the voting booth intended. This is worse than the "hanging chad" fiasco.
The whole issue would pretty much go away if they just implemented a paper audit trail. Of course if you are doing that then you don't really need a fancy electronic system to record it. Just issue a felt tip marker. Much less expensive and fewer issues. But then the group pushing the expensive error prone electronic systems would lose money, and since they have purchased a few politicians that won't be allowed to happen. And the politicians have a desire to manipulate the results so they are not going do anything out of self interest.
What I find so funny is that the most vocal people on this topic seem to feel that the very same people that vote for them can't seem to understand how to do it correctly. So they have to "interpet" the ballots to guess how that person intended to vote.
Make it simple. Use a ballot that has the voter mark it with a marker. If they mark it wrong they can ask for a replacment ballot. If they deposit the ballot and it is marked incorrectly, either for the wrong candidate or marked such that it is unclear, then that ballot is voided and is not counted. Period, end of vote. This may get some cry baby liberals complaining that there is some issue with people not getting their vote counted. But if they are so stupid that they can not mark a simple paper ballot correctly then they should not have their vote counted!
The fact that most of the people having trouble understanding the ballots happen to be Democrats is either a fluke or an indication that like minds flock together.
I mean hot damn! They found a bug and fixed it!
Let's pat those boys at Redmond on the back!
I hope it does not take another two years to find and fix the next one......
So if someone want to tell YOU their opinion then you have to sit down and listen to it?
I have the right NOT to listen to other peoples opinions. Regardless of what the content is. The problem with spam is that it obscures the legitimate traffic in your email inbox using up time and resources that you own.
Hopefully the backlash will prevent others from trying to use this loophole. Until then ISPs should be required to implement greylisting and spamassassin across the board so spam is blocked before the public sees it. Only in that way will the spammers NOT get money from the small percentage of simple minded users that seem to think it is a good idea to help the ex-president of Nigeria with his financial problem (while making a tidy profit) or solve their limp dick problem with really cheap viagra.
Real solution to this is to spam everyone with a viagra message but send out pills that sterilize these dolts so they don't reproduce. Eventually the spammers will have no one that responds in 30 or 40 years.
If the Internet went down?
A few million spam messages would not have been delivered.
And this is bad because........
"People are getting stupider."
Intelligence in the universe is a constant. The population is growing.........
Get the major ISPs to implement greylisting and you will see a definite decrease in spam. Combine that with spamassassin and you may not see any spam for a long time.
But the ISPs don't care, they are probably making money from the spammers by selling your email address and hosting the spammers systems.
Implement greylisting on your server. I implemented it here and went from 3000 to 6000 spam messages a day to 5 to 10 spam messages a day. And those get tagged by spamassassin.
It was at the point that the owner of the company was seriously considering turning off email entirely. Even with spamassassin tagging 99% of the spam it was taking time to review it for false postives. With greylisting 99% of the spam is blocked before it ever gets on the server. And with proper use of the whitelist, legit email is rarely delayed. And using a short delay value gets you all the benefits of greylisting when using a longer delay value. The spammers are going to find it tough to get around since they will increase the cost of sending out millions of messages if they have to send them two times or more (depending on how long the delay is).
You just described greylisting. And it works extremely well. It is something all ISPs should be forced to implment immediately.
And for those that say this is a stop gap and won't be effective for very long, they are wrong.
The whole idea is to increase the cost to the spammer of sending out millions of emails. By greylisting they have to resend the same message at least twice, possibly multiple times, since they don't know how long the delay is.
On top of that if you combine greylisting with an RBL which is fed from a spam trap it is most likely that by the time the spammer resends the message to you a second time that machine is listed in the RBL. So the second attempt you let it in, check the RBL and reject the message.
Add spamassassin as the next line of defense and the few messages that do get through will get tagged and dropped in the spam bucket.
But the important part of all this is to increase the cost to the spammer. If they try to get around this then they have to maintain a list of sent messages that were rejected and resend. This takes time and resources to do, thus increasing the cost to the spammer.
That is the point. It is very easy to implement. There are several versions available now that can be setup quickly. Probably the hardest problem to solve is those with email server farms. One version however utilizes a database which could be accessed by multiple servers so when the message is retried it would be able to match the entry and allow it through.
I think one of the reasons ISPs have not jumped at this is that they do not perceive a cost benefit. It will cost them up front to get it configured and tested, it won't make any money for them. As such they are happy with the status quo. Besides they are most likely selling address lists to spammers and making a profit doing so. Implementing effective spam blocking tools is not really in their best interest for this quarter.
But as soon as they write their code to queue the message and retry it after the delay period we pull another little trick out. During that delay period the spammer is sending out spam to lots of other sites, including a few spam traps. The spam traps add the spammer address to an RBL. When they get back to your system after the delay period you check the RBL list and drop the message now that it is showing up there.
In over a year the spammers have not done anything different but dump and spew. You still keep spamassassin running as a second line of defense which this new tool could be used for as well. So the ones that manage to get past greylisting are stopped by spamassassin.
The whole idea is to make it as costly and troublesome for the spammers to keep up their crap. By using greylisting along with other tools you increase the cost since they have to resend the message multiple times and keep track of all the addresses and sites they send it to. Makes it more likely that they would run out of resources or at least reduce the number of messages they can successfully pump out over a given period of time.
By reducing the number of messages they can get delivered it has to start reducing their income. Hit them in the cash flow and maybe they will be convinced to cheat and scam some other way.
With junk faxes there is a way to clearly identify the sender, they can be tied to a phone number. With email that is very difficult to do. Unless you can clearly tie the email to an individual you would not be able to prosecute and punish the sender.
:)
As long as the ISPs let a subscriber request the ports be opened for legit use I would have no problem. I think Comcast recently blocked port 25 on a large portion of their network. Not sure it has made that big of a difference. The last analysis I did on the spam I was receiving (prior to greylisting) was that Comcast was a source of the majority of the spam. Since greylisting I have not run an analysis as the samples I have are insignificant and no longer characteristic of the bulk of spam.
Ah! How to foil spammers that adapt to greylisting? That is when the longer delay has to be used in combination with an RBL system. The idea is that when the spammer trys the first time you temporarly reject the message. During that delay the spammer continues on and hits a number of spam traps which gets the IP address added to an RBL system. The next pass at your system you start to let the message in but check it against an RBL which flags it as spam now. The message is then rejected. Spam is blocked, legit email is let through. For now that extra step is not needed. This will increase the delay but then again for known correspondants you white list them so there is no delay.
I always figured buying a congress critter that was in the oposition was the way to go.
Legislation if it ever comes to pass, which I doubt, will not have the teeth needed to really solve this problem. Or it will create such a burden on normal usrs of email that it will in itself make email useless.
:)
Blocking port 25 outgoing while it would be effective it would also block a large number of people that run their own email servers that are not used for spamming.
SPF is a good idea and I would also like to this widely implemented. Hopefully this will eventually catch on.
As to the issue you have with greylisting the benefits can be had with as little as a two minute delay with no real difference to using a 30 minute delay. Also if you are working closely with another group you would most likely have their email server white listed which means there would be no delay.
Barring the universal adoption of effective anti-spam measures at the client I think having the ISPs implement greylisting would be the quickest and surest way to deal a massive blow to the spammers. And I think people would more easily adapt to that than to have their email boxes over whelmed with the spam as they do now.
As a side note, I find the confidentiality statements tacked on to email laughable. I can not see such a thing being held up in court of law as valid in any way.
Not sure about everyone, but I have seen a significant increase in spam over the last 8 months. At work we used to get a few hundred spam a day. It increased to several thousand a day during the first few months of this year. Greylisting has reduced this to a small handful each day now. And so far there has been no indication that this is increasing at all.
So which congress critter do you want to buy?
This will make another nice tool to identify spam. But why not use greylisting at all the ISPs MTAs to simply refuse 99% of the spam that is being sent right now?
Seriously, greylisting implemented on all the ISPs MTAs would overnight block 99% of the spam being sent. Most spam at the moment is being sent from armies of bots run on unsuspecting users systems connected to cable and DSL service. The programs used are unsophisticated, they churn through a list of addresses spewing messages out by the thousands. They do not queue messages or retry them if they get an error. Greylisting uses this to great effect and blocks spam while letting legitimate MTAs deliver messages.
True, it is not 100% effective, some small number of spam messages get through since some spam goes through legitimate MTAs and the message is retried. But once you remove the bulk of spam those can be tracked down and shutdown or blocked at the firewalls.
If the ISPs would implement this spam would become a non-issue over night. Email would once again become a mostly useful tool. But I guess the problem is that the ISPs have no vested interest in solving this problem. None of them will listen or implement this simple solution which does not block any legitimate email. With 70% of the email on the network being spam (number may be higher than that at this time) I would think they would jump at a solution that would reduce the loads on their servers. But I guess they make to much money from spammers to implement such a simple solution.
Well the alternative to that is to do nothing and let email devolve into a largely useless waste of resources and time. I think if the ISPs did implement greylisting and spamassassin at thier level people would begin to wonder what all the fuss was about spam since they would see so little of it.
Do you really think people would have a problem with greylisting? email is not instant messaging. There are other applications for that.
True, with the setup I have at home at the moment I still have to process all the spam. But I don't look at it since it ends up segregated from my regular email and mailing list traffic. Other than running a script about once a week to run it through sa-learn to reinforce the bayes database for spamassassin.
At work where greylisting is implemented the spam was reduced from 3000 to 6000 a day to 5 or 10 a day. Very few bots retry the spam and the system does not read the data part so there is a savings on bandwidth and cpu time. The drop was dramatic and much better than I had expected.
You are correct about Bob Dole. It is amazing how cheap congress critters go for now a days. Maybe we should take up a collection and buy a few for our own use.....