Re:Monstroyer says congrats!
on
Spam Bits
·
· Score: 1
I don't correspond with people who inflict C/R on me. C/R messages get dropped in the bitbucket. If you think you can solve your spam problem by wasting my time making me jump through your hoops, you got another thing coming.
Require the installation of a "personal firewall" when the users sign up for an account.
Personal firewalls are crap. They cannot - by design - interfere with the other operations of the PC, so they won't allocate a large enough pool of memory for keeping state on active connections. This results in lots of false alerts if TCP FINs are retransmitted, and on our busy ad banner servers, they sometimes are retransmitted. The PC firewalls think this is a FIN scan, because they have already purged the session when they see the first FIN. Dumb, dumb, dumb!
McCrappy is especially vulnerable to this, and not only that, in it's popup alert it uses the language "Your PC is under attack from..." even if it was just one TCP FIN. Users of this sorry piece of crap call me (hostmaster/abuse contact) in a rage, yelling and screaming at me because their McCrappy software has gone "beep beep" and accused my employer of attacking them.
To make matters worse, McCrappy doesn't provide the user with enough information to respond reasonably, even if it were a legitimate attack. I don't know how many people have sent me a McCrappy firewall alert, which contained nothing but a dump of our WHOIS records, headed by a paragraph accusing the listed party of attacking the user.
"Yes sir. That's our WHOIS record. Yes sir, I am already aware of that information, since I put it there."
Re:I don't get it
on
Gates on Spam
·
· Score: 2, Interesting
Why wouldn't this work? Is there a problem with this?
Mailing lists, forwarding services, email-this-link-to-a-friend, all that stuff and more would become illegitimate email under this scheme, and also under SPF. You've offered no insights or solutions that hundreds of others haven't already brought up.
Here's a clue for everyone: if someone tells you, or you yourself think, that they have the solution to the spam problem, and it's so simple that there's no reason why it can't be implemented now, they obviously have only just begun thinking about the problem. All the "simple, easy" fixes have already been thought of, and have been either tried and discarded, or never tried because they are not so simple or easy after all.
This is just a helpful hint to try and save a lot of duplicated effort out there.:)
Email is valuable because
on
Gates on Spam
·
· Score: 2, Insightful
Email is valuable and popular because it is cheap and quick. Make it expensive and slow, and its value goes away. Hashcash-like proposals seek to make email suck more for all of us, in the hopes that it will be even more sucky for the spammers, so sucky that they'll quit.
But you cannot save email by destroying the things that makes it valuable and popular.
Mulberry is very good, very capable and compliant with standards. I use it on Windows mostly, and run it on Linux and Solaris sometimes. It's ability to utilize multiple IMAP accounts is unmatched which is great for email junkies. A lot of people will be turned off by its lack of skinning or themes features. Mulberry uses its own private widget set, which usually closely resembles the native widget set of whatever platform Cyrusoft has ported it to.
Of course, Linux doesn't really have a native widget set, and the Motif/Borland-ish buttons and borders will probably throw off your desktop's Fung Shwei, no doubt. Unless somebody comes up with a Mulberry-cum-Motif desktop theme that matches Cyrusoft's look and feel... Tnen you can make everything look that way.;)
...a web based client only views mail on the server, and doesn't have to transmit/store it.
Hello!? McFly?! Hello!?
A web-based client has to ask the server to transmit the message AGAIN and AGAIN almost every time you view it from a different login session. And the client DOES store transient copies of the message, but it's not organized like a mailfolder. Instead, local mail storage is organized like a browser cache - since it IS the browser cache.
Except that searching for "x free 86" on MSN returns the XFree86 homepage as the first result (so does a search for "x free86" and "xfree 86" and just "xfree"). A search for "x free" returns some X-Men web pages, free speech sites, and other "free" stuff and "x" stuff - but no adult content results. Only "xfree86" returns the link to the "adult content" page. I think your theory does not stand up to a real world test.
You didn't even RT your own FA. Further down that very same page, it says:
Average Dimensions and Weights
14.9" (378.0mm) W x 12.6" (320.0mm) D x 1.9" front - 2.2" rear (47.0mm - 55.0mm) H / 14.1 lb. (6.4kg) with combo drive, 15.7 lb. (7.1kg) with combo drive and battery
As long as the person understands that they have about as much chance of registering microsoft.com as they do of winning the lottery, I see no reason why we should be holding consumers' hands and protecting them from their own stupidity.
But if Microsoft buys insurance from Verisign, then there is NO chance at all that the person who paid for WLS on Microsoft.com will ever get the domain. Thus, at best it is fraudulent for Verisign to offer WLS and insurance, and at worse, it is a racketeering operation with Verisign putting the squeeze on their own customers ("Buy insurance, Microsoft, look how many people are on the WLS for your domain. You wouldn't want to lose your domain to one of these people, would you?").
Bayesian filters tend to work very well, but now spammers are adding sprawls of randomly generated green-light text to offset the filter's score.
That does not work. If anything, it makes the spam easier to identify, especially dictionary-salad-type spams that just list random words most of which real people hardly ever use in actual emails. Dictonary salad just gives the Bayesian classifier more spam terms to work with. The rest of the terms, the ones that are common in real emails, converge on a neutral score real quick, and simply stop counting one way or another.
Our outgoing mail servers are not the same as our incoming MX mail servers. Your method would reject any emails from our 5,000+ employees. I can tell you that it isn't so that Verizon.net does this, or at least they don't do it to us. Our emails are not rejected by Verizon.net, nor have I ever seen any bounces from anyone because of this.
The method you describe would reject a lot of legitimate emails, especially from medium to large companies and medium to large ISPs who have a more complex mail system than one MX relay.
I say no. That the core is dumb is one of the reasons the internet is available to everyone. That the core is dumb is one of the reasons it is so reslient. That the core is dumb is the reason we can assign stewardship - not ownership - to Verisign, and yank it away from them when they misstep.
Keep the core dumb. No innovation is necessary or wanted.
Yeah, no kidding. Why, I just submitted a story about how TiVo measured the most rewinds evber when Janet Jackson's wardrobe malfunctioned during the SuperBowl halftime show, but they rejected it.
Raise your hand if you'd rather read a story connecting Janet's bare boob to record-breaking TiVo demographics, or a font change at the government. Sheesh!
I'm not an ISP, but that doesn't mean my company's mail servers don't receive a significant volume of mail. Last month, the incoming mail servers for our 5,000 or so employees rejected 11 million spams with a SpamAssassin score >= 10. If we had instead accepted those emails, and received a penny for each of them, my department would have brought in $110,000 in revenue for the last month, just for turning off the spam filter.
And a city should be able to refuse him a business permit, sewage service, water service, electrical service, police protection and anything else that belongs to the city, if he doesn't get in line with what the city expects of him, in consideration of all the things the city does to enable his business to exist in the first place.
No business exists in a vacuum. Every business is indebted to the community in which it exists, and it owes that community.
If members of the community don't like the admittance policy, then they can boycott the establishment.
Screw that. Revoke his business permit.
Re:How stupid do you have to be?
on
SCO Offline
·
· Score: 2, Interesting
Holy Freakin' Cow! Look at this Darl-ism:
O'BRIEN: One final thought. You're talking about the ultimate hall of smoke and mirrors here. What are the chances you could be duped into giving the reward to a culprit?
MCBRIDE: Well, the way it works here, Miles, is to pay the reward out means that that person will be in jail. So I guess conceivably they could turn themselves in, go to jail, sit around with their $250,000 and get out. So I guess maybe that's the way to make money. Since you can't make money with Linux because it's free, maybe that's the new monetization system.
That last point is particularly good, since the PHB types freak if their email isn't exactly the way that they're used to... and they also freak when implementing new technologies.
We just reached a milestone of having 12 million spams rejected in a month (with score >= 10.0). That's about 400 per minute, and it doesn't count emails rejected by sendmail (sender domain must resolve, access_db entries, malformed address, etc.)
Only about 1.5 million emails a month are legit messages that an employee wanted to receive. Do the math folks: 7 out of 8 emails presented to us for delivery are spam.
Yeah, it is not necessary to use LD_LIBRARY_PATH or crle at all in the case describe in the article. The Solaris dynamic linker is capable of choosing from the sparcv7 or sparcv9 subdirectories of/usr/lib (and/usr/dt/lib, etc.), the correct 32- or 64-bnit library. The libs located directly in/usr/lib are not the actual libs. They are stubs for compile-time compatibility. They aren't used at runtime at all.
If the guy had experimented just a bit, he'd have found that simply putting 64-bit libs in/usr/lib/sparcv9 was all that he needed to do.
What if your parents had the same attitude about conceiving yourself? Then we'd not have to be reading your insipid drivel. I mean, your parents are still probably waiting for some kind of return on their investment. Had they adopted your attitude, they probably wouldn't have bothered at all.
Slashdot Mirror
I don't correspond with people who inflict C/R on me. C/R messages get dropped in the bitbucket. If you think you can solve your spam problem by wasting my time making me jump through your hoops, you got another thing coming.
Have a nice day.
I challenge someone to find an automated response to C/R.
if ( message looks like C/R ) {
discard;
stop;
}
Require the installation of a "personal firewall" when the users sign up for an account.
..." even if it was just one TCP FIN. Users of this sorry piece of crap call me (hostmaster/abuse contact) in a rage, yelling and screaming at me because their McCrappy software has gone "beep beep" and accused my employer of attacking them.
Personal firewalls are crap. They cannot - by design - interfere with the other operations of the PC, so they won't allocate a large enough pool of memory for keeping state on active connections. This results in lots of false alerts if TCP FINs are retransmitted, and on our busy ad banner servers, they sometimes are retransmitted. The PC firewalls think this is a FIN scan, because they have already purged the session when they see the first FIN. Dumb, dumb, dumb!
McCrappy is especially vulnerable to this, and not only that, in it's popup alert it uses the language "Your PC is under attack from
To make matters worse, McCrappy doesn't provide the user with enough information to respond reasonably, even if it were a legitimate attack. I don't know how many people have sent me a McCrappy firewall alert, which contained nothing but a dump of our WHOIS records, headed by a paragraph accusing the listed party of attacking the user.
"Yes sir. That's our WHOIS record. Yes sir, I am already aware of that information, since I put it there."
Besides that, Nikon, Canon, Minolta, Olympus and many others use Kodak CCD chips in their cameras. Sony uses Sony chips in their cameras.
Say what you want about obvious patents, but Kodak is no SCO - they aren't desperate or stupid enough to sue their own customers.
Thank you for not mentioning Ayn fucking Rand.
Why wouldn't this work? Is there a problem with this?
:)
Mailing lists, forwarding services, email-this-link-to-a-friend, all that stuff and more would become illegitimate email under this scheme, and also under SPF. You've offered no insights or solutions that hundreds of others haven't already brought up.
Here's a clue for everyone: if someone tells you, or you yourself think, that they have the solution to the spam problem, and it's so simple that there's no reason why it can't be implemented now, they obviously have only just begun thinking about the problem. All the "simple, easy" fixes have already been thought of, and have been either tried and discarded, or never tried because they are not so simple or easy after all.
This is just a helpful hint to try and save a lot of duplicated effort out there.
Email is valuable and popular because it is cheap and quick. Make it expensive and slow, and its value goes away. Hashcash-like proposals seek to make email suck more for all of us, in the hopes that it will be even more sucky for the spammers, so sucky that they'll quit.
But you cannot save email by destroying the things that makes it valuable and popular.
Mulberry is very good, very capable and compliant with standards. I use it on Windows mostly, and run it on Linux and Solaris sometimes. It's ability to utilize multiple IMAP accounts is unmatched which is great for email junkies. A lot of people will be turned off by its lack of skinning or themes features. Mulberry uses its own private widget set, which usually closely resembles the native widget set of whatever platform Cyrusoft has ported it to.
;)
Of course, Linux doesn't really have a native widget set, and the Motif/Borland-ish buttons and borders will probably throw off your desktop's Fung Shwei, no doubt. Unless somebody comes up with a Mulberry-cum-Motif desktop theme that matches Cyrusoft's look and feel... Tnen you can make everything look that way.
...a web based client only views mail on the server, and doesn't have to transmit/store it.
Hello!? McFly?! Hello!?
A web-based client has to ask the server to transmit the message AGAIN and AGAIN almost every time you view it from a different login session. And the client DOES store transient copies of the message, but it's not organized like a mailfolder. Instead, local mail storage is organized like a browser cache - since it IS the browser cache.
Except that searching for "x free 86" on MSN returns the XFree86 homepage as the first result (so does a search for "x free86" and "xfree 86" and just "xfree"). A search for "x free" returns some X-Men web pages, free speech sites, and other "free" stuff and "x" stuff - but no adult content results. Only "xfree86" returns the link to the "adult content" page. I think your theory does not stand up to a real world test.
As long as the person understands that they have about as much chance of registering microsoft.com as they do of winning the lottery, I see no reason why we should be holding consumers' hands and protecting them from their own stupidity.
But if Microsoft buys insurance from Verisign, then there is NO chance at all that the person who paid for WLS on Microsoft.com will ever get the domain. Thus, at best it is fraudulent for Verisign to offer WLS and insurance, and at worse, it is a racketeering operation with Verisign putting the squeeze on their own customers ("Buy insurance, Microsoft, look how many people are on the WLS for your domain. You wouldn't want to lose your domain to one of these people, would you?").
Bayesian filters tend to work very well, but now spammers are adding sprawls of randomly generated green-light text to offset the filter's score.
That does not work. If anything, it makes the spam easier to identify, especially dictionary-salad-type spams that just list random words most of which real people hardly ever use in actual emails. Dictonary salad just gives the Bayesian classifier more spam terms to work with. The rest of the terms, the ones that are common in real emails, converge on a neutral score real quick, and simply stop counting one way or another.
Our outgoing mail servers are not the same as our incoming MX mail servers. Your method would reject any emails from our 5,000+ employees. I can tell you that it isn't so that Verizon.net does this, or at least they don't do it to us. Our emails are not rejected by Verizon.net, nor have I ever seen any bounces from anyone because of this.
The method you describe would reject a lot of legitimate emails, especially from medium to large companies and medium to large ISPs who have a more complex mail system than one MX relay.
Dude, where have you been for the past three years? Oh, I know... government IT. How'd I guess?
I say no. That the core is dumb is one of the reasons the internet is available to everyone. That the core is dumb is one of the reasons it is so reslient. That the core is dumb is the reason we can assign stewardship - not ownership - to Verisign, and yank it away from them when they misstep.
Keep the core dumb. No innovation is necessary or wanted.
THESE are real time pieces, with hard steel gears meshing with softer brass gears, mounted on pinions that are encased by jewels.
You got something against Cesium atoms? Those are real time pieces, too.
Thanks, that was terrific. I love sticking it to spammers of all kinds, and I do it whenever I have the opportunity.
Yeah, no kidding. Why, I just submitted a story about how TiVo measured the most rewinds evber when Janet Jackson's wardrobe malfunctioned during the SuperBowl halftime show, but they rejected it.
Raise your hand if you'd rather read a story connecting Janet's bare boob to record-breaking TiVo demographics, or a font change at the government. Sheesh!
I'm not an ISP, but that doesn't mean my company's mail servers don't receive a significant volume of mail. Last month, the incoming mail servers for our 5,000 or so employees rejected 11 million spams with a SpamAssassin score >= 10. If we had instead accepted those emails, and received a penny for each of them, my department would have brought in $110,000 in revenue for the last month, just for turning off the spam filter.
Sounds like a plan.
And a city should be able to refuse him a business permit, sewage service, water service, electrical service, police protection and anything else that belongs to the city, if he doesn't get in line with what the city expects of him, in consideration of all the things the city does to enable his business to exist in the first place.
No business exists in a vacuum. Every business is indebted to the community in which it exists, and it owes that community.
If members of the community don't like the admittance policy, then they can boycott the establishment.
Screw that. Revoke his business permit.
Holy Freakin' Cow! Look at this Darl-ism:
O'BRIEN: One final thought. You're talking about the ultimate hall of smoke and mirrors here. What are the chances you could be duped into giving the reward to a culprit?
MCBRIDE: Well, the way it works here, Miles, is to pay the reward out means that that person will be in jail. So I guess conceivably they could turn themselves in, go to jail, sit around with their $250,000 and get out. So I guess maybe that's the way to make money. Since you can't make money with Linux because it's free, maybe that's the new monetization system.
That last point is particularly good, since the PHB types freak if their email isn't exactly the way that they're used to... and they also freak when implementing new technologies.
I don't know about that. Ever since I installed SpamAssassin & MIMEDefang on our incoming relays, there doesn't seem to be anything I want for stopping spam that the PHB's won't let me have. They bought me seven more IBM x335 machines just for handling mail relaying. They're ecstatic that all I want is more hardware, and not an expensive license and software maintenance contract from NAI or some outfit like that.
We just reached a milestone of having 12 million spams rejected in a month (with score >= 10.0). That's about 400 per minute, and it doesn't count emails rejected by sendmail (sender domain must resolve, access_db entries, malformed address, etc.)
Only about 1.5 million emails a month are legit messages that an employee wanted to receive. Do the math folks: 7 out of 8 emails presented to us for delivery are spam.
Yeah, it is not necessary to use LD_LIBRARY_PATH or crle at all in the case describe in the article. The Solaris dynamic linker is capable of choosing from the sparcv7 or sparcv9 subdirectories of /usr/lib (and /usr/dt/lib, etc.), the correct 32- or 64-bnit library. The libs located directly in /usr/lib are not the actual libs. They are stubs for compile-time compatibility. They aren't used at runtime at all.
/usr/lib/sparcv9 was all that he needed to do.
If the guy had experimented just a bit, he'd have found that simply putting 64-bit libs in
What if your parents had the same attitude about conceiving yourself? Then we'd not have to be reading your insipid drivel. I mean, your parents are still probably waiting for some kind of return on their investment. Had they adopted your attitude, they probably wouldn't have bothered at all.