I find it highly fascinating that the writers of viruses and worms are actively sought out and prosecuted while adware and spam that can really be just as harmful as a virus remains legal. Heck I thought e-mail bombing IS illegal. How is sending out several thousand e-mails across a domain @hotmail @comcast etc not considered a form of mail bombing? If the various countries of this world, more like if the US would bend a bit, would work together on this problem tracking the originator of spam, adware, etc would become trivial and if a prison sentence was the repercussion for distributing this **** it might make people think twice before sending out 100,000 e-mails. As it stands there is little consequence to spamming or distributing an adware product.
When are we going to say enough is enough and treat this behavior the same as we treat the scum that creates and distributes viruses and worms?
__________________
PDA History: Palm Pilot 5000 -> Apple Newton 2100 -> Casio E-11 -> iPaq 3650 (64MB Upgrade) -> iPaq 3700 -> Casio EM-500 -> HP Jornada 568 -> HP iPaq hx4705 www.spreadfirefox.com
I agree with much of what's been said.
I think a grassroots campaign to persuade people not to respond, and legilators to legislate is needed.
Until then, I'm using www.mailblocks.com, which is cheap, and reliably keeps all spam out.
I was getting more spam than I could tolerate a year ago (about 10-20 pieces per day, maybe). I used to forward all spam to ISPs shown in the headers, but that had gotten too tedious. Even forwarding to the U.S. government's spam trap (uce@ftc.gov) had gotten too much for me. So I decided to take action and did several things.
First, I had my ISP rename my E-mail address from something reasonably easy to guess (shm) to something more difficult (shm59ca). As I was already using a mail forwarding service, all I had to do was redirect it to my new address.
Second, because my mail forwarding address was getting too much spam, I bought my own domain. The company I went with also offered free E-mail forwarding and a catch-all address. The catch-all address was a big thing, because it allows any E-mail sent to my domain to be forwarded to my E-mail address at my ISP.
Third, any time I register at a Web site or give my E-mail address to somebody I don't trust, I assign them their own unique address. So Amazon has amazon, Pocket PC Thoughts has ppcthoughts, etc. I also visited places online that had my old forwarding address and gave them a new E-mail address to use.
This third step allows me to track how spammers get my E-mail address. If I start getting spam at one of the E-mail addresses I've given out, I can just turn that alias off (or forward it to my old forwarding address).
Fourth, I turned forwarding off on my old E-mail address, so it's now just a Web mail account. It still gets tons of spam, but I rarely even check it.
I rarely get one spam per day now, even though I'm a user at several Web sites. Those that I do get, I forward to the FTC.
The one problem with my system is that I'll die if somebody ever runs a dictionary spam attack on my domain, but that hasn't happened yet (and is illegal under the CAN-SPAM act, for whatever that's worth). I have gotten viruses to E-mail addresses I've never given out, but that's another issue.
I refused to let my email fall victim to the clutches of a processed pork product. To do it, I signed up for SpamArrest at Spamarrest.com. It's a challenge/authentication system where people send you an email and get a challenge back. If they don't respond, I never see the mail.
Other solutions, like charging for every E-mail, will be non-starters. Who wants to pay for everything you send like you do with SMS?
However, if they put a large free limit on E-mail, I might accept that. A system where you can receive as much E-mail as you want for free and could send up to 100 E-mails per day (for example), after which you'd be charged $0.02 per E-mail sent should be reasonable for consumers. Legitimate businesses and Web sites like Pocket PC Thoughts might pay for a special class of service with unlimited E-mail sending.
I'm not sure charging would really hurt spammers much, though. They'd either just have to create more fake accounts or the users of the zombie machines would get the bills (maybe that's OK, but I hate to see innocent people pay).
Yahoo has a damn good system up for consideration right now. Microsoft too, I believe. If either are adopted I see it as a solution. Why does everyone think this is a problem with no solution?
Yahoo has a damn good system up for consideration right now. Microsoft too, I believe. If either are adopted I see it as a solution. Why does everyone think this is a problem with no solution?
Well, from the Inquirer article this quote sums up why the author is so gloomy and specifically mentions Yahoo:
Quote:
More and more often we are seeing delays ranging from hours to days in our mail getting through. The delays are in both of our servers, both independent with different filtering rules. Those supporting the systems give different reasoning for the problems at different times. Always, they say it's fixed, and then days, weeks, or months later it happens again. The frequency of these outages is steadily increasing. The underlying reason for these outages and delays are really all the same. The load on these servers is already pretty heavy just moving the mail through. Nowadays that's not all these servers have to do. They also have to apply filters to the mail, checking for Spam and trying to block that Spam. This takes clock cycles, and when you consider the amount of e-mail and Spam floating around in the ether, it's a large amount of clock cycles indeed.
These filters are in essence trying to do the one thing computers aren't good at. Pattern Recognition. It's not good enough to just cut any mail that uses the word "Viagra" it has to try to figure out the context. However, computers can't do that. So people create rules based upon looking at the mail that is out there. Unfortunately as the filters become well tuned, the Spammers can see the traffic reduced, so they change the text, and more rules are required. Then more clock cycles are required to process the additional rules. Yahoo in particular can show this. The boffins at Yahoo are constantly trying to do something about the Spam their users are inundated with. During certain times I get 10 spams a week, at others I get 10 an hour. This shows the Spammers constantly fine tuning their crap to pass the filters. At times the Spammers go on binges. Having taken over more computers here and there, they can increase the amount of spams. Since their business is based entirely on the basis of volume, the more they send, the more dupes respond to them, as such they are perfectly happy to increase the volume of spams to the limits. When these spam waves happen, mail servers around the world are brought to their knees trying to process the filtering rules on the hundreds of millions of e-mails floating around the ether. It's a losing battle. Spam is so prevalent simply because it's cheap to the sender. Each spam is worthless in more ways than one. It costs nothing to send, however, there is a cost on the other end to block it. The small amount of spammers can create countless amount of spam with no added cost per e-mail, but those administrators of mail servers need to purchase more and faster equipment in attempt to block spam and still let the occasional legitimate mail through. It's a recipe for disaster.
Bbasically he is saying the the attacker (spammers) will always have the advantage over the defenders (the spammed and the ISPs), UNLESS something fundamental changes. The spammers can just go increasing Spam levels at little or no cost to themselves due to all the compromised zombie computes out there.
His argument isn't so much about what happens in our in-boxes - which may be manageable, but with the ISPs and the Internet 'pipework', which he thinks is staining dangerously. I haven't really heard any arguments yet that counter his points.
Most folks in this thread are saying 'it does not effect me becuase.....', but surely the clogging up of the entire system does effect us to to delays, lost mail etc?
Funnily enough the Inquirer has just put up brief post about the problems of legislating spam, here
Quote:
And therein lies the rub. When one country adopts one type of legislation but others another, and when folk like Mr Kurtz assume that because we have no country identifier in our email address we must be based in the USA, the fundamental problem of conflicting anti-spam legislation becomes very obvious.
The solution to unwanted emails is, at best, only partially solved by legislation. Other methods must be used.
So we should do nothing, simply give up without a fight, whine and complain about the inevitability of failure?
Just so no one misunderstands: my earlier post represents my reaction to The Inquirer entertaining "editorials" which are nothing more than thinly veiled trolling, not Jonathon's posting or reference of it on PPC Thoughts.
Thanks for the calrification Corphack.
We don't necessarily agree with the news and articles we post about, but they should always inform, stir debate and preferably, be thought provoking. 8)
His argument isn't so much about what happens in our in-boxes - which may be manageable, but with the ISPs and the Internet 'pipework', which he thinks is staining dangerously. I haven't really heard any arguments yet that counter his points.
Most folks in this thread are saying 'it does not effect me becuase.....', but surely the clogging up of the entire system does effect us to to delays, lost mail etc?
Yeah, this is the overlooked part of everyone's arguments. You can do all you want to blcok spam coming into you, but what does that do? Spammers are still sending the messages to your account. and with over 80% of all US e-mail being spam, and almost 70% globally, (Internetnews.com) how much strain does that put on the major internet infrastructure? Imagine removing the billions of spam e-mails sent every day from the internet pipelines. Clear up congestion and make internet traffic clearer. Because of increased spam, ISPs are faced with two options, cutting off certain services used by spammers, which can sometimes hurt legitamite consumers, such as the port 25 blocking, or building up their infrastructure. If they are faced with bulking up the internet pipelines, who is going to pay for that, them? No, the cost will be passed down to the consumer. According to statistics from 2003, 8% of e-mail users bought from spam e-mails and 28% responded to such e-mails. That means there is still a relatively large number of people without proper knowledge. But the problem is hard to solve, and ultimately, it requires GLOBAL cooperation, which is very unlikely. If there isn't a universally aggreed on attack against spammers, then they will still be sending their spam and infecting computers from their home base in some third world country. The problem affects EVERY e-mail user. We can't ban stupid people from using e-mail, so that means the spammers must be stopped, and the programs that send e-mail from zombie machines must be eliminated. A concerted effort must be made by both the private sector and government to come up with ways (both legal and technological) to stop spam.
But the problem is hard to solve, and ultimately, it requires GLOBAL cooperation, which is very unlikely. If there isn't a universally aggreed on attack against spammers, then they will still be sending their spam and infecting computers from their home base in some third world country. The problem affects EVERY e-mail user. We can't ban stupid people from using e-mail, so that means the spammers must be stopped, and the programs that send e-mail from zombie machines must be eliminated. A concerted effort must be made by both the private sector and government to come up with ways (both legal and technological) to stop spam.
I wonder what would happen if we did something fairly simple but drastic -- change the Internet protocols used to route E-mail. It would require people to run Windows update or rebuild their operating systems, but could put technological means to block spam in place.
If there aren't new protocols already, they would have to be developed. There would be a worldwide announcement when the switch would take place. You might keep both systems in place for a month with gateways routing E-mail sent via the new system to the old system (and vice versa) for a brief period of time (no more than one month).
Sure some people wouldn't get E-mail if their systems weren't upgraded in time, but would it be worth it? Would you be willing to suffer the upgrade path and the potential loss of E-mail for a time to get rid of spam? Remember that other Internet services, like the Web and newsgroups, would still work fine.
Another "solution" would be to cut off E-mail from known spam havens, like Korea and China. The backbone systems could just reject E-mail from those places.
Corporations dealing with those countries obviously would need to set up a system to get around that, but they have dedicated IT staff to help. People with family in those countries would obviously have an issue with that, but that's a minority of users, I suspect.
Obviously, isolation isn't a great idea, but it may be viable until a technical solution is in place.
How I Solved My Spam Problem
Linear Mode
