Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

By Latest Count, 95% of Email Is Spam

timothy posted more than 4 years ago | from the much-of-the-rest-might-as-well-be dept.

Spam 198

An anonymous reader writes "The European Network and Information Security Agency released its new spam report, which looks at spam budgets, the impact of spam and spam management. Less than 5% of all email traffic is delivered to mailboxes. This means the main bulk of mails, 95%, is spam. This is a very minor change, from 6%, in earlier ENISA reports. Over 25% of respondents had spam accounting for more than 10% of help desk calls. The survey targeted email service providers of different types and sizes, and received replies from 100 respondents from 30 different countries."

cancel ×

198 comments

Sorry! There are no comments related to the filter you selected.

Logic? (4, Interesting)

clang_jangle (975789) | more than 4 years ago | (#30868966)

Less than 5% of all email traffic is delivered to mailboxes. This means the main bulk of mails, 95%, is spam.

I don't doubt that it's around 95%, but the logic of the above-quoted statement is certainly flawed.

Re:Logic? (3, Informative)

sdnoob (917382) | more than 4 years ago | (#30869202)

your internet provider or mail server administrator is likely blocking more (a LOT more) spam than you see come through to your "spam folder".

95% spam is a reasonable estimate for a report coming out of the EU, i think; and is pretty close to what i see here in the US (about 9 of every 10 inbound messages to our domains is either blocked at time of delivery or filtered later on).

Re:Logic? (1, Insightful)

Anonymous Coward | more than 4 years ago | (#30869312)

They'd block almost all of it if they'd just shut down internet access to infected Windows boxes.

Re:Logic? (1)

stonedcat (80201) | more than 4 years ago | (#30869970)

They'd block almost all of it if they'd just shut down internet access to Windows boxes.

Fixed

Re:Logic? (1, Interesting)

Anonymous Coward | more than 4 years ago | (#30869244)

Less than 5% of all email traffic is delivered to mailboxes. This means the main bulk of mails, 95%, is spam.

I don't doubt that it's around 95%, but the logic of the above-quoted statement is certainly flawed.

Link to full report:
http://www.enisa.europa.eu/act/res/other-areas/anti-spam-measures/studies/spam-survey/at_download/fullReport

There also appears to be selection bias in the sample. The confidence interval is also missing. Survey only took place in Europe and apparently one company in the US.

In short, this is a waste of someone's money.

Re:Logic? (4, Informative)

Teun (17872) | more than 4 years ago | (#30869654)

Survey only took place in Europe and apparently one company in the US.

In short, this is a waste of someone's money.

Only, huh?

27 nations and a population of >500 million forming the largest economic block in the world...

Re:Logic? (2, Insightful)

characterZer0 (138196) | more than 4 years ago | (#30869342)

Right. They are ignoring the huge volume of legitimate mail that hotmail/msn silently deletes in violation of the RFCs.

Re:Logic? (1)

Xeriar (456730) | more than 4 years ago | (#30869650)

Right. They are ignoring the huge volume of legitimate mail that hotmail/msn silently deletes in violation of the RFCs.

Hotmail doesn't represent the majority of e-mail accounts, and usually it seems to be down solely to the incompetence of whoever is administering hotmail, rather than intentionally violating RFC. Same difference, I suppose, but it's certainly not a majority of the legitimate e-mail they get to them, anyway.

Re:Logic? (1)

drissel (123701) | more than 4 years ago | (#30869764)

Daniel J Bernstein has a fix for spam - his Internet Mail 2000. You can see it at:

http://cr.yp.to/im2000.html [cr.yp.to]

Regards,
    Bill Drissel

might be a good thing (1)

symes (835608) | more than 4 years ago | (#30868992)

If volume is increasing then this might mean returns are getting scarce for these parasites. and perhaps it will come to a point where no matter how much spam they deliver they still don't make enough. but then maybe i am dreaming.

Re:might be a good thing (3, Insightful)

Joce640k (829181) | more than 4 years ago | (#30869662)

Doesn't matter. There's no shortage of people who believe spamming will make them rich. Spam isn't going to go away just because it doesn't work.

More than 90% for me too (3, Interesting)

Arancaytar (966377) | more than 4 years ago | (#30868996)

I also get about 10 times as much spam as actual email. Fortunately, Google is pretty good at filtering that - the number of false negatives in my inbox has been less than ten this month, while I got over a thousand to my spam folder.

It's hard to comprehend how people deal without that level of spam filtering - I have relatives who regularly register new accounts in order to escape their spam.

Re:More than 90% for me too (1)

derGoldstein (1494129) | more than 4 years ago | (#30869250)

"better that ten guilty persons escape than that one innocent suffer" - William Blackstone

False positives are the bigger problem. The amount of spam drives the need to "profile" incoming content with greater scrutiny, leading more and more real E-mail to the spam folder. Some of that E-mail might be important. Whitelisting is only a partial solution -- you don't always know where an important E-mail is going to come from. I've had more than one occasion where I've missed out on an opportunity, and a couple of them were job offers. When you find something like that in the spam folder (which, like you said, is massive), it's very disheartening. I'll usually skim through the spam folder weekly, going over what ended up there over the past week -- it's usually a waste of time, but every now and again I'll see something that doesn't belong there.

Re:More than 90% for me too (2, Interesting)

Blowit (415131) | more than 4 years ago | (#30869308)

Want to reduce false positives, and your friends, colleagues and email partners to ask their provider to support either Domainkeys or SPF. Once they get on the bandwagon, their mail will no longer get false positive flagged.

Re:More than 90% for me too (1)

allo (1728082) | more than 4 years ago | (#30869538)

or use a ham keyword.

Re:More than 90% for me too (1)

TheRaven64 (641858) | more than 4 years ago | (#30869816)

SPF doesn't say anything about whether mail is spam - most spam comes from domains with valid SPF records - it just says that the sender is not forged. Email from a domain with SPF is no less likely to be marked as spam than email from a domain without, however email pretending to be from a domain with SPF can be identified and bounced as forged. The main advantage of setting up SPF is that, when a spammer fakes your address as the sender, mail servers that aren't configured by monkeys (i.e. not gmail) will not then bounce thousands of spam messages at you.

Re:More than 90% for me too (4, Funny)

kandela (835710) | more than 4 years ago | (#30869328)

Yeah, I know what you mean. Just last week I missed out on the opportunity to make a living just from surfing the web from my home computer! I can't tell you how disappointed I was that the email offering that 'chance of a lifetime' went to my spam folder.

Then there was the time I won a million dollars but because of my spam filter I never got to claim it in time. Or the time that the Prince of Nigeria sent a desperate email to me for help, but because of spam filtering I was never able to offer my assistance. I feel just terrible knowing that he was never able to access his fortune or reclaim his rightful seat on the throne.

Re:More than 90% for me too (0)

Anonymous Coward | more than 4 years ago | (#30869472)

And to think of the marriage proposals from all those lovely young ladies from Russia. You could have had a whole mail-order harem but for that filter!

Re:More than 90% for me too (1)

Antiocheian (859870) | more than 4 years ago | (#30869514)

Have you ever heard of SpamAssassin, statistical probability or heuristics ?

You really think that you'd have to surrender your email to Google to fight spam ?

Re:More than 90% for me too (0, Troll)

Arancaytar (966377) | more than 4 years ago | (#30869702)

What the fuck do you mean by surrendering email to Google?

The people I mentioned earlier are using Hotmail, which not only sucks at spam filtering but also appends ad messages to outgoing messages. THAT's surrendering.

Accounting for help desk calls?! (3, Interesting)

Anonymous Coward | more than 4 years ago | (#30869024)

Now I am not a corporate email guru, but why would spam be the reason to call for help? In this day and age it boggles the mind. Even my grandmother can deal with spam without needing tech support.

Re:Accounting for help desk calls?! (3, Insightful)

NatasRevol (731260) | more than 4 years ago | (#30869200)

Your grandmother is smarter than most people in the office.

I too was the email guru once upon a time (last year). It boggled my mind that people simply could not understand that some email was spam, and that some valid mail got caught because their friends forwarded a forward or an ad company sent them an actual email. And I explained this to the same set of people over and over again.

Re:Accounting for help desk calls?! (2, Interesting)

DarkOx (621550) | more than 4 years ago | (#30869730)

This off topic but- don't you think OS X was born out of it being easier to make Unix friendly than fixing MacOS which they tried and failed to do internally? I really don't see how Windows has anything to do with it.

Re:Accounting for help desk calls?! (1)

Antique Geekmeister (740220) | more than 4 years ago | (#30869314)

_Reporting_ spam is often routed to the help desk. And the intricacies of reporting the entire, unedited message with all the headers intact is often beyond a casual email user. Particularly irritating email also climbs up the reporting priority list and wastes helpdesk time, such as email being forged from one domain to pretend that it is from another domain and getting other people's email being blocked or taking advantage of their whitelisted domains (known as "joe jobs").

Re:Accounting for help desk calls?! (1)

clarkie.mg (216696) | more than 4 years ago | (#30870150)

Are you sure ? I know a lot of inexperienced people who are overwhelmed by the number of messages in their mailbox. One 70 year old just told me she gave up on her mailbox because there were 750 messages in it. Another one, 50 years old, is drowning in advertisement messages - not even spam, she gave her email on legitimate shopping sites.

A third one, 50 years old, lost an email confirming her plane travel and ended up rebooking it ! When she called me, i found the email in 1 second by using the search function.

For an experienced user, it might seem easy to use some basic techniques like filtering, searching, sorting but most people just pile up the messages and only use "reply" and "forward" without editing.

I offer a one hour basic course for email management with an optional one hour for setting up filters and other tools but email is rarely considered a serious issue rather a tool to send jokes, porn or "how are you" messages, unfortunately.

Re:Accounting for help desk calls?! (1)

jonbryce (703250) | more than 4 years ago | (#30870162)

I've had "my daugter is getting a load of inappropriate adverts that she finds disturbing, how do I stop it" several times.

I'm surprised it's that low (4, Insightful)

jimicus (737525) | more than 4 years ago | (#30869062)

I was seeing more like 97% (once you excluded system generated internal emails - CVS and Bugzilla between them can generate a fair bit of mail).

The killer for running our own mail system in its entirety was when I did the arithmetic and our co-hosted secondary mail server was costing more than buying Google for Domains. That's before you even consider the document management Google for domains offers, which was just icing on the cake.

Re:I'm surprised it's that low (2, Informative)

hoboroadie (1726896) | more than 4 years ago | (#30869118)

According to the respondents in the report, less than 75% of the ISPs even forbid spamming in their Terms & Conditions. Dismaying news, IMO.

I for one support my online freedoms (1, Insightful)

Anonymous Coward | more than 4 years ago | (#30869482)

ISPs don't need to specifically disallow something that is already against the law. So, you find it dismaying that over 25% of ISPs allow you to use the bandwith you pay for in any way you wish as long as you don't do anything illegal. I assume that the alternative is that ISPs begin regulating Internet traffic based on their arbitary interpretations of what you are ethically allowed to do. (See: Peer-to-Peer netlimiting)

The thing is, if I send many thousands of emails in one day, I might be sending e-mails to some online community I manage, it might be related to some service I offer, or any number of other legal and ethical uses of the bandwith I paid for. The ISP can't know what those are unless they actually read my e-mails or closely monitor them (something I really don't want my ISP to do!). Even if they call me "What are you doing?" they still have to take my word for it or violate my (and others') privacy. Even if they knew exactly what I was doing and personally thought it was unethical but knew it was legal, I would argue against it being their right to interfere.

Re:I for one support my online freedoms (2, Funny)

mikael_j (106439) | more than 4 years ago | (#30869630)

By disallowing spamming an ISP has a specific line in the TOS that they can point to when a customer calls in screaming about their "intarwebs" being unreachable. "Yes sir, I understand that you are upset but it appears that we got several reports that large amounts of unsolicited email was being sent from your home, upon further monitoring by our technicians it was established that several thousand spam emails were being sent from your home and in accordance with paragraph 713 in the terms of service we disabled your internet connection, attempted to call you and also sent your a letter explaining the reason for us disabling your connection, if you want to have your connection re-enabled you will have to ensure that your equipment is no longer attempting to send out unsolicited email. You should also know that if this activity continues after we re-enabled your connection your connection will be permanently disconnected.".

Yes, I used to handle abuse cases for an ISP and got to explain things like this way too often, that was basically the opening explanation, most customers would bitch and moan for 10-20 minutes about how we had no right to cut off their precious internets and would claim that their computer was our responsibility (to which I would often reply with a car analogy along the lines of "If you let a stranger load your car full of explosives and walmart refuses to let you park your car in the parking lot, is it then walmart's fault that you can't be bothered keeping your car free of explosives?".

/Mikael

Re:I for one support my online freedoms (1)

hoboroadie (1726896) | more than 4 years ago | (#30869740)

If the ISPs don't prevent it then some one in government might decide that it should be illegal to litter people's inboxes with unwanted emails. Then where will your precious online freedoms be?
I support free speech, but draw the line at folks with megaphones following me into my front door.

Re:I'm surprised it's that low (1)

TheRaven64 (641858) | more than 4 years ago | (#30869830)

Is there a list of IPs assigned to ISPs that permit spamming? If so, you can block them at the firewall; just redirect them to a tar pit that replies at one character per second that they have been blocked and should find a new ISP. If you really want to make a difference, do that for HTTP too; redirect people from those ISPs to a static page saying that they have been blocked from viewing the content on the site because their ISPs are encouraging network abuse.

Re:I'm surprised it's that low (1)

Blowit (415131) | more than 4 years ago | (#30869324)

Curious as to why you would need a secondary mail server for a small company when *IF* you purchase the right product, it can all be handled by one mail server. We use Surgemail and the load it can handle puts other commercial mail server software to shame.

Re:I'm surprised it's that low (1)

DarkOx (621550) | more than 4 years ago | (#30869762)

Perhaps his small company does lots of business over E-mail as many do? E-mail is the primary interaction with customers for lots of smaller businesses and customers draw some pretty weird conclusions when they get even one NDR.

Also two or more mail servers is common the system is designed to work that way which is exactly why you can have multiple MX records for your domain. This way a sending server can try the other mail server if / when it can't contact the primary. Oh I suppose you could use some complex and expensive clustering solution so as to ensure your mail relay has 5 nines of uptime but that is likely much higher cost for an SMB which does not have dedicated IT staff and shared storage equipment.

No I think its probably a much easier cheaper solution to hire someone to simply setup two mail servers.

Re:I'm surprised it's that low (1)

jimicus (737525) | more than 4 years ago | (#30869784)

Quite correct. The secondary MX wasn't for load balancing - Postfix can handle more mail than I could ever throw at it - the secondary MX was to minimise the risk of NDRs.

It actually caused as many problems as it solved because spammers seem to think "secondary MX == no spam filtering".

No wonder ! (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#30869064)

No wonder I am having difficulties receiving and sending emails !

Micropayments again (3, Interesting)

Twinbee (767046) | more than 4 years ago | (#30869066)

Micropayments. Yes I know it's been mentioned before, but one rarely hears of paying *each other* (rather than the host or government). It would be a good idea anyway even if spam didn't exist.

If we paid each other (say a penny or 1/10th of a penny), obviously the spam problem would be solved. (though some can charge nothing if they want) It also means that someone who gets a ton of email and hasn't got the time to read all of them will receive only the 'cream' of email. Only those who are willing to sacrifice say, a pound (or £10/£100 for super busy/famous people) would be able to email them.

As we know, Youtube has/is developing methods of payment to watch videos, and online papers are experimenting, so micropayments may be common sooner than we think.

Re:Micropayments again (2, Interesting)

Nyxeh (701219) | more than 4 years ago | (#30869088)

I had an idea to fix this:

http://piestar.net/2009/06/24/idea-fixing-the-email-system/ [piestar.net]

There are many better ways outside micropayments - which would add up on a large system (such as a forum or social networking site).

Re:Micropayments again (0)

Anonymous Coward | more than 4 years ago | (#30869182)

Summary: Sender stores the email and notifies recipient by sending a token. Recipient gets the mail from the sender's server.

Stated assumptions: Senders can't spoof because they have to be available to deliver the message when the recipient wants to read it. Load on the recipient's server decreases as it only needs to receive and store tokens.

Analysis: Won't fly, due to at least the following downsides. 1) Sender is informed of the time the recipient gets the email. This is a verification method akin to web bugs or formal read-confirmations in emails, which is the first thing everybody turns off for very good reasons. 2) The recipient has no clue about the content of the mail until he gets it, so to make any spam filtering possible, the recipient's server will have to collect emails anyway. 3) Emails can be unsent or changed until the recipient reads them. This is a downside, not an advantage. 4) The assumption that spammers would have a hard time spamming because they would have trouble keeping their servers reachable is false.

Re:Micropayments again (1)

ppc_digger (961188) | more than 4 years ago | (#30869494)

4) The assumption that spammers would have a hard time spamming because they would have trouble keeping their servers reachable is false.

Sure, but then the servers couldn't be botnets, so you would know where the are and could take them down or block them.

Re:Micropayments again (3, Funny)

ookabooka (731013) | more than 4 years ago | (#30869556)

Your post advocates a
( x) technical ( ) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won’t work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( x) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we’ll be stuck with it
(x ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
(x ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don’t care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else’s career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
( x) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( x) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( x) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( x) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( x) Extreme stupidity on the part of people who do business with spammers
( x) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

( x) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( x) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( x) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don’t want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(x ) Sorry dude, but I don’t think it would work.
( ) This is a stupid idea, and you’re a stupid person for suggesting it.
( ) Nice try, assh0le! I’m going to find out where you live and burn your house down!

Re:Micropayments again (1)

Xeriar (456730) | more than 4 years ago | (#30869678)

( ) Killing them that way is not slow and painful enough

Pray tell, what level of vigilante justice would you consider to be slow and painful enough?

Re:Micropayments again (2, Insightful)

Anonymous Coward | more than 4 years ago | (#30869106)

but one rarely hears of paying *each other* (rather than the host or government)

Only if you don't read the discussions. A scheme like that is proposed every time the topic comes to "how I would end spam once and for all". Go ahead and try it. Oh, you want everybody to switch? See, that is a fundamental problem: If your scheme requires a critical mass of people to adopt the scheme at the same time, then it won't work. (There are more problems with pay-for-email and email-bond schemes, but that is the most obvious one.)

Re:Micropayments again (1)

Twinbee (767046) | more than 4 years ago | (#30869264)

People can use both email types, until gradually the 'micropayment' emails become the norm, and the free, spam ones are ditched by more and more people. Not forgetting of course than even the 'micropayment' email can charge zero if that's what they really want. It 'subsumes' the old type in that sense.

If these kind of things didn't work, then we wouldn't have new connectors at the back of PCs. USB wouldn't exist for instance.

Re:Micropayments again (0)

Anonymous Coward | more than 4 years ago | (#30869322)

I understand. Getting your once-in-a-lifetime world-changing idea shot down is painful. I can tell you that you're (by far) not the first person to propose a scheme like that and that more influential people like you have tried to get people to switch to it and failed. If that isn't enough to convince you that there is a fundamental problem with the idea, then go ahead and try it. Spam-ending ideas are a dime a dozen. What is rare is people who actually go about implementing them. If you want to think it through further before putting your money where your mouth is (wise choice), consider this: What advantage will early adopters have from joining your scheme? How many people would have to join before the effort of switching to a different email system is outweighed by a spam-reducing effect? (For comparison, look at the market penetration of end-to-end email encryption.)

Re:Micropayments again (1)

Twinbee (767046) | more than 4 years ago | (#30869386)

What advantage will early adopters have from joining your scheme?

What advantage did early adopters of computers with USB ports have of getting their PC? As I said, these things will be added to server installations, and will be available as an *option* to the end user. People can have a 'normal' email and a 'micropayment' email.

I think the main problem is transaction cost. Once companies figure out how to send and receive micropayments for the cost of transmitting normal information over the internet (i.e. virtually nothing), then we have a winner.

I like the humour in the first part of your post :) Though, I did 'find' the Mandelbulb - that was *my* once in a lifetime I think... ;)

Re:Micropayments again (0)

Anonymous Coward | more than 4 years ago | (#30869534)

What advantage did early adopters of computers with USB ports have of getting their PC?

Hot plugging, power over the data cable, more ports (directly and through hubs), ...

Now you: What advantages will early adopters of your scheme have?

Re:Micropayments again (1)

mikael_j (106439) | more than 4 years ago | (#30869640)

They get to pay extra to use email, of course! Clearly this is an "advantage" that everyone will want..

/Mikael

Re:Micropayments again (1)

Twinbee (767046) | more than 4 years ago | (#30869790)

Or get paid if they receive more email than they send. Of course it would all be negigible anyway if costs were $0.0001 per email sent anyway.

In the long term, it would balance out as they send and receive email.

Re:Micropayments again (1)

mikael_j (106439) | more than 4 years ago | (#30869944)

I can't help but feel that a scheme like this would be loved by telcos all over the world, all they'd need would be a law that forbids email without this "feature" coupled with some sort of licensing scheme that required server operators to jump through a whole bunch of hoops plus pay a large yearly fee (perhaps labeled as a "downpayment" on that year's transfer fees so technically you'd only have to get the money once and then you could use the money for last year this year again but it would still be too expensive for startups and home users wanting to run their own server) and they'd have a de-facto monopoly on email and could start charging their users $0.05 per email or something silly like that, of course if you buy the "Email XL" plan you'd get 200 free emails per month and any further emails would be sent at the "discount" rate of $0.02....

/Mikael

Re:Micropayments again (1)

Twinbee (767046) | more than 4 years ago | (#30869826)

What I meant was that probably very few devices supported USB in the beginning, so it didn't seem such a great feature at first. However, with the giant Apple backing it, there's the promise that it will eventually become standard.

Now you: What advantages will early adopters of your scheme have?

No spam, and ability to receive less and better quality email by charging arbitrary amounts. Some people who otherwise may not be reachable at all (being super busy), suddenly become available by being able to pay them to read your email.

Re:Micropayments again (0)

Anonymous Coward | more than 4 years ago | (#30869872)

Well, it's flawless. Go ahead and implement it. I'll join when at least one person in my address book reports that it works for them.

Re:Micropayments again (1)

Twinbee (767046) | more than 4 years ago | (#30869922)

Reply to this (my) post if you read it.

No need to be anon - I'm not going to get bitchy no matter how much I disagree.

Re:Micropayments again (1)

jeremyp (130771) | more than 4 years ago | (#30869930)

People can use both email types, until gradually the 'micropayment' emails become the norm, and the free, spam ones are ditched by more and more people.

Won't happen.

So maybe 95% of the e-mail that is sent to me is spam. What is it worth to me to have to pay to send e-mails as I sit in front of my PC trying to decide whether to use the free system or the pay-for system to send my mate Bob an e-mail. The answer is apparently nothing. My e-mail is perfectly serviceable and spam is only a minor inconvenience. I don't see almost any of that 95% spam because virtually all of it gets filtered before it drops into my inbox.

You could argue that there is an infrastructure cost to all this spam and there is, but it is completely out of sight of most e-mail users and also probably negligible compared to the infrastructure cost of (say) providing the bandwidth for everybody to download TV programmes off the BBC.

Re:Micropayments again (1)

daveb1 (1678608) | more than 4 years ago | (#30869136)

Micropayments make no sense. Enforcing the use of valid domain keys is a start. However it isn't a complete solution. We need something stronger than domain keys that prevents abuse *that* everyone *has* to use.

Re:Micropayments again (0)

Anonymous Coward | more than 4 years ago | (#30869218)

That and ISPs shutting down internet access to every infected Windows box, the source of most spam.

I've only ever seen an ISP shut down a Windows machine once. And it was so jacked up, it would take 30 minutes to boot. It took 2 minutes to boot after a wipe & reinstall.

Re:Micropayments again (1)

russotto (537200) | more than 4 years ago | (#30869258)

Micropayments. Yes I know it's been mentioned before, but one rarely hears of paying *each other* (rather than the host or government). It would be a good idea anyway even if spam didn't exist.

Because, as one of those irritating but often accurate form rejections points out, transaction costs make this impractical. You'd spend far more administering the payments than you would actually making them, so if you had a system where you paid someone $0.05 to receive your email, and they paid you $0.05 to receive theirs, you'd also each end up paying $0.50 in transaction costs to whoever handled the payments.

Re:Micropayments again (1)

Twinbee (767046) | more than 4 years ago | (#30869294)

Well the way we handle transactions currently must be hopelessly inefficient. Computers are supposed to be good for this kind of thing.

Re:Micropayments again (1)

Blowit (415131) | more than 4 years ago | (#30869404)

This is why there would be a global payment system that mail servers would join... the user would purchase a minimum of 5-10$ of eStamps and would be distributed monthly to the providers. sender provider and payment provider would get 35% of the fee while 30% goes to the receiver provider. Problem solved.
Sender and receiver provider would make money while the actual sender is paying for it.

Re:Micropayments again (1)

Hotawa Hawk-eye (976755) | more than 4 years ago | (#30870036)

1) Create hundreds or thousands of throwaway email accounts.
2) Subscribe all those accounts to your target's mailing list.
3) Watch as your target has to spend a significant amount of money sending "Thank you for subscribing" emails and daily/weekly/monthly messages.
4) ???
5) Profit? ... perhaps not.

What I think could work would be an escrow system. When you sign up for your ISP account, you put some amount of money (say $20) in escrow with your ISP. After a certain period of time subscribed to your ISP with no black marks (say 3 months or so) that money is returned to you. However, if your account is terminated due to violation of the TOS, you lose that money. This addresses the problem at a local level (the ISP), ISPs can opt-in if they want (although other ISPs could then delay delivery of email from ISPs that don't use the system while they check it for spamminess), and it uses a capability the ISPs already have (their billing department.) To avoid abuse (ISP: "Oh, yeah, you um broke the rules. Sorry, we get your money.") we use the existing safeguards against bad business behavior, up to and including lawsuits if necessary.

It wouldn't _stop_ spammers, but it would make it more expensive and/or time consuming to spam, and that might be enough to cut out

Re:Micropayments again (1, Funny)

gilgongo (57446) | more than 4 years ago | (#30869332)

If we paid each other (say a penny or 1/10th of a penny), obviously the spam problem would be solved. (though some can charge nothing if they want)

Your post advocates a

( ) technical ( ) legislative (x) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
(x) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
(x) It will stop spam for two weeks and then we'll be stuck with it
(x) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
(x) Requires immediate total cooperation from everybody at once
(x) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(x) Lack of centrally controlling authority for email
(x) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
(x) Jurisdictional problems
(x) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
(x) Huge existing software investment in SMTP
(x) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
(x) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

(x) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
(x) Countermeasures must work if phased in gradually
(x) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(x) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Obligatory (0)

Anonymous Coward | more than 4 years ago | (#30869338)

Your post advocates a

( ) technical ( ) legislative (X) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won’t work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
(X) Mailing lists and other legitimate email uses would be affected
(X) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we’ll be stuck with it
(X) Users of email will not put up with it
(X) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
(X) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don’t care about invalid addresses in their lists
(X) Anyone could anonymously destroy anyone else’s career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(X) Lack of centrally controlling authority for email
(X) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
(X) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(X) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(X) Extreme profitability of spam
(X) Joe jobs and/or identity theft
(X) Technically illiterate politicians
(X) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
(X) Outlook

and the following philosophical objections may also apply:

(X) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
(X) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
(X) Countermeasures must work if phased in gradually
(X) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don’t want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(X) Sorry dude, but I don’t think it would work.
( ) This is a stupid idea, and you’re a stupid person for suggesting it.
( ) Nice try, assh0le! I’m going to find out where you live and burn your house down!

Re:Micropayments again (1)

Antique Geekmeister (740220) | more than 4 years ago | (#30869352)

We'll see micropayments work when we see fusion power. The overhead of authentication and actually processing money are so large that they are simply not practical for normal email, and the kind of idiot who does spamming now would simply steal funds from your mail servers.

Re:Micropayments again (1)

Blowit (415131) | more than 4 years ago | (#30869370)

Surgemail already is micropayment ready... Just plug in your bank settings and you are ready to go.

Re:Micropayments again (0)

Anonymous Coward | more than 4 years ago | (#30869378)

hashcash.org

donate a minute of wasted cpu-power, and prove you are not a spammer.

Re:Micropayments again (0)

Anonymous Coward | more than 4 years ago | (#30869680)

gee... I expect you to pay me for reading your post.

What do they mean by 'all'? (1)

Nyxeh (701219) | more than 4 years ago | (#30869072)

Is that 5% sent is spam, or 5% that is delivered is spam? There are layers of spam blockers before any mail even gets remotely near anyones inbox.

Re:What do they mean by 'all'? (3, Interesting)

WuphonsReach (684551) | more than 4 years ago | (#30869306)

Yah, you can cut the rate of bad connections down by about 50%+ if you force the sending host to follow the RFCs.

- Incorrectly formatted HELO/EHLO greeting? 5xx Doesn't catch too many connections as the other end would have to massively screw up in order to trigger the invalid HELO rule.

- Giving a HELO/EHLO that is not a FQDN (fully qualified domain name)? 5xx Many botnets don't follow the FQDN rule and will give a randomly generated HELO name. I've never had a false-positive with checks like this.

- Giving a HELO/EHLO that does not resolve via DNS (see RFC 5321, section 2.3.5 [ietf.org] where it talks about this issue in the 1st bullet point)? 5xx or 4xx if there was a DNSFAIL issue

- SPF record says "-all" for the MAIL FROM or HELO lookup and it fails to pass SPF? 5xx (At which point, you're simply following the instructions of the sender. If the record says "-all", they WANT you to reject non-conforming mail.)

- HELO/EHLO which purport to be from your own system? 5xx Know your servers, know who is allowed to put your domain into the HELO/EHLO and boot the pretenders. Easily done in Postfix with a few simple rules.

Most of those are standard checks in Postfix and will greatly reduce the amount of spam that you have to analyze in a more in-depth manner. Which results in a huge CPU/bandwidth savings if you can tell them to bugger off before the DATA command is issued.

I prefer to save block lists for the spam scoring system as there are too many false positives (and sometimes abuses of power) in the DNSBLs. Far safer to score rather then block - although Spamhaus' Zen list is extremely good.

Re:What do they mean by 'all'? (2, Interesting)

DaveGillam (880499) | more than 4 years ago | (#30869414)

Agreed on all counts, and don't forget adding honeypot MX records, as many bots will either target the highest-numbered MX, or only the lowest-numbered MX. Proper MTAs will follow RFC, and get around the honeypots, to the "real" MX hosts.

Re:What do they mean by 'all'? (1)

PNutts (199112) | more than 4 years ago | (#30869868)

Yah, you can cut the rate of bad connections down by about 50%+ if you force the sending host to follow the RFCs.

Yes, I initially thought that's a good idea so I did. Unfortunately, I found out about it blocked about 10% of valid e-mails from misconfigured systems.

95% of slashdoters don't RTFA (2, Informative)

daveb1 (1678608) | more than 4 years ago | (#30869084)

95% of slashdoters don't RTFA.

Re:95% of slashdoters don't RTFA (1)

Lennie (16154) | more than 4 years ago | (#30869752)

Why should they, this is a discussionboard, not a bookclub. ;-)

Simple solution to the problem. (0)

Anonymous Coward | more than 4 years ago | (#30869090)

Have the pharamcutical companies pay each user $1 for every spam they got for Cialis or other Dick enhancing drug they are pushing. If they can find a way to to do that I would welcome my Dick Enhancing SPAM overlords.

Spam not equally distributed among message media (2, Interesting)

Dilligent (1616247) | more than 4 years ago | (#30869124)

One thing to keep in mind is that even though it looks bad (and for email it certainly is..), most other mediums aren't quite as affected by it. I do get quite a bit of Spam on ICQ these days, but the ratio between spam messages and real messages is waaaaaaaay better than 20:1. I would expect the same to hold true for most other mediums as well, so that it might in fact be a good idea to use those as a separate alternative communication channel should your inbox become overwhelmed. Something i have noticed over the years is the reduction in Trojans and worms being sent (at least to my inbox). There was a time when i received around 50 trojan-emails a day, whereas now it has been quite a while that a spam mail did actually contain any attachment whatsoever. To summarize, yeah.. email looks bad, but there's a whole set of alternative or additional channels that can be used which aren't quite as saturated.

My spam count has gone down lately (1)

PetoskeyGuy (648788) | more than 4 years ago | (#30869148)

I have no idea why, but my spam count has gone down. I have my own domain name and I used to receive about 100 spam per day. Lately that's gone down to 2 or 3.

I'm not doing anything different so I assume I fell off a list or someone upstream is fixing things.

Sometimes I run a filter that let's all plaintext through but whitelists mime and messages with http or www in the message. They get rejected at the server level.

I just turn it off when I register for new web sites.

Re:My spam count has gone down lately (1)

davmoo (63521) | more than 4 years ago | (#30869196)

For what its worth, I've had the same thing happen on my own domain. As recently as 6 months ago I was averaging about 1500 spams a month, and now its down to maybe 200 a month. I'm certainly not complaining, but I'd love to know why it dropped.

Re:My spam count has gone down lately (2, Informative)

Blowit (415131) | more than 4 years ago | (#30869302)

check to see if your provider is using SPF... If so, they end up blocking domains that does not have one or is spoofing a domain that does have SPF setup. This helps significantly to reduce the amount of junkmail.

Re:My spam count has gone down lately (1, Informative)

Anonymous Coward | more than 4 years ago | (#30869890)

Got a letter from my ISP recently (the most important ISP in the country) telling something like: "All outgoing connection to ports other than 80 and 443 and xxx and yyy are now blocked by default, if you have a legitimate need to access these ports please log on to: .... and change your settings".

This is insta-death for a great many spam bot/relays.

Boom. Game over.

Bill Gates (5, Funny)

Enderandrew (866215) | more than 4 years ago | (#30869170)

http://www.cbsnews.com/stories/2004/01/24/tech/main595595.shtml [cbsnews.com]

Bill Gates promised in 2004 that spam would be completely solved within 2 years.

Re:Bill Gates (1, Insightful)

Anonymous Coward | more than 4 years ago | (#30869224)

Well, that article is somewhat about captchas and I couldn't see any direct quotes from billy, considering that most email providers, live/gmail etc. use that tech. and my spam has virtually been reduced to zero in the last few years... No one can stop spammers from sending spam, but you can always filter it out.

Re:Bill Gates (1)

jimicus (737525) | more than 4 years ago | (#30869878)

Well, that article is somewhat about captchas and I couldn't see any direct quotes from billy, considering that most email providers, live/gmail etc. use that tech. and my spam has virtually been reduced to zero in the last few years... No one can stop spammers from sending spam, but you can always filter it out.

The reason your inbox - or anyone's, for that matter - is not overflowing with so much spam that "just hit delete" is no longer an option is not because nobody's sending spam.

Neither is it because the magic email fairies are ensuring that you only receive legitimate email.

It's because some poor bastard is attempting to stop it. But for every counter-measure we take against spam, the spammers work on anti-counter-measures.

For those anti-counter-measures, we take contra-anti-counter-measures.

This doesn't work for very long, however. Before long the spammers have developed dis-contra-anti-counter-measures.

So the mail admins of this world devise un-dis-contra-anti-counter-measures.

I've run out of prefixes meaning "un", but you can see where this is going. It's a game you only win if you don't take part - which is pretty crap if you actually want to use email.

Much like smallpox and influenza (0)

Anonymous Coward | more than 4 years ago | (#30869228)

Spam is driving the evolution of email.

Where they got there numbers? (1)

Blowit (415131) | more than 4 years ago | (#30869274)

Look at my mail server's spam status.
the RBL has blocked 95% of the spam out there.
57.5% had no SPF records. Looks like SPF has gained a lot of ground now... almost half of the Internet is now using it.
Using Surgemail, I do not need to use 3rd party anti-spam systems as the anti-spam is handled by the mail server itself. It handled 4 million messages in a month and does not break a sweat. I love this mail server and no other system can persuade me to switch... Support is incredible, service top notch... can not praise it enough.

Spam status:
        RBL Denied 95.3% (1882484), Stamped 4.7% (93193), Checked 1975678
        Total score 3 or above 75.5% 123278/163348
        Aspam Score 1 or above 15.4%, ngood=987 nbad=2965 ncatcher=2521
        URL Database 13.6%, In database bad=12997 neutral=2168 fromnet=15138
        SPF hits (msgs) 68.8% 2753806/4002538, (no spf=2302652 57.5% pass=361145 of 4002493)
        SPF rcpts blocked 0.0% (0/698887) allow=0 dkf=5393
        Badfrom hits 0.0% bad=0 good=384559 mx=0
        Spam Bounce (0) 2.5%
        Helo failures 235981 5.7%
        SURBL 38.0% 94570/248869 0/0
        User spam actions Vanished:8 Bounced:21793 Stored:46
        Friends Allow:23059 Block:0 Confirmation:14944 (Bounced:2787 Replies:128 Spam-ratio:0.96)
        DomainKeys goodsigs=15730, badsigs=458, nosig=0, badformat=408
        SPFShare isspam=814 notspam=0 allow=0 web=2630 tell=0 (knowndb=270297)
        SpamC 104.09% (db 443774/34284) spam=108206 ok=36709 zero=103954
        From Blacklist 0 records, 0 hits
        False Pos 128/14944 0.86% (based on friend confirmations)
        False Pos 7732/41670 19% (based on msgs from friends)
        aspam_content.txt 7788 3.1%

Only 95%? (2, Insightful)

Doc Ri (900300) | more than 4 years ago | (#30869278)

I am surprised they conclude the fraction of good mails is as high as 5%.

From the CERN mail server report:

Incoming mails: 1992789
Rejected: 1952787 (98%)
Moved to Spam Folder: 14520 (1%)
Good mails: 25482 (1%)

Spam in Total 99%

And this is a good day. Often good mails are less than 1%.

Better ratio than snail mail (0)

Anonymous Coward | more than 4 years ago | (#30869298)

Since I've moved all my paper bills to email delivery, the crap in my USPS mailbox is 100% spam. Oh, and companies DO pay to have that trash shoved in there so clearly attaching a value to delivery doesn't deter.

What? But Bill Gates predicted end to spam by 2006 (1)

jarocho (1617799) | more than 4 years ago | (#30869346)

Bill Gates called it, way back in 2004. [bbc.co.uk] And Bill Gates is never wrong about ANYTHING. So it's pretty obvious that whatever we've all been receiving in our inboxes since 2006 that looks like spam isn't. Probably, we're all just overwhelmed by all of the legitimate emails we're getting from our many, many friends nowadays, who really are just trying to tell us about some aweS0me dea1z on r0lexxes, and we just can't decide which of the incredible bargains to choose from. And it's actually Google and Yahoo's fault for not having deprecated their spam filters, even though spam now is a thing of the past (trying to make MS look bad, of course). So they keep catching your friends' emails as spam. But it can't be spam, because it's 2010 already. And Bill Gates said.

Re:What? But Bill Gates predicted end to spam by 2 (1)

1s44c (552956) | more than 4 years ago | (#30870040)

Bill Gates appears to know little about technology. Why else would be make such a stupid statement?

He reminds me of the support guy that just makes stuff up because most users will believe anything.

Stop the floodgates (1)

Bourdain (683477) | more than 4 years ago | (#30869426)

I've introduced a number of people to a multitiered system which, for me, has almost completely solved my spam problem.

1) Do the unthinkable, actually pay for email service at a place, ideally, like www.fastmail.fm which uses spamassassin unlike the simpler less forgiving systems at yahoo/gmail/etc.

2) Use a handful of aliases (yielding unlimited email addresses) in order to sort mail to its relevant level of "attention"

e.g.
2a) john.smith@fastmail.fm would go to friends to use
2b) wellsFargo@level01.fastmail.fm would go to a site you trust like your bank and be filed in you level01 folder
2c) chineseCommerceSite@level05.fastmail.fm would go to your level05 folder and so on...

3) Beauty of the above systems is that when an address gets spammed (or the site sends too much garbage), you can easily disable it via a filter since each site should have its own email address

4) Further, you are less likely to receive obvious spam via setting a high spamassassin threshold and the fact that a site like fastmail subscribes to various RTBL's

Using this system, I've received barely anything more than 1 spam per month to any "un-aliased" address. The overwhelming majority of the time, said spams are properly flagged by spamassassin.

I hope this helps

Flawed logic (1)

KitsuneSoftware (999119) | more than 4 years ago | (#30869504)

Unfortunately, 95% delivery failure does not mean 95% spam. Some spam gets delivered to my inbox, and I'm certain that some legitimate email gets blocked. Unfortunately, the businesmen who like to use "email marketing" have no idea how much of a problem it is, and the technical people doing the filtering refuse to bounce (instead of black hole) suspected spam as doing so would work as a DoS amplifier.

Re:Flawed logic (1)

Lennie (16154) | more than 4 years ago | (#30869788)

I work at an ISP, we drop a lot on the floor, mostly SMTP-connections, but everything gets checked and scored very carefully first. We've been operating these mailservers for years, but never had a user complaint. Some may complain, but that's just because it's stuck at the sending provider. To give you an idea: 98% of what we get is not delivered to mailboxes.

Re:Flawed logic (1)

1s44c (552956) | more than 4 years ago | (#30870046)

98% of what we get is not delivered to mailboxes.

If you block it at SMTP time do you still count that as mail you got?

Accountability (1)

Kjella (173770) | more than 4 years ago | (#30869684)

There's no single solution to spam, obviously at times I want people that have never sent me an email before to be able to reach me. Trying to derive whether it's spam from the content will always be an approximate process. But what is not so great is that currently, all the eggs are in one basket. If you get your hands on my email address, then it's valid for years and years, and I have no practical means of switching.

What would help a great deal, is if there was a standard way to generate and revoke an email address for a specific purpose, auto-alias any reply and in the reply include a forward to a different alias. Yes, occasionally I spell it out over the phone or someone has to type it in from paper and shortness and readability is important, but many times it is not. For example, I don't publish my email address here but if I could easily generate an alias ad453785cd76786da76b7678654aa@gmail.com and have it delivered to my real address with the possibility of nuking it I'd consider it.

The rest are really continuations of the same idea, because you'd get a lot of "harmless" mail saying like "Hello, I saw your post at [slashdot comment you made] and think your posts show just the kind of employees we are looking for. We at [bullshit company w/fake web page] would like to increase our technical staff and if you are interested, please send us your resume." which serve no other purpose than to reveal your unaliased address. For that reason, all mail sent to an alias should be replied to using the same alias.

The other issue is that for revocation to practically work, I can't have people who did get in contact with me over the slashdot alias that I'd like to stay in contact with keep using that alias. I have to either give them my real address or point them to a new alias. There's "Reply-To:" and just telling them in the email, but it's a bit weak. Finally a revoked address should optionally give a customer-chosen rejection reason, so that it could be things like "Switched alias, try [new address]" "This alias is expired, find my current address on slashdot.org", "If important, you can still reach me on phone 555-1234" instead of the default "No account with that name".

The best part of someone actually doing is, is that the whole system doesn't need to change. One web mail provider could create this exact setup with the controls to generate and revoke addresses, make sure your replies to an alias are aliased, update and control the Reply-To so you can't redirect it anywhere else and create the custom rejection messages. The only thing it can't do is make sure the recipient updates their address book or whatever, but if the ball gets rolling that will be fixed.

Re:Accountability (0)

Anonymous Coward | more than 4 years ago | (#30869932)

How does this differ from sneakemail.com, etc.?

spam? like they used to have in the 90's? (0)

Anonymous Coward | more than 4 years ago | (#30869726)

I don't filter my email in any way, and I don't think I've received a single spam in the past 10 years. Very few people *have* to receive spam. I know there are a few who do, and somebody will gleefully point that out, but my point remains: most people do not.

What on earth are people doing if 95 of their mail is spam? Seriously: receiving spam is optional, not required. Pick a non-guessable email address, don't publish it online, use a scratch gmail or yahoo address if you absolutely must sign up for some web forum that requires an email to sign up, and that's all you need. I've been doing that and, as I said, never - and I mean never - get spam at my real email. They don't have and cannot reasonably guess (no dictionary or short words) my address. I first got email spam in the 80's, took the obvious steps, and haven't had a problem since.

I fail to understand why, in 2010, people are still getting viruses, still running malware, still getting spam emails... it isn't like we haven't had *25 years* of spam and malware to learn how to avoid these problems. Is this like some form of abused wife syndrome, where people keep letting spammers get their email addresses because "he promised to change!!"? "Maybe *next* time that dancing monkey will be safe!!" "Billy Bob told me it's safe to give my real email to *this* site!!"

Somehow these things give me a very dim view of humanity. It's a totally solvable problem, yet we will carefully ignore the obvious solutions and then complain about the problem. But spam and malware are problems because we are allowing them to be problems.

Just 1% more spam means 18% less legitimate mail (0)

Anonymous Coward | more than 4 years ago | (#30869742)

one-sixth less legit mail means that you get, compared to it, 18% more spam (20% if you compare it to the 5% thats left). And that *is* a quite large number.

Cost of idiocy (0)

Anonymous Coward | more than 4 years ago | (#30869888)

Who are the morons responding to the spam and thus making it worthwhile for spammers to send?

Make Only the spammers pay. (1)

aashenfe (558026) | more than 4 years ago | (#30869902)

How about this take on e-mail postage. We know spammers/phishers send lots of e-mail, but receive very little or none. We use that to our advantage

Before sending e-mail, a sender buys postage, and it goes into their account. Maybe a penny a stamp give or take. When an e-mail is send, a stamp is taken out of the sender account and put into an escrow for each recipient. The e-mail is digitally signed for the escrow id, and sent like normal, but all spam filtering services then check the signature along the way.

When a recipient opens an e-mail, The escrow stamp set assigned for them is transfered to their account (e-mail client, or service provides this). Note: it can only be collected once for each person per e-mail, and it only goes to the account associated with the e-mail.

So after an initial stamp purchase, postage will transfer back and forth, and a normal user should never have to purchase postage again. A person, or company that sends lots of e-mail will have to keep buying postage to send. PHishing and spamming becomes economically difficult.

More reputable spammers/companies will have to buy postage to stay in business.

One last thing, users will be able to sell back stamps when there account starts to fill up, but at less of a price, to pay for the service and keep the validation servers running. So stamps are purchased at retail prices, and sold back at whole sale prices. Spammers/Hammers that stay in business end up paying for the service.

There is much more details, and ideas that can go along with this, but for the sake of brevity, I'll keep int at that.

Win-win? (1)

oneandoneis2 (777721) | more than 4 years ago | (#30869904)

Maybe ISPs should stop fixating on P2P traffic and try harder to stop spam. Then they'd free up a ton of bandwidth AND make their customers happier.

Not for me. (1)

1s44c (552956) | more than 4 years ago | (#30870026)

I use DNS blocklists, greylisting, and a bayes filter. I rarely see spam, maybe 1 or 2 stupid marketing mails from companies I have dealt with a week. My work has more or less the same setup and doesn't get much spam either.

This report must be counting mail blocked at the SMTP level as spam. That seems the only way to get upto 95%.

How many emails in your (gmail) spam folder ? 396 (1)

clarkie.mg (216696) | more than 4 years ago | (#30870242)

Please put the answer in the title of your response. Note that gmail deletes spam that is older than one month so if you answer for another spam system, count for the last 31 days or specify the length of time.

I have 396, much lower than the peak that has been around 900 for years then abruptly got to around 400 each month and remarkably stable.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>