Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Cornucopia of Spam

chrisd posted more than 11 years ago | from the i-don't-have-to-sing-the-song dept.

Spam 199

Eric Savage writes "The IETF, through IRTF, has formed an Anti-Spam Research Group. If there is any hope for a technical solution the problem, it appears the first significant step has been taken. More info here in itworld and here in ComputerWorld." Three more exciting spam related posts inside, including news from the Nevada legislature regarding spam, Arkansas dislike of the meaty email and "when students go bad"torklugnutz writes "The NV state assembly just voted 41-0 in favor of a bill which allows spam recipients to collect up to $500 per piece of spam. The new law also requires ADV to be added to the subject line so that recipients can more easilly identify unwanted ads. In addition, spoofing of sender's email address or having an invalid return address is made illegal. The old law imposed a $10 fine on spammers, but required prosecuters to collect it. This law will, more than likely, increase my chances of reading the spam I get so that I can try to cash in. So, maybe I CAN make an incredible amount of money from this "Amazing Offer""

And in Arkansas: A.G. Russell writes "With House Bill 1008, Subtitled "Unsolicited Commercial and Sexually Explicit Electronic Mail Fair Practices Act." Arkansas looks to join other states that have criminal and cival legislation in place to deal with spam. Can we help them craft this?"

And from academia: mansemat writes "Seems spammers are using a new tactic these days by paying students to send spam over univeristy networks. This particular student will be disciplined by losing his computing privileges, and being educated on the policy he violated. One can only hope the education includes being subscribed to every pr0n, male enhancement, mortage, etc. spam on the planet." Should have booted the miscreant.

cancel ×

199 comments

Sorry! There are no comments related to the filter you selected.

Ron Jeremy, dead at 42 (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5440045)

I just heard some sad news on Howard Stern - adult film star and free-speech advocate Ron Jeremy was found dead in his California home this morning . There weren't any more details. I'm sure everyone in the Slashdot community will miss him -- even if you didn't enjoy his films, there's no denying his contributions to popular culture. Truly an American icon.

If I'm lucky (-1, Redundant)

Visaris (553352) | more than 11 years ago | (#5440048)

They can solve my spam problem for me :) I have been known to be a bit lazy, and it's refreshing to know someone smarter than I will be working on it :)

Your sig (-1, Offtopic)

Raul654 (453029) | more than 11 years ago | (#5440105)

...is all in good fun, like the syph :)

w00t!! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5440052)

Mod: -1

In Soviet Russia!!! (-1, Troll)

Anonymous Coward | more than 11 years ago | (#5440070)

YOU eat Spam!!!!!

First Uber-Pea post! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5440072)

Yeah, right. [rathergood.com]

What's the point? (4, Insightful)

Omkar (618823) | more than 11 years ago | (#5440075)

After all, we know how law-abiding spammers are. And how effective the government is in combating computer criminals. I really don't think this will make a difference.

Re:What's the point? (4, Insightful)

cobyrne (118270) | more than 11 years ago | (#5440119)

The point is that there is no point in a spammer sending out an email that does not contain instructions on how to obtain the product/service being advertised. And, therefore, it should always be possible to track down the person responsible for the spam. The point is that, without the promise of $500 for each violation, it was not economically viable to track down the spammer. Now, it may very well be.

I once managed to track a spammer to a town about 2 hours drive from where I live. If I had been able to collect $500 out of my efforts, it is something that I would do more often...

Re:What's the point? (1, Funny)

gmuslera (3436) | more than 11 years ago | (#5440171)

I once managed to track a spammer to a town about 2 hours drive from where I live. If I had been able to collect $500 out of my efforts, it is something that I would do more often...

A better thing would be having a 00Spammed number, a license to kill spammers. This also will make "economically" inviable to be an spammer.

Re:What's the point? (2, Insightful)

Dunark (621237) | more than 11 years ago | (#5440378)

The point is that there is no point in a spammer sending out an email that does not contain instructions on how to obtain the product/service being advertised. And, therefore, it should always be possible to track down the person responsible for the spam.

There's a little flaw in this logic: It ignores the "joe job", which is spam that is sent to get someone else in trouble by making it look like they are spamming.
What do you do when the apparent beneficiary of the spam claims they were joe-jobbed?

Re:What's the point? (2, Funny)

Jay L (74152) | more than 11 years ago | (#5440472)

What do you do when the apparent beneficiary of the spam claims they were joe-jobbed?

If only the courts relied on humans to make judgment calls about who's telling the truth, rather than using a strictly algorithmic, deterministic parser that would be fooled by a joe job!

Oh, wait.

Re:What's the point? (2, Insightful)

WCMI92 (592436) | more than 11 years ago | (#5440508)

"There's a little flaw in this logic: It ignores the "joe job", which is spam that is sent to get someone else in trouble by making it look like they are spamming.
What do you do when the apparent beneficiary of the spam claims they were joe-jobbed?"

If they are a legitimate company, they are required to maintain records.

Records of payments to the spammer should be sufficient. No sane company is NOT going to record an advertising expense, as to not do so is to pay for it twice over.

Sure there will be illegitimate businesses that DONT do this, but if they are involved in "spamcains" to sell their wares, there will be MORE THAN ONE complaint. Claiming that they were "framed" may work once. Maybe twice, but over and over? Won't work.

The fact is, anti-spam laws WILL work if enforced, even if spam is originated overseas, because at SOME POINT, to make money from Americans, money and/or product has to be exchanged IN America...

Re:What's the point? (2, Interesting)

Dukebytes (525932) | more than 11 years ago | (#5440128)

All it will take is someone with enough money to take the spammers to court and collect that $500 bucks per spam email they recieve. I'm sure that it would involve laywers and a court to collect it and prove that it came from this company etc - so your right to a point. But maybe if someone could take a spammer to court and collect several thousand dollars from them - they will stop - hopefully.

I think that a better way to fight this would be a tech solution that involved the ISPs - but that would be hard to get setup etc... maybe someday.

duke

Drink RagingCow!!!! (1)

Surak (18578) | more than 11 years ago | (#5440154)

Blogs. Blogs will be the new spam target anyway...once legislatures and the IETF make e-mail spam hard, blogs will turn into adfests.

Re:Drink RagingCow!!!! (1, Insightful)

Anonymous Coward | more than 11 years ago | (#5440181)

Whether via blogs or any other Internet media, you can expect ads to invade your screen a lot more following this law's implementation.

Re:Drink RagingCow!!!! (2, Insightful)

Anonymous Coward | more than 11 years ago | (#5440212)

That'll be OK --- no-one reads blogs except the blogger and perhaps the blogger's Mum. Whereas everyone receives email.

Anyway, will anyone be able to tell the difference between ad-saturated blogs and the current thing? I suppose the spelling might get better when professional copywriters get to work. And the references to "mi cat mittenz 3 3 3" might be replaced with "my cat Whiskas".

Re:Drink RagingCow!!!! (-1)

Anonymous Coward | more than 11 years ago | (#5440296)

Your hat is in the mail.

Love,

Raging Cow

Blacks Are People Too (0, Insightful)

Mighty_Joe_Stalin (640589) | more than 11 years ago | (#5440156)

The point is that no laws have been in place to go after spammers. I don't see where you're getting the idea that the government can't combat criminals using computers. Within this country, people get caught all the time. I mean, have you read Slashdot before? DMCA violations have been noted quite a bit - that law has been fairly well used. What makes you so sure that anti-spam laws won't be?

Re:What's the point? (1, Insightful)

Anonymous Coward | more than 11 years ago | (#5440170)

As long as the "police" does its' job correctly by making horrifying scapegoat examples (think Mitnick) out of a few spammers, I can imagine a fair amount of spam cartels will go down.

As for other countries being unaffected by this law, I expect those countries will implement their own anti-spam laws after seeing this initiative.

Re:What's the point? (5, Insightful)

Dan B. (20610) | more than 11 years ago | (#5440201)

Well if the goverment made as much money out of cracking down on spammers as say, speeding fines, with 'spamming fines', how much more aggressive do you think law enforcement would be on spammers? Then how many people would still do it?

It always about the money, or the budget.

Vicious circle I'm 'fraid.

But people will always speed ;-)

Arkansas emphatic (5, Funny)

ratbag (65209) | more than 11 years ago | (#5440083)

Arkansas obviously believe that if you
  • underline something it MUST be obeyed

Second Uber-Pea post! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5440086)

Whooo-hoo [rathergood.com]

Techinical solution (5, Insightful)

Raul654 (453029) | more than 11 years ago | (#5440089)

Think of spammers like an infection. How does your body deal with it? It attacks the infections in a bunch of different ways. Why can't we do the same with spam? Rather than working hard for the magic bullet, why not use some combination of: Bayesian filtering, artificial bandwidth scarcity, blacklisting, aggressive collection of fines, targeting of domains that are advertised, etc. If you were to do all of these together, I'd imagine spam would not be a pleasant buisness to be in...

Re:Techinical solution (2, Insightful)

gmuslera (3436) | more than 11 years ago | (#5440132)

Following with the analogy of an infection... you can cure the symptoms or cure the disease as a whole. Doing things in your side simply minimizes how you feel about the problem of the spam ("it almost not happens to me"), but it will still rampart in the rest of internet, slowing things, making email an unreliable method of communication, and people will still be buying things from spammers. This only will make the problem grow much bigger and not matter what measures you had taken, you will be also as affected as the rest of the world.

Not quite (4, Insightful)

Raul654 (453029) | more than 11 years ago | (#5440164)

From the spammer's perspective, if he has to worry about huge fines and/or jail time every time he sends out spam, and if only 1% of the emails are getting through, and after 10 minutes his connection goes dead, how long is he going to be a spammer?

Re:Not quite (1)

gmuslera (3436) | more than 11 years ago | (#5440315)

From your previous list
  • Bayesian filtering blacklisting: this are local measures, this affects you only, and the others that takes them
  • artificial bandwidth scarcity: at the best, it can take out your users from spammers users list, at the worst, they will not care (for the ones that use open relays, i.e.). Still, will be a local measure.
  • aggressive collection of fines: the $500 one? anyway, means legislation.
  • targeting of domains that are advertised: how? enforcing ISP policies about spam? and what if the ISP (from Verio [spamhaus.org] to most in .cn) is spam friendly or doesn't care? That also could mean legislation.

Having legislation and expanding them worldwide in some way is more like a cure than technical measures (is expressely prohibited, not that some hackers do this to limit my rights).

You can have local technical measures, but this is not guarantee that the spammers don't find a way to bypass them (i.e. most of spam that reach me by now have modified words to bypass bayesian filters, like v*i*a*g*r*a, V1AGRA or embedded html comments, fortunatelly popfile also have workarounds for most of this). Having a good percent of domains that implement that measures will be bad for spammers, of course, but there still a long way to go before this is reached.

There are ways (1)

Raul654 (453029) | more than 11 years ago | (#5440352)

What if you got together a list of known spammer domains (many exist already), and ISPs were to automatically redirect or disable their DNS entries for those domains? What if they did this before people got the email? Then the spammer is wasting his time, because the domain won't be there by the time Grandma gets his ad for penis englargement. And if that happens often enough, combined with the serious consequences that legislation can bring (jailtime!), then how long will we have spammers?

Re:Techinical solution (4, Interesting)

Dan B. (20610) | more than 11 years ago | (#5440159)

How about imposing things like JAIL TERMS on people convicted of 'serial spamming'.

I read an article once about a guy who lives in a multi-million dollar house in one State and just burns though trial ISP accounts in other states that can't properly prosecute (if that's the right term, since most States don't yet have decent laws against spam).

Big Karma bonus for the governors of NV though, 41-0 on passing laws to nail the perpetrators AND finig them $500 for each successful plaintif in court.

Oh yes, I see the day when I no longer need the words 'rape, enlargement, mortgage, lolita, diploma and toner' in my filter list for 'Permanantly delete'.

Asians Are People Too (-1)

Mighty_Joe_Stalin (640589) | more than 11 years ago | (#5440199)

You'll never be able to get rid of those words from your filter list simply for the fact that most spam isn't coming from the U.S. I think it's a great idea to stop the flow of spam from the end of the spammer through legislation but there will always be a flow of spam coming from other countries that can probably only be handled by a filter. Of course, ISP's could start blocking all mail from certain countries...

So, Mr Stalin (-1, Flamebait)

Anonymous Coward | more than 11 years ago | (#5440218)

What you are saying is that we should get rid of all the Asians (at least the ones who don't work in our factories making low cost computer parts and shoes). I agree wholeheartedly -- Asia is the biggest threat to America right now, what with their low cost merchandise, high quality electronics, Muslims, etc

Re:So, Mr Stalin (0)

Anonymous Coward | more than 11 years ago | (#5440282)

You're just asking for trouble with comments like that...

Re:Techinical solution (1)

forged (206127) | more than 11 years ago | (#5440244)

A couple of hundreds years ago (think western) such arguments would have ended-up in the main street with a pair of pistols :)

I'm not arguing over killing spammers, but surely beating the most tenacious should soften them up...:)

Re:Techinical solution (1)

Gannoc (210256) | more than 11 years ago | (#5440337)

Oh yes, I see the day when I no longer need the words 'rape, enlargement, mortgage, lolita, diploma and toner' in my filter list for 'Permanantly delete'.

Do those topics come up a lot in your non-spam emails?

Re:Techinical solution (4, Funny)

Raul654 (453029) | more than 11 years ago | (#5440368)

Well when your in the buisness of morgaging out Lolitas for the purposes of rape enlargement, I should think it would

Re:Techinical solution (1)

Dan B. (20610) | more than 11 years ago | (#5440544)

I can't say I've ever been known to traffic in Lolita's for rape with my enlarged penis that I paid for by remorgaging my house and/or selling cheap toner. I know that that because I'm such a smart guy with 27 degrees from Yale/Harvard/Oxford/Cambridge that I bought for $30 each.

I'm no longer a chunky monkey though because filtering out the weight loss ones is a bit hard - they use such normal English.

The chinese/Korean ones are easier 'cos they use double bit entry, which usually puts a whole string of 'à' characthers in the subject line.

And I never filter by body-text, just subject line. It blocks 99% of spam without a need for extra software.

What is the best software techinical solution now? (1)

asdhwesd (253232) | more than 11 years ago | (#5440177)

Does anyone have opinions on the best way to filter spam from a standard pop3 account?

I use *cough* Microsoft Outlook 2002 and I need to find a way to get rid of spam even before it hits my Outlook 2002 rule based filter (which usually leaves about 30-60% spam undeleted).

My domain is hosted by Earthlink, so I don't think I have any ability to filter or install software on their side.

Re:What is the best software techinical solution n (2, Funny)

kien (571074) | more than 11 years ago | (#5440272)

If you're on an earthlink account, you should be using spaminator [earthlink.net] .

I've been pretty much spam-free since I activated it for my account. Good luck!

--K.

Re:What is the best software techinical solution n (1)

gmuslera (3436) | more than 11 years ago | (#5440486)

POPFile [sourceforge.net] . It have even an installer for windows, or you can use it in a more serious plataform. Is simply wonderful how good it works.

Re:Techinical solution (1)

lyoz (554482) | more than 11 years ago | (#5440219)

..., targeting of domains that, etc. are advertised


Ya... like thats gonna work... just send spam advertising the domain of ur adversaries ... Brialliant

No, but (1)

Raul654 (453029) | more than 11 years ago | (#5440266)

If the ISPs were to, say, redirect their DNS entry for a known spamming domain to a different one (say google), then that really solves the problem, doesn't it?

Re:Techinical solution (4, Funny)

frankie (91710) | more than 11 years ago | (#5440365)

Think of spammers like an infection. How does your body deal with it?

An interesting proposal. Spews and SBL are probably Leukocytes [redcross.org] . SpamCop users might be APCs [myimmune.com] . But I don't see any Macrophages [supercolostrum.com] in our virtual immune system. That must be why spam is so rampant -- we need activists to go eat the spammers! Volunteers, anyone?

I wholeheartedly agree (2, Funny)

Raul654 (453029) | more than 11 years ago | (#5440395)

On a cold winter night, there's nothing that tastes better than a nice, juicy spammer. Tastes like chicken, only a little gamier

Re:Techinical solution (1)

rusty0101 (565565) | more than 11 years ago | (#5440461)

Sorry, I think of spammers as more along the lines of someone injecting low concentrations of poison into the bloodstream. An individual cell in the body is unlikely to be directly impacted, but the body as a whole losses something with each shot.

White blood cells may be very good at dealing with Viruses and bacterial infections, but are going to be less usefull in dealing with deliberate poisoning.

Thick skin, better prevention, and increasing tollerance to the poison seems to be the only way to deal with the issue. Treating the person doing the injecting as a criminal seems legitimate to me.

Then again I may be wrong.

-Rusty

Re:Techinical solution (1)

baalz (458046) | more than 11 years ago | (#5440475)

The problem is that each of these has a drawback, and as you're stacking solutions you're also stacking drawbacks. So now we need to worry about false positives, collateral damage, and legal system abuses. Since more or less all of these partial solutions are out there now, I guess you are thinking we just need to standardize such tactics. Problem is, the internet is inherently heterogeneous. Having a hundred different implementations of a dozen different types of solutions all running at once will make email unreliable enought to kill it as a legitamate communications medium. We're already heading down that path now.

Re:Technical solution (3, Informative)

Jay L (74152) | more than 11 years ago | (#5440521)

Think of spammers like an infection

A better analogy than you may realize! Spam is like bacteria; it is self-reproducing (spam for spam software, spam for millions-of-addresses CDs). Using spam filters exerts a selection pressure on the spammers, and the stronger spammers adapt to the filters, become resistant, and multiply.

At AOL, as the single biggest target of spammers, we had to think very carefully about the effects of filters before we implemented them; turning on a weak filter would be just as bad as taking weak antibiotics for a day and stopping, and in some cases it could make the problem worse. For instance, we once decided to start treating any message with >N recipients as likely spam. All we did was force the spammers to start sending messages with one recipient each - which meant we now had to process N times as many messages as before!

(Incidentally, the antibiotic analogy led me to discover, and donate to, the Alliance for Prudent Use of Antibiotics [apua.org] , which fights overuse and improper use of antibiotics, helping to keep resistance down. Check them out and give them some money; you'll save on your own health care costs in the long run.)

Jay the ex-AOL Mail Guy

spam spam spam (3, Interesting)

Anonymous Coward | more than 11 years ago | (#5440091)

I am certainly glad that lawmakers and researchers are turning their full attention to spam. It is certainly a big nuisance. I for one get very insulted having ten thousand strangers telling me that my penis is too small. If they could just step over this way I would whip it out and clobber them with it!

Still, I have to wonder if this is a slippery slope that we are travelling down. How long before chain emails and inoccuous humorous forwards are also denied?

1/4 dupe (-1)

Anonymous Coward | more than 11 years ago | (#5440092)

The student spammers story is a dupe [slashdot.org] !

Something Smarter Is Needed (5, Interesting)

chayim (653306) | more than 11 years ago | (#5440097)

Creating laws, regulations, and whatnot will come nowhere near solving the problems. Sure, if a spammer lives in the US then maybe this would work; but what about all these scams from Europe, Australia, Britain, etc. Just because laws exist in one jurisdication, it doesn't mean that others will play ball. And even having laws does nothing if they're not enforced. Why not have a group of IT police hunt down spammers? After all, they're already guilty of theft and fraud (think bandwidth people). Why not prosecute under existing laws and treat spammers like the theives they are. Even though you won't catch spammers outside your legal jurisdicition, you'll help. And every country that helps would quickly be eliminating the spam problem we live with.

Re:Something Smarter Is Needed (2, Interesting)

meringuoid (568297) | more than 11 years ago | (#5440152)

Creating laws, regulations, and whatnot will come nowhere near solving the problems. Sure, if a spammer lives in the US then maybe this would work; but what about all these scams from Europe, Australia, Britain, etc.

The vast majority of my spam comes from Americans, though not always via US ISPs. I get the occasional pyramid scheme - the same one every time, and it's fun to watch it wander around the world - and of course the Nigerian fraud, and once in a while a spam all in Chinese, but on the whole it's Americans who are the problem. A strong US spam law would go a long way to solving this.

Re:Something Smarter Is Needed (4, Insightful)

SerpentMage (13390) | more than 11 years ago | (#5440299)

The only reason why the SPAM is coming from the US is because right now there are no legal ramifications. Just like how there was Napster and then Kaaza. Napster was State side, shut down and now Kaaza is NOT state side.

Once laws start up the SPAMMERS will move offshore. Just like the guy who lives in Detroit. This SPAMMER lives in the US, but does not send the SPAM via the US.

Re:Something Smarter Is Needed (3, Interesting)

Steve B (42864) | more than 11 years ago | (#5440380)

Once laws start up the SPAMMERS will move offshore.

The difference is that spammers need a point of contact to make money. Making their bandwidth thefts explictly illegal allows the police to seize the contact points.

Re:Something Smarter Is Needed (1)

meringuoid (568297) | more than 11 years ago | (#5440423)

Once laws start up the SPAMMERS will move offshore. Just like the guy who lives in Detroit. This SPAMMER lives in the US, but does not send the SPAM via the US.

Pedant point: SPAM is a luncheon meat made by Hormel Foods. Spam is unsolicited bulk email. That said...

Are these spammers actually going to move offshore? Move themselves, physically? Because if not then they're Americans in America sending emails on behalf of American companies also in America to American citizens living in America. I get the feeling there's somebody there to go after.

Right now their motive in moving their electronic operations overseas is to avoid getting shut down. US ISPs have, to their credit, been learning about spammers lately; it's fairly hard for the major spammers to do business, though the chickenboners who go through throwaway dialups are unaffected. If a law were passed allowing the spammer to be pursued, rather than just his internet access, then the spammer's meatspace operation would have to leave the country too. Maybe the big boys will consider it, but it'll be too much for most of them to contemplate.

Re:Something Smarter Is Needed (1)

Rezonation (652453) | more than 11 years ago | (#5440189)

As far as I knew most Spammers simply relayed their mail to offshore or out of country at the very least. In Canada there are no such regulations as for sending Spam en masse. The problem is that most people don't have the time to sift through what is spam and what is not. The sheer burden of proof in a lot of these cases would be largely impossible to voercome.

Re:Something Smarter Is Needed (0)

Anonymous Coward | more than 11 years ago | (#5440224)

I don't know about you, but 99% of my spam comes from the USA. From the discussion yesterday I think this is pretty much The Way It Is. Solving the problem in the USA would basically eliminate spam worldwide.

Re:Something Smarter Is Needed (1)

Dan B. (20610) | more than 11 years ago | (#5440262)

Even if this thing was global, there would still be a safe haven somewhere. Someone would just legalize it, and tax it, and have a monopoly on spam. Then they'd wonder why no one get's their point of view about making money out of something everyone else abhors (sp??).

Opium cultivation is illegal in every counrty, but the Taleban still tolerated it 'cos that was basically their government budget float.

Unofficially the Burmese Army are also reported to cultivate opium in large quantities but since it's very hard to check on 'Rogue States', these practises are still widespread yet denied by the Government.

I don't think the spam problem is as bad as Heroin, but the people that deal in it are there soley for one thing - profit. Damn Ferengis!

PS, comment above/below RE: 99% of my spam is from the US. 100% of commercial spam is US, p0rn spam is a little broader.

Re:Something Smarter Is Needed (0)

Anonymous Coward | more than 11 years ago | (#5440308)

Even if this thing was global, there would still be a safe haven somewhere. Someone would just legalize it, and tax it, and have a monopoly on spam. Then they'd wonder why ...why all the other countries in the work have them blacklisted?

Re:Something Smarter Is Needed (1)

kjshark (312401) | more than 11 years ago | (#5440585)

"I don't think the spam problem is as bad as Heroin"
--The spam problem is much worse than heroin. Virtually everyone who uses heroin does so out of their own choices. Spam is forced on us against our will !

Re:Something Smarter Is Needed (0)

Anonymous Coward | more than 11 years ago | (#5440313)

Spam is already illegal [cauce.org] within the European Union.

Of course that doesn't significantly cut down the amount of spam we get over here, because it's nearly all from either the USA or China. (Yes, a small fraction of it really does originate from China.)

One of the real problems with these civil-law solutions ("collect $500 for each spam") is that it's only feasible if you happen to live in the same jurisdiction as the spammer. Otherwise you're left struggling with an alien legal system - and let's face it, all legal systems, more or less deliberately, always favour natives against foreigners.

If I as a European resident receive spam from someone in Florida (which I do, regularly) - what exactly am I supposed to do about it? Fly to Florida, find a lawyer and file suit there? And then what am I supposed to do when the court dates come up, and when they keep changing.... I have a real job to hold down here, ferchrissakes.

This is why I, personally, am in favour of laws that are enforced by someone else - someone whose job it is to do it. Failing that, a good alternative would be a bunch of self-appointed activists who knew the legal systems, who could make a living out of hunting down spammers and getting their $500 a time. I want to be able to forward my spam to someone like that, and let them claim the money on my behalf. If they could see their way to giving me, say, 10%, I'd be quite happy with that...

Re:Something Smarter Is Needed (1)

Dan B. (20610) | more than 11 years ago | (#5440422)

'Cos that'd work...

In local news today... A class action brought against Florida based company over "anti-spam" laws netted a group of Russian/Chinese/Bulgarian businessmen $1.3m, half of which was paid to the lawyers who took up the case on their behalf. After sucessfully claiming that 2600 unsoliceted messages had turned up on their mail server from the local direct marketing company...

Need I say more? People would just end up profiteering from the spammers, which would lead to laws protecting marketing business from said practices.

Again, vicious circle. Except this time it's the crooks taking other crooks to the cleaners.

Pay me for spam? (3, Funny)

Nevrar (65761) | more than 11 years ago | (#5440098)

While I would definitely be keen on being paid $500 per "Enlarge your member" emails received, I somehow doubt the effectiveness of legislation to stop spam...

$500 a piece? (2, Funny)

gmuslera (3436) | more than 11 years ago | (#5440099)

Space tourism will have a boom after this gets approved... what else will all do with so much money?

Re:$500 a piece? (0)

Anonymous Coward | more than 11 years ago | (#5440267)

That's assuming spamming doesn't go down. Nobody except who is sure about turning a profit superior to the expected fines resulting from their spam is willing to risk such fees.

P.S.: I understood your irony. Just wanted to point something out.

Instead of all this, (4, Funny)

Omkar (618823) | more than 11 years ago | (#5440111)

I recommend spammers be designated cyberterrorists. For spammers in uncooperative totalitarian countries, replies with randomly generated subversive messages should be mandated by law.

Don't forget (1)

Raul654 (453029) | more than 11 years ago | (#5440190)

Now we can hold them as enemy combatants

Re:Don't forget (1)

Omkar (618823) | more than 11 years ago | (#5440213)

I guess they're legally from Nigeria.

What's SPAM?!?!?! (-1, Offtopic)

RyansPrivates (634385) | more than 11 years ago | (#5440112)

What is SPAM? Click here [microsoft.com] now to claim your free mouse pad!

Hopefully... (0, Funny)

Wino (655084) | more than 11 years ago | (#5440114)

Hopefully this will also cover unwanted spam i receive from my friends and family, which is usually just some adversisement for an online card company, Democratic national committee, or Republican national committee.

Or maybe not. If its between the government or the individual to regulate the type or format of email, I won't be choosing the government any time soon.

hey slashdotters (-1, Troll)

Anonymous Coward | more than 11 years ago | (#5440130)

Slashdot seems to have at least one article about spam each time I visit.

Get a life people. Nobody cares that you fucking nerds are getting junk emails. Get away from the computer. Go outside. Get a FUCKING LIFE!

I used to work at an ISP reading abuse complaints from people like you slashdotters. I can assure you that anti-spammers are in fact worse than spammers. Anti-spammers are all mentally ill. They feel trapped and helpless in life, so in a rush of keyboard kourage they choose to lash out at spammers since they are too cowardly to deal with their real life problems.

This is not speculation. If you turned over the daily abuse complaints from any large ISP to a physiatrist they would agree. Spam complaints are filled with lies, hatred, rage, and bullshit legal threats. And ninety-percent of the time they don't even send the complaints to the right source.

This is coming from someone who spends 12 hours a day on a PC. And no children, I'm not a troll. I'm a realist.

Re:hey slashdotters (0)

Gwylan (621764) | more than 11 years ago | (#5440191)

What's a physiatrist? It sounds vaguely dirty.

Re:hey slashdotters (1)

grep_a_life (234527) | more than 11 years ago | (#5440261)

You spend 12 hours a day on your PC, read abuse complaints as a living, and *complain* about people who complain (although it was actually your job), and you're telling us to get a life?

moron selective cleansing buy yOUR fudderoll govt (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5440133)

sort of like only brushing yOUR front teeth?

reminds won of the whoreabull stock markup frauds still taking place on wall street of deceit, fueled buy sum of the larcenious yacht jockIEs from the ill eagle kingdumb, & IT's Godless ?pr? machine.

va lairIE's patentdead PosBlock(tm) device also comes to undermined.

lookout bullow. run for your options, should you have any left?

tha daze of the ill eagle bad toll are almost over.

nothing but gnu skies, ...

more details at trustworthycomputing.com

I can see the e-mails now (4, Funny)

snitty (308387) | more than 11 years ago | (#5440137)

IMPORTANT! READ NOW!

Please sign this bill from your state assembly! I did it and I got my wish! If you don't want to get this e-mail from the state anymore click the sucker link at the bottom!

&they posted emails. Brave souls, i guess they (1)

SolemnDragon (593956) | more than 11 years ago | (#5440138)

...really do want to research spam... "The ASRG Chair is Paul Judge
paul.judge@ciphertrust.com.
Mail List
The email list is asrg@ietf.org. You must be a list member to send mail to the list. Subscribe via asrg-request@ietf.org. An archive of the email list is available at the ASRG mail archive."

I'm HOPING that the slashdot community uses this for good, rather than for email. C'mon, people, these people DO want to help....
(on a side note entirely, i was hoping for "Anti-Spam Governing Alliance for Research Developments" or some such... you know, ASGARD? Bloody Vikings!! I mean, who else would be keeping them in line?)

umm... i meant to say (1)

SolemnDragon (593956) | more than 11 years ago | (#5440166)

I'm HOPING that the slashdot community uses this for good, rather than for evil. C'mon, people, these people DO want to help.... "

Sorry. Been a long week already. Use it for 'email?' *duh*

NOOOOoooo.... (0)

Anonymous Coward | more than 11 years ago | (#5440144)

Spam makes me feel loved. I don't get any email otherwise...

Besides, how ELSE would I enlarge my member, help a suffering Nigerian from financial problems, and make six-figure income at home?

The more spam I get, the better Mozilla does (3, Informative)

Anonymous Coward | more than 11 years ago | (#5440155)

Mozilla 1.3's spam filter has really come along nicely. The Bayesian method really is working nicely.

A Tad suspicious (1)

Rezonation (652453) | more than 11 years ago | (#5440160)

I like the idea of the antispam research group however, I see one major problem with it. The ASRG chair is a member of cipher trust a company whose ironmail sollution is way off the map as far as Spam goes. I am just a tad bit sensitive to that. We use a program that uses text algorthyms to deal with spam and we hit 90% which is acceptable for us.

moron email 'filtering' buy the ill eagle kingdumb (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5440169)

make US all into spammers, if they could.

we've been having a little trouble getting through/answering email from our frIEnds who have .kingdumb email addresses, & are now researching the problem via phone contacts.

so far it only looks like fuddles may be planning on 'filtering' his hostages email, until they can only get spam from the kingdumb itself (learn to be a spammer offers), &/or martha stewart, eddie bauer, britney, bearsonstearno, etc,,,. it's a small wwworld after all?

djia hear the won about how now fuddles (ever the last gasper) will take monIE from folks, to turn them into mad spammers? what a scamster. Godless ?pr? FUDgePeddlers, sheesh!@#$%--

Darn it !!! (1)

lyoz (554482) | more than 11 years ago | (#5440193)

... no new mails in my inbox :-(

The case for Arkansas (2, Interesting)

forged (206127) | more than 11 years ago | (#5440207)

...Can we help them craft this?

Since there are already some legislations out there going in the right direction (California, Washington DC, Nevada, ...) why don't they just "borrow" the text from another state ?

once again (2, Insightful)

JeanBaptiste (537955) | more than 11 years ago | (#5440232)

All the spam I get is from asia, africa, and eastern europe.

Great that nevada passed the law, step in the right direction. But this would only apply if the spam or the company profiting from it came from nevada, right? I dont think the male enhancement people from belarus need worry about this law...

All they need to know (2, Insightful)

kaltkalt (620110) | more than 11 years ago | (#5440242)

As long as homo sapiens can freely send emails the spam problem cannot be solved. It's an analog gap of sorts. The MPAA/RIAA have to accept that as long as a human can hear or see it, it can be copied. We have to accept that as long as email is free, there will be spam. Why waste money researching solutions when there are none? Give the money to starving turtles or something instead.

Can you say work ethic? (2, Funny)

Joe the Lesser (533425) | more than 11 years ago | (#5440252)

The ASRG meetings will be held 2-3 times a year generally concurrent with IETF meetings and possibly concurrent with other conferences

Way to get on the ball with those 3 meetings... a year...

Another set of attacks on the effect not source (1)

jj_johny (626460) | more than 11 years ago | (#5440254)

Although I agree with the poster who said that we should try all kinds of things, the one thing that seems to be missing is fixing the SMTP protocol. SMTP [ietf.org] was never meant to be used the way it is today. Quite simply it is a relic of the 1980's originally written by Postel for reliable email communications but not secure, not authenticated and not scalable to the commercial realm. So when I read through these guys that are going to meet 2-3 times a year, I just see no real end in site coming from the standards community any time soon. SPAM will kill email as an effective tool and the costs, both hidden and measureable, are mounting.

Spam loopholes... (4, Insightful)

SystematicPsycho (456042) | more than 11 years ago | (#5440255)

Firstly, they can start by trying to get the following loopholes plugged with the unsubscription methods ..

o unsubscription method is not feasible. I received an unsubscription method that went like this

  • "To unsubscribe by
  • postal mail, please send a request to P.O Box ..... Florida - quote reference number #blah"

Who is going to send a snail mail letter long distance to seemingly be unsubscribed from a spam list? Now it's starting to cost _me money to be unsubscribed. The law says to have _an unsubscription method of some sort - this falls within the law no matter how bad it is.

o unsubscription web page is non-existent - this happens to often

Snort Vulnerabillity. (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5440257)

2003-03-04 20:28:07 New Snort vulnerabillity (articles,news) (rejected)

Normally, I wouldn't complain. Rather I would assume my submission was rejected because an earlier or better written one had been accepted. But, it looks like they just want to ignore this one.

Get your Snort [snort.org] update here [snort.org] .

Spam Relies Upon Deceit (4, Insightful)

zentec (204030) | more than 11 years ago | (#5440269)


A large percentage of "junk mail" depends upon some fashion of deceit. Either it's by masking the true identity of the sender, a spam-haus using domain after domain and ISP after ISP in order to avoid the blacklists or simply by lying and saying that "you really indeed did ask for this".

The answer to the spam problem is to find technical answers that start peeling away at the ways spammers use deceit.

I've said this before and I'll say it again, the first place is to rewrite RFC-821 and require valid reverse-name lookups before accepting mail. Also permit as an authentication scheme that allows the administrator of the accepting mail system to set permissable trust levels. Example, mail that's verified (through an SSL certificate might be one way) as coming from gm.com is accepted, but mail coming from slashdot.org is set to a lower trust level (because they don't want to spend the money for a certificate). Mail from getyerviagra.com is immediately tossed into a review folder, trashed or denied because they don't reverse properly and they have a forged or self-signed certificate or simply don't have one.

The LAST thing anyone here wants is ANY government telling us how to manage electronic mail. In the US, it'll be frought with hooks and back-doors so the feds can snoop your mail.

Let's get it together and fix the problem on our own.

Anyone from the state of NV here? (1)

ketilf (114215) | more than 11 years ago | (#5440286)

I'll put some email addresses on my webpage and forward those to you. We'll share the "revenue" of the spam 50-50! :)

Unstopabble (1)

lunk (80231) | more than 11 years ago | (#5440289)

Trying to make bits uncopyable is like trying to make water not wet. Spam is just as easily reproduced as music or any other digital format.

The best solution... (3, Interesting)

cindik (650476) | more than 11 years ago | (#5440314)

...is unfortunately not a realistic solution:

If no one ever buys anything from spammers, spam will stop.

Unfortunately, the one in ten thousand who buys into this makes it worthwhile to spend a buck to send 10,000,000 emails.

Some people just refuse to believe that unsolicited email offers are a problem. The marketing director at our company keeps pushing to "buy this list of targeted email addresses" or "pump up our ranking in search engines" as offered by the latest spam he receives. These people aren't responsible for spam, but they're responsible for making it profitable.

Like anything else governments try to control (US war on drugs anyone? how about the US prohibition era? prostitution?), spam will continue to exist as long as there is enough demand to justify the low cost of email.

Just say no to spam?

Loophole alert (4, Funny)

paiute (550198) | more than 11 years ago | (#5440331)

Political speech is exempted. Advertising of the "call X and tell him that you are against his position on Y" is protected free speech. So expect emails of the sort: "Call Senator McGuffy and tell him that his penis can be enlarged in only three weeks!"

Wow! (1)

Shads (4567) | more than 11 years ago | (#5440348)

On average I get a hundred+ spam a day (70-300 in reality)... at 500$ each... that's about $50,000 per day! If only I lived in nv :(

Once again (4, Insightful)

deblau (68023) | more than 11 years ago | (#5440374)

Since the attention span here seems to be about 5 minutes, I will reiterate a basic argument about spam (and many other problems plaguing us):
Just as you can't solve a technology problem with laws, you can't solve a social problem with technology.
Spam is a social problem. Scam artists have been around for millenia, 'spamming' you with unwanted and unsolicited communications. The Internet is only the latest communication tool that they use to peddle their wares. Previous tools have been faxes, TV, radio, telegraph, snail mail, courier, and shouting at you from the next hill over. Don't think for one second that the 'let's DDoS them out of existence' or 'let's make email expensive to send through some complicated protocol' arguments will work. They won't.

Here are three easy steps to stop spam:

  1. Don't buy anything you get from spammers. Yes, that 24" penis must be really tempting, and I know you're dying to lose 10^6 pounds, but don't do it.
  2. Encourage other people to restrain themselves. The indiscriminant spam approach only works if the percentage of buyers (a.k.a. suckers, marks) is high enough to justify the cost of spamming (which is very low for email). If you can knock down that percentage, spamming won't be as successful.
  3. Educate people you meet about spam. Let them know that not every email they read is for real. Let them know that responding to spam encourages spammers. Let them know that if you catch them replying to spam, you will give Indian burns to their entire family.
In short, technology isn't the problem here. The problem is that too many people keep falling for the spam. If you do your part, we can make it more expensive for scammers to use the Internet for their schemes.

It'll never work... (1)

tmasman (604942) | more than 11 years ago | (#5440387)

This won't work because of one simple reason... These states are making laws to govern thier own state. What are you going to do if you receive an email from out of state?
The Internet doesn't start & stop at physical borders. If a company wants to use spam to advertise, they'd just have to "create" a company in another nation, use this company name to spam, advertise, & distribute their product.

Also, what's stopping a Texan from spamming people in Arkansas? You can't enforce Arkansas laws in Texas. It doesn't work that way.

Now if you could get a law like this implemented nation-wide, then you might have something worth talking about. Most companies aren't going to actually try the whole "create a company in another country" route (that was just stated for the sake of argument).

I don't think any kind of technological answer is really going to solve this problem. No matter what filter or program you use there will always be too much colateral damage.

For instance:
Say some one had an allergic reaction to a drug that abnormally enlarged his penis and caused his breasts to grow 2 cup sizes. I bet you the doctor's spam filter would end up blocking that email.

Just my 2 worth...
~ tmasman
"Two things are infinite: the universe and human stupidity;
and I'm not sure about the universe."
-Albert Einstein

Re:It'll never work... (4, Funny)

pclminion (145572) | more than 11 years ago | (#5440513)

Also, what's stopping a Texan from spamming people in Arkansas? You can't enforce Arkansas laws in Texas. It doesn't work that way.

Maybe you can't enforce Arkansas law in Texas, but the Texans can sure enforce their law in Arkansas. All it takes is a shotgun and a pickup truck.

Re:It'll never work... (1)

gmuslera (3436) | more than 11 years ago | (#5440537)

A small step for a city, a big jump for the world. Big changes sometimes starts by little things, after a state do this, countries could follow.

In addition to spam... (2, Insightful)

cindik (650476) | more than 11 years ago | (#5440394)

...what about the people who never send you anything original, just stuff that's been forwarded 20 times (with indents, attachments within attachments, and the email addresses of people they didn't think to protect by using bcc)? From where does this stuff originate anyway? I always seem to get the stuff that's been forwarded at least five times. Maybe I just don't know any creative people.

I've come up with a name for these emails. It's full of miscellaneous stuff (indents, headers), no one knows where it originally came from, no one seems to really want it, and it gets passed around endlessly (I frequently get several copies of each - often from people who were on the same to: line as I was the first time I got it!).

I call it "fruitcake".

Now here's the question:

Would it be reasonable to write a filtering program that:
  1. Strips out indents, headers, and whitespace
  2. Creates a crc or other signature for the actual cute story or magic "scroll down to see the answer" quiz
  3. Checks a database to see whether this is a known fruitcake and, if so, deletes it
  4. Allows the user to add additional fruitcake references
Any thoughts?

Spam is psychological... (1)

Mabidex (204038) | more than 11 years ago | (#5440477)


Current spam is more psychological than, physical for the average 'promoter' (advertiser, spammer, etc.)

When something is almost free to do, and provides you somewhat an anonymous way to advertise something a 'promoter' is trying to sell without incurring much cost except for a monthly bandwidth charge, and of course the computer to do the 'promotion'. We have people who cannot resist the idea that spamming is so much better than the US Postal service.

The US Postal service, limits you to physical items for advertisement, and postage cost for sending the items. Here we see 'promotions' only from local areas who know their customer base, and advertise solely to them. (Direct marketing) While spammers throw their crap to everyone under the sun, and see what 'sticks' and who buys.

Brainclone.com is working on a system for ISPs and users to have their own digital stamps. Basically the concept is the following: An unknown person emails you, and the mail server automatically emails them back saying that the Brainclone user does not know them, that the Brainclone user requests the emailer (promoter, spammer) to buy x number of stamps for the email to be delivered to the user. At the end of each month the Brainclone user receives the cash amount of the stamps, of the emails that 'promoters','spammers' decided to 'Pay' for the advertisement email to go through to the Brainclone user. White list, black list, and a couple other items are incorporated for ease to the end user.

The nice thing about this is that each Brainclone user would set his own 'Stamp' requirements for unknown people to email them.

(so in essence I may want 20 stamps per email if I decide I really don't want anyone unknown to me to email me, or set it at 1 stamp, so that I can receive a few advertisements that I may want to read (direct marketing) and get some cash at the end of the month)

This turns the 'Marketing' aspect of the internet spammers around, takes the free advertisements aspect out (and the psychological desire to spam EVERYONE), the marketers will also need to identify themselves when buying stamps (through a process Brainclone is testing using the same type that online banking uses) and then these marketers would have to apply the rules of direct marketing to avoid wasting money on the digital stamps.

This will have the spammers psychology turn from a ... lets email everyone in the world 'cause we can and it's free... to one of ... let's email those folks who we know would like to receive these local promotions, so that we don't spend our advertising dollars spending money unnecessarily on people who would never respond to our promotion.

ISP's make 20% of the stamp money if ads get through, Brainclone users get 80% of the cash if ads get through, and we all have a lot less spam.

Contact Brainclone Enterprises, if you are an ISP and would like to have this set up for you and your email users. Anthony@brainclone.com

How to defeat spam (4, Insightful)

GnuVince (623231) | more than 11 years ago | (#5440526)

Spam is a business. Like all business I know, its fuel is money. When spam stops being profitable, it will probably stop being so much a problem. Most geeks, nerds and hackers know how to recognize spam a mile away and most of us have spam filters installed, but common users do not. We need to help them by explaining them how spam works, by installing them filters (PopFile [sf.net] is an excellent free one on Windows and other platforms).

Just make sure as much people in your neighborhood never see spam, and after a while spamming will not be as much as a problem as it is right now.

Informing the common computer users is the first step.

Summary of IETF ASRG discussions (4, Informative)

wayne (1579) | more than 11 years ago | (#5440588)

I've been subscribed to the list since near the beginning and have been following it fairly closely. Much of the discussion has been rehashes of old topics such as "what exactly is spam?", "make the sender pay something, either money or CPU", etc.

The most interesting discussions that I've seen so far are:

  • Mail transfer programs (MTA) such as sendmail, exim, qmail, etc., should keep track of sender-recipient pairs. The first time the sender-recipient pair shows up, sendmail (or whatever) should issue a "temporary delivery failure". This will force the sending mail transfer program to queue the mail and resend it later.

    Most spam specific programs will not queue and retry, and thus the spam will be dropped.

    Spammers that use real mail transfer programs or open relays will need to be able to hold all their outgoing spam for a while, increasing the spammer's costs and slowing down the delivery of spam. Legitimate email will not be thrown out, it will only be delayed and only for the first time.

    Of course, you don't really want the databases to remember every sender-recipient pair forever, nor do you want to remember pairs that were added by spam so this really isn't a "first time" database, but it is close.

    Apparently the "canit" program already does this, but I had not heard of this technique before.

  • Spam filtering really needs to be done while the email is being received. Sendmail can already do this with the milter filter, but other MTAs should also. Most mail servers are I/O bound, not CPU bound so this really isn't much of a burden on the server. This is completely backwards compatible and doesn't require end users to do anything.

    If you filter during the email receive process, you can make the sending MTA do the bounce. This means that you will not have to deal with spammers forging "from" and "reply-to" headers. You won't have to clean up bounces that never succeed, nor will you be responsible for bouncing spam to another victim that the spammer selected for the "from" or "reply-to" headers.

    Also, false positives will recieve a bounce message instead of just disappearing. This reduces the danger of important email being lost.

  • There are also several proposals to deal with ways of verifying that email being sent from a given IP address and claiming to be from a certain domain is actually authorized to send email claiming it is from that domain.

    Right now, there are DNS records that tell you which IP addresses are valid to try and send email to for a given domain (the MX records), but many ISPs have different machines for sending and recieving email. There are currently no DNS records to tell you which tell you which IP addresses a domain will send email from.

    The problem with this kind of proposal is that there are many people who think they have legitimate reasons to forge "from" or "reply-to" addresses. It also forces ISPs to make sure that every time they add a new outgoing mail server, they need to update the list of valid IP addresses. If they forget to do this, then only bleeding edge spam filters will detect a problem.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>