×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Interview With The SpamAssassin

Zonk posted more than 9 years ago | from the thin-pink-line dept.

Spam 202

comforteagle writes "Howard Wen has conducted an interview with Daniel Quinlan of SpamAssassin. In it he explores what keeps Daniel motivated in the face of the unrelenting torrent of spam and new spamming techniques, as well as, what is working - what is not, and what he predicts spammers have up their sleeves next for defeating spam detection." From the interview: "If you don't mind deleting spam manually, that's your prerogative, but don't complain about it. If your ISP doesn't do a good job fighting spam, then switch ISPs or install your own anti-spam software. There are a lot of choices out there."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

202 comments

Fr0st P1st! (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11847708)

Fr0st P1st!!!

Re:Fr0st P1st! (0)

Anonymous Coward | more than 9 years ago | (#11848164)

I bet the third post will be by a Google-employee bragging about how great Gmail's spam protection is (of course omitting the fact that every mail read with gmail conjures 20 AdNonSense-ads by Google's online-pharmacy and casino-spam friends.

Disgusting.

gmail has good spam protection (5, Informative)

erick99 (743982) | more than 9 years ago | (#11847714)

When I got to over 300 spam a day was just about the time I tried gmail (google mail). So far this is the best spam protection I have come across. My spam folder is getting about 400 a day now but I can't remember the last time a "good" message went in there. I still get about five spam a day that I need to manually deal with.

Re:gmail has good spam protection (3, Interesting)

winkydink (650484) | more than 9 years ago | (#11847772)

I agree that Google has good protection, Even with slutting my email address by publishing it on /., the amount of spam that makes it into my gmail box is surprisingly small.

Re:gmail has good spam protection (1)

Neil Blender (555885) | more than 9 years ago | (#11847788)

I second that. I have all my mail from all my accounts forwarded to my gmail account. The spam filters are amazing. By the way, I have about 150 invites to give out if anyone wants one (they are getting harder and harder to get rid of.)

Re:gmail has good spam protection (4, Interesting)

int2str (619733) | more than 9 years ago | (#11847988)

I disagree completely.

I'm subscribed to the Linux kernel mailing list with a GMail account and it constantly marks legitimate messages as Spam. Since the emails have such a common format and subject matter, that's really surprising.

On the flip side, many Spam messages and phishing attempts make it through GMails filter.

My small business mail server running Spamassasin and some blacklists is much more efficient compared to Gmail.

Cheers,
Andre

Re:gmail has good spam protection (1, Interesting)

Anonymous Coward | more than 9 years ago | (#11848078)

That's correct. I had an extra gmail invite so I set it up and signed up for about 100 high volume mailing lists and a bunch of news alerts from cnn and google. I have received about 25,000 emails from these groups and have about 500 messages in the spam folder. 99% of the messages in the spam folder are mailing list messages.

Not that I care or anything, I just want to see what happens when I reach the gigabyte limit. I'm at 40% right now.

Re:gmail has good spam protection (4, Interesting)

snorklewacker (836663) | more than 9 years ago | (#11848045)

gmail's spam filtering annoys the hell out of me: No whitelists. I'm subscribed to a spam discussion list, so it trips spam filters all the time, and I'm constantly having to fish messages out. I don't care that it classifies it as spam, I'm just annoyed at the fact that I cannot ever override its judgement.

Why is it... (-1, Troll)

solios (53048) | more than 9 years ago | (#11848256)

.. that for every FREE service or software available on the internet, there's ALWAYS somebody who whines about how it lacks this-or-that feature? :|

There is a whitelist (1)

Laebshade (643478) | more than 9 years ago | (#11848300)

Sort of. See that button above an e-mail that says 'not spam'? Yes, that's the one. If a message appears in your spam box, click that button, and it will be moved from the spam box to the inbox and taken off the 'spam' list, effectively adding it to a whitelist.

Re:gmail has good spam protection (1)

jgclark123 (812195) | more than 9 years ago | (#11848046)

I agree; although I still have my Hotmail account on /., I have received no spam in my Gmail account. Hotmail is like a spam magnet, I suggest using Yahoo! or Netscape mail instead of Hotmail. Also, Gmail invites are difficult to give away... but if you need any check out my sig.

yahoo has good spam protection too (1)

krunk4ever (856261) | more than 9 years ago | (#11848155)

i've been using yahoo for years and i get about 3000 spams per month which averages to about 100 spams a day. not quite as much as you, but i get about 1 spam a week that falls into my regular inbox. however, some of my newsletters which i subscribed to did get marked as spam and after marking them as not spam a couple of times, yahoo spam filter was smart enough not to do it again.

Re:gmail has good spam protection (1)

Threni (635302) | more than 9 years ago | (#11848274)

> gmail has good spam protection

yeah, but you can't turn it off, and gmail doesn't forward mail it's erroneously decided is spam, so you still have to log in sometimes to read the false positives.

Cloudmark SpamNet (5, Informative)

Zendar (578450) | more than 9 years ago | (#11847736)

Been using Cloudmark's [cloudmark.com] SpamNet for over a year and haven't looked back since. Nothing gets by.

Disclaimer: No interest in the company. Just a satisfied customer.

Re:Cloudmark SpamNet (2, Informative)

brj (665333) | more than 9 years ago | (#11847814)

I tried Cloudmark once, but found their false positive rate to be atrocious. They were tagging legitimate marketing emails from companies like REI that I had actively signed up for as spam. Their network of lusers are too lazy to unsubscribe from legit emails and they just report them as spam. Argh! (This was several years ago, so I don't know if things have improved since then.)

you'ved been spammed! (2, Funny)

dmf415 (218827) | more than 9 years ago | (#11847738)

v1agr@ r0g@1n3

Who has noticed a decrease in the effectiveness of Spam Assasin. I have! Anyone else?

Re:you'ved been spammed! (1)

Kainaw (676073) | more than 9 years ago | (#11847824)

Who has noticed a decrease in the effectiveness of Spam Assasin. I have! Anyone else?

I still have SpamAssassin running, but I wrote my own spam filter to run before it because SpamAssassin was letting through so much spam. I found that my own filter is far more effective. Perhaps it is only because I can customize it easily (as I wrote the code) to handle what I receive. SpamAssassin has to be generalized for everyone else. Also, SpamAssassin didn't do an IP Address lookup on all links the emails, which is what I wanted and has continued to be the most effective blocking tool I have.

Re:you'ved been spammed! (1, Interesting)

Anonymous Coward | more than 9 years ago | (#11848080)

Then how about making those enhancments into additional modules/tests for SpamAssassin? Then everyone can benefit or they can disable that feature if they dont want it.

Re:you'ved been spammed! (2, Informative)

QuasiEvil (74356) | more than 9 years ago | (#11848105)

For me it comes and goes, but yes, in the last couple weeks I've noticed a dramatic increase in false negatives. I feed them back into the bayesian filter for training, but it doesn't seem to help much. The worst part is that there's no real pattern to the stuff that gets through, other than the fact it tends to be very minimalist - a few words, often about a stock to invest in, etc.

That said, SA has been a saviour of unimaginable proportions. I get 400-600 pieces of spam a day, and normally it's very good about getting all but 1-2 of them each day with hardly any false positives. Lately it's been letting 10-20 slip through, though.

Re:you'ved been spammed! (3, Informative)

Christopher_G_Lewis (260977) | more than 9 years ago | (#11848195)

It's just an arms race. SpamAssassin gets better, then the spammers adjust.

Part of the problem with open source spam filters, the Bad Guys can reverse engineer what's currently being tested.

I kinda wish that the SpamAssassin group would separate their tests from their product development, so we could get more frequent update of the "offical" spam assassin filters. However, I remember reading somewhere that testing and evalutating any new rules against their current corpus takes quite a long time.

Also, make sure you check out http://www.rulesemporium.com/ [rulesemporium.com] for more frequently updated rules.

Re:you'ved been spammed! (0)

Anonymous Coward | more than 9 years ago | (#11848375)

The servers I administer gets over 600,000++ pieces of spam daily. Since we host web based e-mail for over 300,000+ users.. Spam and Virii are a major issue.

Thank god for milter-greylist, ClamAV, and SpamAssassin. Our servers and users are alot happier.

Re:you'ved been spammed! (1)

ch-chuck (9622) | more than 9 years ago | (#11848331)

I've noticed an increase in stock tip spam getting through (spamassassin at my FreeBSD based ISP, so I don't control it) - but they capatalize O's a lot so they're pretty easy to weed out 5 or 10 a day.

hOt stOck tip!

Complain as much as you can! (5, Interesting)

iolaus (704845) | more than 9 years ago | (#11847751)

"If you don't mind deleting spam manually, that's your prerogative, but don't complain about it. If your ISP doesn't do a good job fighting spam, then switch ISPs or install your own anti-spam software. There are a lot of choices out there."

How the hell do you think the national do-not-call list came about? Because people bitched and complained! I agree there are spam solutions out there but I still think there should be an easier, more fool-proof, and legally backed way of opting out of spam.

Re:Complain as much as you can! (3, Insightful)

dotslasher_sri (762515) | more than 9 years ago | (#11847836)

and legally backed way of opting out of spam.

This might be a little difficult to do. Spamming is already is illegal in US. But anyone can spam from other countries. And making the US laws apply over there would be difficult.

in my opinion a fix to spam has to come from the software side, not from the government side.

Re:Complain as much as you can! (3, Insightful)

winkydink (650484) | more than 9 years ago | (#11847864)

The US and other countries could put pressure on China to get them to clean up their ISPs. If you reduce the number of safe-spamming havens, you should reduce the smount of spam.

Re:Complain as much as you can! (1)

dotslasher_sri (762515) | more than 9 years ago | (#11847991)

The US and other countries could put pressure on China to get them to clean up their ISPs. If you reduce the number of safe-spamming havens, you should reduce the smount of spam. Well spammers will choose a different country then. It would just be a cat and mouse game, and on top of that its not really a fix to stop spam using the email protocol. i think something must be done in the email protocol.

Re:Complain as much as you can! (2, Informative)

bbuR_bbuB (804723) | more than 9 years ago | (#11848068)

Most spam these days isn't coming from China and the far east. Instead, they are coming from zombie PC's haxored by spammers, most likely right in your own backyard. Well, maybe not your backyard, but a lot of it is definately coming from the US again. So much for blocking .cn emails....

Re:Complain as much as you can! (1)

zangdesign (462534) | more than 9 years ago | (#11847872)

in my opinion a fix to spam has to come from the software side, not from the government side

Well, the government could help by making it legal to mutilate spammers on the first offense ...

On a more serious note, just make it legal to go after the companies that hire spammers.

Wait, I like the first idea better. Yeah. Mutilate spammers. And their families.

Re:Complain as much as you can! (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11847892)

I'm beginning to wonder what people would pay, as a group, for the heads of spammers on a pike. I mean literally. Hunt down a few of the really bad ones, place their heads on pikes, and put the pikes in public places. They may not last long there, at least only until the police arrive, but that would probably send a pretty powerful message.

Re:Complain as much as you can! (0)

Anonymous Coward | more than 9 years ago | (#11847854)

And just how effective is it? I get double as much political phone calls now (which are exempted from the do-not-call list), and still get tons of auto-dialer phone spam which is impossible to block because there aren't any human beings on the other end.

Re:Complain as much as you can! (2, Insightful)

hawkbug (94280) | more than 9 years ago | (#11847866)

Keep dreaming. Most spammers are not in U.S., or if they are, they are untraceable unless your the FBI who has bigger fish to fry. No legal tactic on the planet is going to solve this problem. A technical solution is all you can hope for - which when you think about it, should be very possible and is getting closer all the time.

Re:Complain as much as you can! (4, Informative)

frankie (91710) | more than 9 years ago | (#11848148)

Most spammers are not in U.S.

This is false. The SpamHaus list [spamhaus.org] shows the USA hosts more spammers than the other countries put together.

the FBI who has bigger fish to fry

This is somewhat true. We won't put a dent in spam from a legal perspective until a federal agency devotes some serious infrastructure to the job.

That's mainly due to lack of willpower and expertise rather than funding, however. A competent "Spam Czar" armed with the authority to seize spammer's personal assets could easily achieve self-funded operation within a year.

Re:Complain as much as you can! (1)

kwerle (39371) | more than 9 years ago | (#11847949)

I guess there are a few. Various states make it illegal to send spam. I don't know offhand if there is a federal law (in whatever country you're in), but none of that matters.

American laws are not enforceable in

Given that trademark, copyright, etc, laws are not universally accepted/enforced, I'm thinking this is something that can not be outlawed.

A smallish part of the problem is that the SMTP protocol is broken in how naiive it is, but people are working on that (see http://spf.pobox.com/ etc).

How the hell do you think the national do-not-call list came about? Because people bitched and complained! I agree there are spam solutions out there but I still think there should be an easier, more fool-proof, and legally backed way of opting out of spam.

If phonecalls were free internationally (and just wait), the do-not-call list wouldn't mean squat.

My view (2, Informative)

elid (672471) | more than 9 years ago | (#11847760)

OSDir.com: What's the craziest/toughest spamming scheme that the SpamAssassin team has encountered and dealt with?

Quinlan: That would probably be advance fee fraud, also known as "Nigerian" or "419" scams. These messages are often literally sent individually to each recipient, mutating each time, by scammers typically located somewhere in West Africa. Because they often are sent in low volume, and almost every one is somewhat different, they are a bit tricky to catch.

An easy solution for home users who don't happen to know anyone from West Africa is to just block all e-mail from there. But even without that, I have had decent success in the past with a combination of SpamAssassin tagging e-mails and Thunderbird filtering. Stay away from OE. Far, far away.

Re:My view (1)

ornil (33732) | more than 9 years ago | (#11848063)

An easy solution for home users who don't happen to know anyone from West Africa is to just block all e-mail from there.

Much of this email comes from free webmail providers. So I don't see how it would help.

Re:My view (1)

snorklewacker (836663) | more than 9 years ago | (#11848109)

Most 419's are sent from UK and Dutch ISP's. I'm not going to block all of .uk and .nl, thankyou. 419's may be hard to catch, but they represent pretty low volume. Not really considered a priority. Phishing is getting to be really bad news. Even if you're not dumb enough to fall for it, I bet you'll look real hard at any real correspondence from your bank. That cloud of suspicion is what the banks hate the most.

And yes, stay way away from OE. The full blown outlook isn't too bad, though it has severe problems all its own, but OE is a non-stop disaster.

Re:My view (3, Informative)

daremonai (859175) | more than 9 years ago | (#11848264)

I have found that Bayesian filtering is essentially 100% effective on 419 scam mail. As is obvious when reading any of them, they have a very distinctive vocabulary...

The "trick," such as it is, is to maintain three separate Bayes databases - a "good" one, a "spam" one, and a "419" one. Filter with good vs. spam first, and then with good vs. 419. This seems to work better than just lumping 419 mail in with other spam, since as Quinlan notes, the 419 scam mail tends to have little content in common with other spam. But with a separate filter, it can be identified with essentially 100% accuracy.

SURBL (5, Interesting)

JohnGrahamCumming (684871) | more than 9 years ago | (#11847763)


OSDir.com: What's the most effective anti-spam technology that SpamAssassin uses right now?

Quinlan: I think network rules are the most effective single technology, in particular, the URI rules that use SURBL, looking for spammer domains in Web links.

The SURBL can be found here: http://www.surbl.org. It's a very good thing, so much so that spammers are starting to try to get around it by doing stuff like this:
Copy the following URL removing the space into your browser:

www. spammer-site.com
John.

SpamAssassin has SURBL support (1, Informative)

Anonymous Coward | more than 9 years ago | (#11847849)

SpamAssassin got 'native' SURBL support in 3.0

Re:SURBL (1)

Kainaw (676073) | more than 9 years ago | (#11847908)

The SURBL can be found here: http://www.surbl.org. It's a very good thing,

I cannot agree with this enough. I wrote my own SURBL-like spam filter before SURBL was available. I mentioned it twice on Slashdot before SURBL and everyone said it wouldn't work, but it was great. The only way you can get a false-positive is if someone sends you a link to a spammer's website in an email that you actually want. Really, how often does that happen?

I have since expanded my own filter to handle the "copy the following link" craze, as well as all the forms of encoding emails. I also used the same technology to block phone numbers because I get a hell of a lot of "call us for refinancing" spams. Like SURBL, it works great.

Re:SURBL (1)

silentbozo (542534) | more than 9 years ago | (#11847974)

Is it a Spamassassin rule or a Procmail recipie? If so, can you share? I'm still stuck using SA 2.63 (too much of a pain to migrate right now, since so much was changed between SA 2.63 and SA 3) and I'm sticking with doing some incremental rule upgrades.

Re:SURBL (1)

Rocketship Underpant (804162) | more than 9 years ago | (#11848301)

The SURBL can be found here: http://www.surbl.org. It's a very good thing, so much so that spammers are starting to try to get around it by doing stuff like this:

Copy the following URL removing the space into your browser:

www. spammer-site.com

The nice thing is that with each new work-around, spamming gets more difficult and less profitable for the spammer. Since they don't know who has spam filtering and who doesn't, they have to make every email convoluted.

Most of the spam messages that make it through my filter are unreadable because of all the misspellings, bizarre wording, and so on. And I doubt that most of the gullible fools who would actually click a spammer's link know how to copy an address from Outlook and paste it into their web browsers. I'm sure my parents would have trouble doing it (not that I'm saying they're gullible fools, though my mom did try buying airline tickets from a phishing site once).

We use a Brightmail tool on Ironport appliances (2, Informative)

csoto (220540) | more than 9 years ago | (#11847776)

IT IS THE BOMB. Spam loads to my work account dropped by orders of magnitude. Now, Mail.app identifies maybe 2 per day, instead of 200+.

Charles

Re:We use a Brightmail tool on Ironport appliances (1)

superpulpsicle (533373) | more than 9 years ago | (#11848176)

Wait the sec, my comcast mail filters out 70 a day, 2 sneaks by. I don't consider that a success. It's good, but not 100% success.

Once again.. (4, Informative)

daeg (828071) | more than 9 years ago | (#11847797)

I've said it before, but I have to promote PopFile (http://popfile.sourceforge.net/ [sourceforge.net]) again. Since doing a bit of training, it now correctly sorts about 99% of my e-mail. I get about 600 messages a day not including mailing lists, and my accuracy is 99.65%. It is generally not susceptible to new spam techniques unless they can match the subject matter that my e-mail typically covers.

When they start spamming "Linux IPF Apache LOOK! Vi@GR@ makes your peNi$ PHP Bug CSS" I will be concerned.

popfile (1)

John_Sauter (595980) | more than 9 years ago | (#11847936)

I can second that. I have been using popfile for months, and it is currently doing an excellent job of putting my spam in a separate folder from my other correspondence.
John Sauter (J_Sauter@Empire.Net)

Re:Once again.. (1)

eclectro (227083) | more than 9 years ago | (#11848008)

When they start spamming "Linux IPF Apache LOOK! Vi@GR@ makes your peNi$ PHP Bug CSS" I will be concerned

Thanks for telling the world that.

Re:Once again.. (0)

Anonymous Coward | more than 9 years ago | (#11848142)

From my experience, Bayesian Filtering (as POPFile uses) is the best way to filter spam. There is a little pain at first but if allows you to have a much more accurate filter for the specific types of email you get. Some spam is not spam for everyone.

I don't understand why everyone doesn't use it. Just lets users say "hey, this is spam to me" and that is that.

Am I alone? (4, Informative)

The Eagle Maint (862053) | more than 9 years ago | (#11847819)

Maybe I'm the lucky minority here, or my mail host has some crazy filters I don't know about, but I very, very rarely recieve any type of spam. Now, I don't go handing out my email address either. If I'm signing up for something shady, I use another address at a web-based email account, which does get a lot of spam... but otherwise I use the mail host that comes with my website http://www.surpasshosting.com/ [surpasshosting.com] and Thunderbird as a client, and never see any type of spam.

Re:Am I alone? (1)

Neil Blender (555885) | more than 9 years ago | (#11848006)

Some people have had the same email address for 10-15 or more years and used them in public when spam wasn't really a problem. Also, if you have your own personal domain name and have default catch set to your email address, you can get spammed even if you never give out your email address. I get spam sent to some.common.firstname@mydomain.com all the time and it ends up in my inbox.

Re:Am I alone? (2, Informative)

Saeed al-Sahaf (665390) | more than 9 years ago | (#11848268)

Which is why, when you run your own personal mail server (qmail with vpopmail, anyone?), you should not have a default catch. If it does not go to a real account, dev/null it.

Re:Am I alone? (0)

Anonymous Coward | more than 9 years ago | (#11848035)

It's possible it's being very strict about who it receives mail from. I had my mail going through one host just for mail, who then bounced it to my home machine. I'd get perhaps 10 spam emails a day from that.

When I switched the mx record directly to my home box, the exact same email address receives over 200 a day.

I figure it's all in the rejection of IP addresses known to have spammed or who are more likely spammers.

Re:Am I alone? (2, Insightful)

bfline (859619) | more than 9 years ago | (#11848041)

I'm with you. I hardly ever get spam. I just don't ever enter a real email address when it asks for one in forms. You know who you are people, who sign up for every contest. This is where you are essentially signing up for spam. I just put a fake address in when I have to fill out a form. I have two addresses, the real one that is just for friends and family and another that I use in cases where I have to use a real address on the web. But I rarely ever use that account.

Re:Am I alone? (2, Insightful)

snorklewacker (836663) | more than 9 years ago | (#11848145)

> Maybe I'm the lucky minority here, or my mail host has some crazy filters I don't know about, but I very, very rarely recieve any type of spam. Now, I don't go handing out my email address either.

Some of us think that's a really sad state of affairs when you can't have a public email address. I mean yes, there's cranks who might send you flames or whatever, but one shouldn't have to be utterly innundated with crap just for letting everyone know their address.

Sadder still is that this sort of secrecy just becoming the norm now.

(no, I don't put my email on my slashdot account, but I like being pseudonymous for other reasons)

Re:Am I alone? (1)

pixelpusher220 (529617) | more than 9 years ago | (#11848363)

you aren't alone. but I also make heavy use of yahoo free accts until I'm comfortable the account isn't being spammed too.

There was a time though that I wasn't as careful and even with the same email address for over 5 years I'm only getting 2-3 a day at most.


A spam "bubble"? (4, Interesting)

antifoidulus (807088) | more than 9 years ago | (#11847823)

From TFA:
The greater challenge is that the new techniques never stop coming. It's possible spammers will eventually run out of tricks, but it definitely hasn't happened yet. Most techniques backfire fairly in the long run, and make it more obvious that a message is spam.
You gotta wonder if there is a spam "bubble" that will burst pretty much like every other bubble. It started the same way, a few scammers got the idea of sending out scams via email and were quite successful, and everyone else started to jump on board. But soon enough(hopefully) people will learn their lesson and spam will slow....maybe I'm putting too much faith in people.
But it is interesting to see how many "me too" trends there are in spam. Up until about 2 years ago, I never received a 419 scam, but now I get at least one a week. Up until about a year ago, I never received a rolex email(typically the domain of brick and mortar(ok, urine soaked streetcorner) drifters), but now I get a few a day.

Re:A spam "bubble"? (1)

BackInIraq (862952) | more than 9 years ago | (#11847980)

But it is interesting to see how many "me too" trends there are in spam. Up until about 2 years ago, I never received a 419 scam, but now I get at least one a week. Up until about a year ago, I never received a rolex email(typically the domain of brick and mortar(ok, urine soaked streetcorner) drifters), but now I get a few a day.

Strangely, I was getting the occasional 419 a couple years ago or more, but they were always adapted...never actually mentioned Nigeria. Now almost every one I see (and I see at least one a day because they are the one thing that seems to get through the filtering on my server) is ripped right from the "classic" Nigerian template.

Maybe they're just getting too lazy to come up with shit.

I think the best way to fight spam is through education. Start getting the word out somehow that this guy really isn't from nigeria, that that supplement won't make your penis bigger, etc. Maybe if people stop falling for this shit (and people do, or it would have stopped long ago) lowlifes will stop sending it out. Perhaps if AOL, MSN, and the like replaced their "Hey, welcome to our mail service...aren't we great?" with something more like "Welcome to MSN...in case you're new to the internet, here are some things you should know." Might seem redundant and silly, but so are the ones they really send, so what's the difference.

Hell, I'm almost tempted to start spamming with informative emails telling all these people that the OTHER spam they're getting is bullshit. Maybe that would work.

Then again, even if you got the word to everybody on the internet, the next minute another sucker would be born...and a million Nigerians would be out there trying to find him.

Re:A spam "bubble"? (1)

snorklewacker (836663) | more than 9 years ago | (#11848218)

> I think the best way to fight spam is through education. Start getting the word out somehow that this guy really isn't from nigeria, that that supplement won't make your penis bigger, etc. Maybe if people stop falling for this shit (and people do, or it would have stopped long ago) lowlifes will stop sending it out.

Not to sound too cynical, but:

1) Stupid people are also resistant to education.
2) There's a sucker born every minute.

Sure, education is great, but I really am not holding my breath.

Re:A spam "bubble"? (0)

Anonymous Coward | more than 9 years ago | (#11848193)

> You gotta wonder if there is a spam "bubble" that will burst pretty much like every other bubble

Absolutely -- it's showing signs that it already has burst, sort of like the dotcom bubble had a few burps before the big bloodletting on wall street. Spam in general appears to be plateauing, though morphing enough that it always defeats the simpler filters.

phishing and viruses are sure to go on the upsurge however.

How to stop spam (3, Insightful)

Merdalors (677723) | more than 9 years ago | (#11847846)

Two words: Spam Arrest. Zero spam, no filters to nurse, no lost mail.

Re:How to stop spam (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11848243)

Oh yes, challenge-response. Stop spam by spamming everyone else, and making everyone so annoyed with you that they don't bother.

Not to mention that Spam Arrest are themselves spammers.

Re:How to stop spam (0)

Anonymous Coward | more than 9 years ago | (#11848245)

Three words: No email address! :)

Business cards (5, Funny)

nizo (81281) | more than 9 years ago | (#11847883)

I bet he has cool business cards:
Daniel Quinlan - Spam Assassin
He can tell people his job is to kill spammers. Which reminds me, I wonder if anyone at the IRS actually checks what job title you put on your tax forms?

Re:Business cards (1)

inject_hotmail.com (843637) | more than 9 years ago | (#11847987)

He can tell people his job is to kill spammers. Which reminds me, I wonder if anyone at the IRS actually checks what job title you put on your tax forms?

"Yeah, my job is to slaughter the product of another man's...and people love me for it."

Yep...that'd be worth a few tax credits in my book. We need more guys like him! My client's are forever begging me for spam filtering s/w...

Inject.

Re:Business cards (3, Funny)

LetterJ (3524) | more than 9 years ago | (#11848002)

"I wonder if anyone at the IRS actually checks what job title you put on your tax forms? "

This is the federal government. It's probably someone's exclusive job to not only read it, but hand copy it in blue ink into large 3 ring binders which are then manually typed in by someone else employed full-time to do such an activity.

Re:Business cards (3, Funny)

Anonymous Coward | more than 9 years ago | (#11848038)

So I guess putting "Senior Tax Evader" as my occupation probably wasn't such a good idea?

Your best choice (0, Troll)

evil-osm (203438) | more than 9 years ago | (#11847922)

Don't publish your e-mail address in a public forum, only idots do crap like that and they get what they deserve.

Re:Your best choice (1)

winkydink (650484) | more than 9 years ago | (#11847937)

As I said to an earlier poster, Google is doing an amazing job keeping things out of my gmail box even though my address is posted on /.

Re:Your best choice (1)

evil-osm (203438) | more than 9 years ago | (#11848106)

Yeah I think I remember that, "do your worst" IIRC...anyway it was an attempt at a poor joke (note my signature).

Bollocks (1)

Tim Ward (514198) | more than 9 years ago | (#11848211)

Some of us have to earn a living. If potential clients can't contact us as easily as possible they'll just try someone else.

It takes only one (1)

VIIseven7 (140968) | more than 9 years ago | (#11848273)

Trying to keep your email address private is the modern equivalent of tilting at windmills. All it takes is one friend sending you an "e-card" or something similar, and your email address is spreading through spammers' lists faster than.. uh.. something that spreads really quickly.

Also, people don't deserve to get spammed to hell because they post their email addresses in public forums. Slashdotters take things like "don't publish your email address" for granted, but it's only common sense to us because we know how all this works. The average user has likely never heard of an email harvester.

All I can say is... (4, Interesting)

Anthony Boyd (242971) | more than 9 years ago | (#11847944)

...God bless Daniel Quinlan and people like him. I have had a hell of a time with my daughter's email. A LOT of Web sites for kids have a "mail a friend" option. At one point my daughter wanted to use that option on a few sites. These are kid-oriented sites with privacy statements, so the sites felt trustworthy.

Fast forward to two weeks later, and one of those #@!&^ing sites has sold her email address to every spammer in the nation. My little kid got 196 spams yesterday -- for Viagra, lesbian cheerleader porn, you name it. So I have become heavily interested in every anti-spam product known to man. I've got 'em on the server, and got 'em on the client. Right now, with redundancy, this is 99% accurate, and my daughter gets only messages from friends and family. My biggest problem is not that spam gets through, but that false-positives block a legit message every now & then. That is the area I hope improves the most.

Re:All I can say is... (1)

disposable60 (735022) | more than 9 years ago | (#11848167)

Give the girl a new email address - they're free after all. And point out to her that all the scary crud that's been arriving has also been hitting her friends' boxes because of the 'mail-a-friend' thing.

I don't know what the problem is. (2, Funny)

defore (691193) | more than 9 years ago | (#11847972)

When I get spam I don't want I just unsubscribe from it. "WHAT DO YOU MEAN IT WILL TAKE 72 HOURS TO REMOVE MY ADDRESS?"

Other analogies (4, Insightful)

LordOfYourPants (145342) | more than 9 years ago | (#11847973)

"If you don't mind deleting spam manually, that's your prerogative, but don't complain about it. If your ISP doesn't do a good job fighting spam, then switch ISPs or install your own anti-spam software. There are a lot of choices out there."

It seems pretty simple to me: complaining leads to awareness, which leads to action. Maybe a bunch of people on Slashdot griping about spam won't amount to jack, but let Oprah or someone else with a grappling hook or two on the office/church/bar water cooler complain about it and they can make a difference in social attitudes.

SpamAssassin is a good step but the real problem is the social system which makes spamming possible. How else can you explain a 60-year-old grandmother 1) using her computer as a spam relay, 2) acknowledging it on television, and 3) not seeing it as a problem because it's "legal" and she's getting regular cheques to do so?

How is it that a social/legal system can be designed to bankrupt and scare the shit out of people who share a few movies or songs but barely put a dent in the people sending out millions of useless, offensive, and content-bordering-on-the-illegal emails? Is there nothing wrong with this?

Meridius Spam Appliance (1, Offtopic)

Morgahastu (522162) | more than 9 years ago | (#11848010)

My company uses a spam appliance called Meridius. It's based on some proprietary technology and uses spam assassin as a second layer. It has a very slick interface and stops about 97% of spam. Oh and it's made by a Canadian company called BlueCat Networks [bluecatnetworks.com].

do77 (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11848042)

direct orders, or the point more Market. Therefore the pRoject faces, Gains market share theorists - the prOject to [amazingkreskin.com] real problems that stand anymore,

personalized training (2, Informative)

the quick brown fox (681969) | more than 9 years ago | (#11848074)

Quinlan: Any technique that tries to identify "good" mail without authentication backing it up, or some form of personalized training. It worked well for a while, but it's definitely not an effective technique today.

What's wrong with personalized training? I get more spam than almost anyone I know, and SpamBayes does a fantastic job for me.

Re:personalized training (1)

bperkins (12056) | more than 9 years ago | (#11848138)

I think you are reading this as:

(Any technique that tries to identify "good" mail without authentication backing it up,) OR some form of personalized training.

But I think the intention was:

Any technique that tries to identify "good" mail without (authentication backing it up, OR some form of personalized training.)


It's that comma that's confusing.

I don't use it (1)

sfjoe (470510) | more than 9 years ago | (#11848161)


I admin a handful of domains and I don't use anything except blocklisting by IP address. I get a handful of spam emails per week that regularly get reported to Spamcop. Since I am in regular contact with many of the people that email me, I can be sure to know if I am falsely blocking innocent domains - hasn't happened yet. For some reason it makes many people crazy that my method works for me - so many people think they have the absolute right to contact me if it suits them. I feel that if you do business with a spam-supporting ISP, you have nothing to say that I need to hear.

DSPAM (1)

wumpus188 (657540) | more than 9 years ago | (#11848177)

DSPAM [nuclearelephant.com] is what worked best for me. It is not easy to set up but definitely worth the trouble.
As of today, 99.985% spam filtering rate.

The next frontier in spam fighting (4, Insightful)

PurpleFloyd (149812) | more than 9 years ago | (#11848221)

As alluded to in the article, the next chapter in the war against spammers is not going to be in blocking open relays [ordb.org] or known spammers. Rather, more and more spammers are using hordes of broadband-connected and spyware/virus-infested zombie hosts to do their dirty business.

This has both good and bad aspects. First, the good news: responsible ISPs will be able to block a good portion of spam at their routers and mailservers; it's not hard to detect and blacklist a PC which is spewing the same email to 20,000 different recipients. Unfortunately, it only takes a few poorly-configured ISPs to provide a great deal of bandwidth to spammers. Couple this with Windows' known security holes, and home users' typical apathy regarding patches and security updates, and you have a large pool of potential spam-hosts which cannot be as easily targeted as open relays or specialized spam-spewing servers. After all, if spammers are using a legitimate ISP's mail server to send spam, a remote admin can't block that mail server without also condemning large amounts of legitimate email to deletion, which may well be unacceptable.

The upshot of all this? The onus of spam filtering is going to be, more and more, on ISPs rather than on recipients. While this has its good side - spam filtered at the source doesn't take up as much precious bandwidth - it also means that filtering will be more difficult for those not close to the source.

Might as well p1mp my fave too... (1)

ErikTheRed (162431) | more than 9 years ago | (#11848236)

We run a cluster of Barracuda Networks [barracudanetworks.com] spam firewalls. They use mainly open-source software (spam-assassin on Linux, plus lots of other stuff), are super-easy to install, and they advertise on Slashdot. What more do you want?

remember the economics (1, Insightful)

LuxFX (220822) | more than 9 years ago | (#11848244)

It depends on how you define "spam-free." If you mean that nobody is sending spam, posting blog spam, sending spam over chat networks, etc. then I think the chances are rather slim. If you mean that most people will rarely see [email] spam, then I think it's possible.

But I think that one would lead to the other. If relatively few people are seeing spam, then suddenly spamming is no longer making money for the spammers, and they would eventually stop actually sending it.

Of course that's an optimistic scenario. It would probably lie somewhere in the middle. Fewer and fewer people see the spam, so spamming itself is less and less cost effective. Fewer and fewer spammers participate, while the remaining ones will have to reduce their fees since there will be fewer views. Fewer spammers and less money mean less innovation. Eventually (hopefully), the entire movement will slow down until spamming is only done by a few recluses targetting only the most oblivious users.

Yahoo works great. (-1, Offtopic)

agent (7471) | more than 9 years ago | (#11848267)

I love yahoo, and so do my parents.

Their email address is a trap, because I willing put their address out on the Internet for the search engines. They have no problem keeping up with the junk mail, because they know who their friends are. I also step in every once and a while and educate their friends about hoaxes. The three Lap Tops that I bought last year under her name makes her look like a real "nerd". But what really pissed me off, is that one of them was stolen in Greece. You see my sister and her husband tied the not. Yep they are happily married. Then they worked their asses off in another country, just to have some one steal their shit, and only receive $200.00 for what was a $1500.00 piece of hardware. Now mind you that I set this laptop up for them, and I used to have software called Stream Box VCR. Now who ever is the lucky owner of said laptop, and if they know how to do hard drive forensics, is in for a big surprise.

Now Gmail, that is a great place to store all of your "adult" material. You know, material from California, or Japan. But for the life of me, I can not remember the user name and password for that address. I am sure google knows, because it know who got the free beta address from who, and who sold some on ebay for $0.06 dollars, but then did not collect the money.

Let me tell you a little story about last night. Now that I am an un-employed hacker, I decided to go get a drink at a place that serves spirits. After imbibing my far share of liquor, I decided to close my tab. The happy bartender brought me the wrong card. Prior to being un-employed, I would instantly return the piece of plastic. Now that I am bumming around, It took me a little bit longer to return said monetary storage device. However, my, I am better than you, but not better then these people:
http://www.godhatesamerica.com/
Roman Catholic upbringing is telling me that I should shred the piece of paper that is my wallet. And in reality, I really should have never been tempted to look at said piece of plastic, and write on paper while looking at said piece of plastic. Now I am not nervous about people getting my info because I scratched the number off the back of mine. I also have "ASK FOR ID", but only 3 out of every 10 people actually do that, Thanks.

In summery, I would like to thank Mr. Bush for bring religion back into politics.
Amen. You have let me see the light, and I will not be doing any computer work for money, while your are in office. Computer Science will just be a hobby for now, a really strange and fucked up hobby.

spamass + mimedefang milter == peace (2, Interesting)

SCHecklerX (229973) | more than 9 years ago | (#11848276)

I drop more stuff these days before it even GETS to spam assassin to be analyzed.
  • Reject if on the spamhaus list
  • Reject if claiming to be your mail server in the helo
  • Reject if claiming to be RFC1918 space in the helo
  • Reject if there isn't a '.' somewhere in the middle of the helo (simple way of checking for FQDN)
In addition, configure sendmail to do rcpt flood rejects, and even better, enable greet_pause. I've rejected quite a few with those.

Anything that gets through all of that is then analyzed by spamassassin. WIth Bayesian training, my current threshold is 3.0. Anything legit is normally -2.0 or less. I Totally DROP through mimedefang anything greater than 7.0. Anything from 3-7 is dumped in a special folder on my local account via procmail. I analyze that stuff every now and then to see if it is time to once again lower the thresholds.

Also, continue to do the RBL checks in spamassassin (although it's a little redundant since I check spamhaus in mimedefang). That way you also get scoring based on SURBL..good stuff.

Spamassassin much better with personal training (3, Informative)

gvc (167165) | more than 9 years ago | (#11848297)

The article and the SpamAssassin documentation seem to imply that SpamAssassin is best used as a server-side filter.

In fact I've found it works great as a personal filter, if you configure it somewhat differently from the way the documentation suggests. That is, increase the weight of the Bayes filter, and have it train itself on every message it classifies. Then correct it on any mistakes it makes - which rapidly become few and far between.

Here's a paper [uwaterloo.ca] showing that SpamAssassin can achieve as good results as others touted for personal use.

Unfortunately SpamAssassin is a bit hard to install and set up. But if you have RedHat or Debian Linux, it is available by rpm/apt and you can install a few scripts to make it work.

I wish I had a better shrink-wrapped version, but I don't. So I'm supplying the raw files for one user in the hopes that (a) somewhat technical people can reproduce the setup and be happy, (b) somebody will make a shrink-wrapped version, perhaps with plugins or extensions or macros for more mail clients.

Here is the Linux Personal Spamassassin setup [uwaterloo.ca].

Easy manual sorting.. (3, Informative)

deacon (40533) | more than 9 years ago | (#11848381)

For those of us who prefer to sort manually, using Pine over SSH and leaving all email on the ISP's server works pretty well.

With a full screen terminal window, I can mark spam based on the name and the subject header. I can recognize spam at a rate of about 10 per second this way. With the names spammer pick, and the mis-spelled subject headers, it is pretty easy to pick them out.

Using pine, I never give a spammer info by opening web bugs. I can look at the raw email by typing "h" to show the headers, so all those phishing emails are immediately obvious.

Keeping the email on the isp's server means that when I rebuild a machine, I don't have to worry about about backing up my email.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...