Microsoft Researchers on Stopping Spam 294
TheBackBencher writes "Scientific American today has a very interesting article about "Stopping
Spam" by Joshua
Goodman, David
Hackerman and Robert Rounthwaite from Microsoft Research. They talk about different types of spam -- spam with emails, spam on IMs, spamlinks
on web pages and image based spam. They mention different techniques for
spam filtering mainly fingerprinting matching techniques, n grams model,
naive bayesian approach, optical character recognition, challenge/response systems and Human Interacted Proofs (HIP) in a very lucid style. They however do not mention fingerprinting approach of using Nilsimsa Hash to
tackle addition of random words by spammers in emails or hypertextus interruptus technique used
by spammers of splitting words using HTML comments, pairs of zero width tags,
or bogus tags. Also, Spam-Research is reporting the
SplitFit
Technique that Spammers are using to fool Yahoo! Mail SpamGuard."
The Microsoft way (Score:4, Funny)
Re:The Microsoft way (Score:4, Funny)
Well, there's egg and bacon; egg sausage and bacon; egg and spam; egg bacon and spam; egg bacon sausage and spam; spam bacon sausage and spam; spam egg spam spam bacon and spam; spam sausage spam spam bacon spam tomato and spam;
(punches self in face face hits keyboardadsfjlk;sjdafkldsajflsdak;fjsad;lfkjas;ld
I don't know... (Score:4, Insightful)
Re:I don't know... (Score:2)
They can try, but they will have a tough battle on their hands, and I bet the hackers will rather fight to the death/100% shutdown of the net just to piss em off and send the companies bankcrupt.
The IT techys working for the 'govt' wont be as motivated by desir
Re:I don't know... (Score:2)
That's silly. Encryption has been thoroughly reverse-engineered, but it's still completely secure. The Linux source code is widely available, but it is still considered relatively secure.
There are several competing proposals for how e-mail could be re-done to take into account the possibility of spamming. Preventing false headers and return addresses
Like the old saying goes....(sorta) (Score:5, Funny)
Spam is easy to define. (Score:2, Interesting)
No, Spam is easy to define, it is any unwanted emails. Name elements that make spam:
1) It is a form of communication
2) The communication is unwanted
3) The source of the communication is hidden
4) In recieving the communication, you use your bandwith or incur a cost
Re:Spam is easy to define. (Score:5, Insightful)
all email is communication
2) The communication is unwanted
"wanted" is a subjective property of the recipient - the computer has no programmable decision procedure for wantedness.
3) The source of the communication is hidden
There may be some system of authenticating sender ID, and will be as easy as getting ppl to use pk encryption.
4) In recieving the communication, you use your bandwith or incur a cost
again a property of all emaiil.
Re:Spam is easy to define. (Score:2)
Spam is a form of communication. You can't have spam without some kind of communication (I would like a definition that inclused the telemarketers and all the shit I get in the mail). That
Re:Spam is easy to define. (Score:2)
You over-estimate the average computer user.
If you're thinking of a transparent solution then you under-estimate how fragmented the e-mail client "industry" is.
Desirability does not need to be subjective. (Score:2)
-Messages whose senders I have not authorized to send me messages (that authorization could take the form of signed emails, white lists, etc)
Re:Spam is easy to define. (Score:2)
1) I didn't ask for it (unsolicited)
2) it's advertising a product or service (commercial)
3) I'll assume you know this one
The problem with your definition, as others have pointed out, is that both 1) and 4) is true of *all* email, and so are redundant. 2) is highly subjective, and may apply to genuine email too - is a mail from say a slashdot user calling me nasty names for something I said here unwanted? Yes. Is it spam? Not by most people's
Re:Like the old saying goes....(sorta) (Score:5, Funny)
It works surprisingly well most of the time, though it did once pick up a photo of a broken PCB as porn due to its detected "posture"
Re:Like the old saying goes....(sorta) (Score:4, Funny)
Maybe your engine isn't wrong. Maybe it's just perverted.
billy - hey...that's not sadistic...just kinky
Re:Like the old saying goes....(sorta) (Score:2)
Re:Like the old saying goes....(sorta) (Score:2)
Actually, spam is bulk email deliberately sent to recipients who did not request the mail.
The Arms Race Goes On (Score:5, Informative)
The ebay.com link showed up at the bottom of the browser, but was replaced with some kind of javascript mouseon event. This is probably not new.
Instead of random text to fool Bayesian filters, it had hidden recent news article summaries (bracketed by html comment tags) that would be similar to what you might post to a friend.
Spam filters will probably be upgraded to catch this soon, but it was the first time I had seen it. And of course as mentioned in the article, the ebay specifics where obfuscated by html tags between letters.
Re:The Arms Race Goes On (Score:3, Interesting)
However, this isn't what Joshua and the rest of MS are working on. His stuff is much more in the area of modifying SMTP so that untrusted clients have to perform some calculations before their email is accepted, or pay a few cents. My guess is it will fail since it doesn't account for zombie PCs but I'm sure he has something plan
Re:The Arms Race Goes On (Score:3, Informative)
to stop spam, (Score:5, Insightful)
How about a secure OS to get rid of zombies? (Score:3, Insightful)
Re:How about a secure OS to get rid of zombies? (Score:2)
If I can install and run software, and that software can make network connections, my machine can be zombified, and there's nothing that MS can do about it (or any Linux distro, or anyone else producing an OS).
Eliminate all the remote and local exploits, and you'll still be left with one - the user.
Microsoft Research (Score:2, Funny)
Or are they going to come up with an entirely new file system to combat it, hype it up for every Windows release, but then delay its release a few more years?
Oops, pardon me while I reminisce about all the great advances Microsoft Research has given me
Or perhaps... (Score:3, Funny)
Or they will invent a brilliant new way to stop spam but as it requires the user to recompile all their OS and apps every 3 days it never gets used.
Or they just tell the end users "Why dont YOU code some anti-spam software?"
Or they produce an anti-spam system but the user must install 3 desktops and window managers, requires a 10,000 line config file that must be written by hand, comes with ei
Re:Or perhaps... (Score:2)
Their Anti Spam system will reduce your Total Cost of E-mail. Or raise it a little. Or possibly keep it the same.
Their (K)illSpam system will be promply forked into five apps known as GnoMoreSpam, OpenSP, Xithergy, WAGIJIG, and Betty.
It will accept, filter, parse, and sort incoming mail, while additionally precaching any keywords you are likely to look up on google, but it will take twenty minutes to open an ASCII based letter.
It wil
Re:Microsoft Research (Score:2)
Re:Microsoft Research (Score:2)
Re:Microsoft Research (Score:3, Funny)
Clippy "It looks like you are trying to send a lot of e-mail. Would you like to send the first one to 1lol56@aol.com?"
Clippy "It looks like your return address is incorrect. Would you like me to fix it?
Microsoft Research? (Score:3, Funny)
Whoa, he's an expert? (Score:3, Informative)
How much credence should we put into an analysis from a guy who goes to the spammer's web site to unsubscribe?
Slashdot typos strick again! (Score:5, Informative)
I thought the name David Hackerman was a bit too good to be true, and it turns out it was. Following the link shows that his name is David Heckerman [microsoft.com]. Note to /. eds: please proofread your posts. It's not like they're very long...
"SplitFit" (Score:3, Interesting)
Dera Blcraays Mbmeer, Thsi eamil was stne by the Barclays serevr to vreify yuor emial adsserd. You mtsu competel thsi pssecor by ccilking on the likn bewol and entireng in the smlal wiodnw yoru Braclays Membership nrebmu, passcedo and meelbarom word. Tsih is doen for yruo proteoitcn - buacese semo of our mrebmes no lonegr haev assecc to theri emlia adserdses and we muts virefy it. To vyfire yruo eiaml arddess and accses yruo bnak anuocct , cilck on the lnik bolew:"
That email is extremely difficult to filter out because the only 'real' words are no, of, our, and, etc. Simple words that occur so many times in legitimate emails that most spam filters practically ignore them. But I have to wonder.. who would actualy 'cilck on the lnik bolew' anyway? I hate to use the term 'you get what you deserve', but if you are naive enough to click the link, then the problem isn't your spam filter, it's you.
Re:"SplitFit" (Score:4, Insightful)
That garbled text is ungarbled by certain software (i.e. outlook). That's because there are invisible chars in there that activate the "right to left" mode.
Example:
De*ra* B*lcra*ays M*bme*er
translates to:
Dear Barclays Member
(I tried to copy the text I got in Yahoo, and paste it in MSN messenger. Amazingly, the text was "ungarbled". That's when I realized how tricky spammers were)
SPAM software could simply detect left-to-right characters in such text, and ipso-facto label it as spam. Unless of course, you're reading hebrew. Which is obviously NOT the case.
Economic problem--NOT technical (Score:4, Insightful)
The article barely mentions economics, and only in terms of the real costs of email--which only shows how much room there is for a real economic model with real business, real email, and *NO* spam.
I really wish one of the major email players would offer an option for prepaid email. That would be an absolutely spam-proof system. It doesn't matter if the postage is two cents, the spammers can't afford it. Two cents against 50,000,000 spams turns out to be *REAL* money. Any email via that address would be at least some kind of real thing.
Re:Economic problem--NOT technical (Score:2)
I would agree with this, to an extent. If I can finger anything that is obviously broken in SMTP it is that it lacks verification of the sender domain (sender).
That makes it way too easy to fake out who sent the email in the first place, hence phishing and faked email headers. It also makes it impossible to use reputation as a spam fighting tool- the spam currently appears to be coming from all over the place, whereas in reality only a tiny,
Re:Economic problem--NOT technical (Score:2)
This doesn't seem to be a major issue for telemarketers and direct-mail advertisers. All it will do is make the spam glossier.
Well, that's not entirely true. It will reduce the volume of spam. But in the process it will reduce the volume of email, period. It's a bit like fighting crime by decimating the population.
Re:Economic problem--NOT technical (Score:2)
Email is *NOT* free. It has *NEVER* been free. SMTP email pretends to be free and there is no pretense of accounting. That is because the original design of SMTP was the fantasy of fairness and equality and all that wonderful stuff. As long as both of us send and receive about the same amount of email, we can cancel things out without worrying about the exact accounting.
In reality, there are costs of email, and they are simply di
Re:Economic problem--NOT technical (Score:2)
my solution (Score:3, Interesting)
To stop spam, stop the money laundering (Score:5, Interesting)
Legally, this is promising. First, there's no free speech issue. Second, in most jurisdictions, it's illegal to operate an anonymous business. So most spammers are criminals. Third, laundering transactions through intermediaries is usually a crime, too.
The problem for law enforcement is that following the money is difficult. Additional technical support for that would be a big help.
A good starting point would be to get a credit card issuing bank to cooperate in a scheme where, when one of their credit cards is used, full transaction details, including the payee's full identity, are immediately returned to the cardholder, using encrypted E-mail or some other secure means. That would make "following the money" much easier. This only requires one cooperating bank. That bank's credit cards might become popular with heavy Internet users. Especially if this works for prepaid credit cards, so you can find out who's behind a web site by using some disposable credit card.
The next step is to crack down on "credit card intermediaries". Non-bank credit card intermediaries that handle spammer transactions should be stuck with the legal liability of the spammer. Legally, they're the "merchant". They shouldn't be allowed to pass the buck to some other party. This will make "cheap merchant accounts" harder to get, which is probably a good thing.
Re:To stop spam, stop the money laundering (Score:4, Insightful)
Of course the FBI can't arrest people in the lawless places of the world like croatia and hungry so those government will need to shed their corruption.
In other words I don't think your scheme will work because so much of the world is out of the reach of law enforcement.
Re:To stop spam, stop the money laundering (Score:2)
Speeding up the disclosure of the identity of credit card merchants from 30 days to two minutes makes finding them much easier.
Re:To stop spam, stop the money laundering (Score:2)
Apparently those that are launching a relentless stream of spam and hack attacks on my firewall from "Hungary" haven't gotten the message yet. From what I hear spam and hacking are the least of it.
Re:To stop spam, stop the money laundering (Score:2)
Hidden Markov Model (Score:3, Interesting)
A very basic filter will work this way:
Train a network of say, 30 to 40 units, with any english text. The training text doesn't just have to be limited to letters and numbers, it can include other ascii characters as well, because the hidden markov model will create distributions for them as well.
Now, for each new email that comes in, grab random chunks of text (maybe random 30-character strings) and see how probable the text would be in this hidden markov model. If it turns out not very likely, then scrap it.
Any thoughts?
Re:Hidden Markov Model (Score:4, Insightful)
If we move to filtering spam using markov models, spammers will begin structuring their emails so as to target markov models. Look forward to all your spams ending in 500-word blocks of text from a copy of MegaHAL trained on old grandmothers' email boxes.
Re:Hidden Markov Model (Score:2)
Some spam is already including the text of random news articles to defeat filters...
Solution or complication? (Score:4, Insightful)
Trying to find a solution to spam is an idea in the eyes of experts and analysts. But to spammers, it's a road block that they must work around to stay in business.
Spamming techniques will no doubt end up as signatures in spam filters that are not unlike those signatures used by IDS and virus scanners. The experts don't seem to understand that if there's a will, there's a way. And the spam will just keep coming in another form or by some other technique. All that can be done is to keep up with changing techniques and patterns and treat spam for what is truly is -- an attack vector.
Re:Solution or complication? (Score:2)
We need to stop spam legally and politically. Instead of targeting the spammers, target the companies that utilise it. If it were illegal to advertise your product via spam, there would be no market for it. It cant really be circumvented - somehow there has to be a link to the product/company in the email.
briefly worked on contract for a spam company (Score:4, Interesting)
What's so bad about spam in the first place? (Score:2, Funny)
What you call "spam", I call "emails that help me learn about the latest products, websites, and business models". You want less of it? I want MORE of it. "Spam" keeps me informed about the world. And the fact is, consumers LIKE spam. Why do you think spam is profitable? Because people buy the products advertised! Studies show that 3 in
Re:What's so bad about spam in the first place? (Score:2)
How is it acceptable to be sitting at work and recieve pornographic SPAM selling sex sites, penis enlargement and viagra?
You might want junk mail, but it seems that the majority of us dont.
Re:What's so bad about spam in the first place? (Score:2)
Studies show that 3 in 5 people who dislike "spam" have actually bought something online.
I fit right into that catagory. I get lots of spam. I have bought something online. Is this related somehow? I dislike SPAM. I bought a game. The SPAM and the game purchase are unrelated. I have bought nothing from any e-mail I have ever received.
I did a search to see who had the best deal on the game I wanted. I did not search my e-mail account for the information.
Please
Re:What's so bad about spam in the first place? (Score:2)
Thanks for the clarification. The original context tended to imply the online purchases were from SPAM e-mails. Thanks for the reply that not that many people have responded to SPAM.
Spamalot (Score:2)
The viral spams, where a virus reads a contact list and sends itself to the contacts from a familiar (and actual) address, are vulnerable to a server-based strategy. Servers could detect identical (or n
Spam still an issue? (Score:3, Informative)
If everybody did this, the volume of spam would quickly dry up. Because when people don't see the spam, they can't respond to it, and when they don't respond to it, the spammer doesn't have a business.
Educate the people around you and help them reduce the spam that gets to their inbox. Don't support solutions which effectively render nodes at the network periphery to second-class status.
Commitment (Score:3, Interesting)
the anti-spam "it won't work" checklist (Score:2)
Your post advocates a
(X) technical ( ) legislative ( ) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists
Why Do People Use HTML for Email ??? (Score:3, Insightful)
So why on earth do people still use HTML in their email? Email should be plain text only anyway.
I think all HTML mail is spam. (Score:2)
Personally I'd like to be able to specify that I simply will not receive HTML mail. If someone does send it to me then I'd like my mail server (even better my ISPs mail server) to automatically return a "this recipient does not wish to receive HTML formatted email, please either resend as plain text or don't bother" reply (or is it that this is already possible and I'm just too lazy to work out how to do it ?
Dyslexix phishing (Score:2)
Re:The way to stop spam... (Score:5, Insightful)
I would hate to have to explain all my actions to my ISP. Espically with the way media is driving the internet nowadays. 200MB is way too small of a limit.
Now, you can monitor how many e-mails are sent by a host. That would be a better way. At least there could be a filter on the "to:" line. If that list includes over say, 1000+ users, consistantly, then at least there could be some flags raised.
Re:The way to stop spam... (Score:2)
Now, you can monitor how many e-mails are sent by a host. That would be a better way. At least there could be a filter on the "to:" line. If that list includes over say, 1000+ users, consistantly, then at least there could be some flags raised.
That is a good point. With my daily bandwith threshold test, I was thinking that if someone is uploading
Re:The way to stop spam... (Score:2)
Now, you can monitor how many e-mails are sent by a host...
Doesn't Gmail do this already (i.e., receive and analyze millions of messages)? Junk could be filtered with legitimate mailing lists getting a "pass" based on criteria from recipients.
OK, bad idea and someone's sure to post one of those automated checklists any time now.
Re:The way to stop spam... (Score:2)
SO, I'll need to explain to my ISP why I'm using a lot of bandwidth every other day or so? Doesn't that strike you as just a little bit of a pain in the arse? (Not to mention the privacy implications)
You can't even have a system whereby if someone proves themselves to be a genuine "heavy internet uesr" over some period you stop checking them, as their machine could be compromised at any time.
Ugh (Score:4, Insightful)
First, I guess you didn't see the guy in VA who just got something like 9 years in jail.
That said, spam doesn't obey jurisdictional boundaries. Any single country can only solve a small part of the problem, and any spam incident often involves over 3 jusrisdictions that may be in separate countries (sender, spambot, recipient, etc). That's a logistical nightmare that isn't soluble outside of a dream world.
Also, force all ISP's to monitor how much bandwith a source has. If you get too much usage per day, say 200 megabytes or more, then that person has to explain why they need that much bandwith. If someone gets the RIAA on board, with their lobbyists, that should pass very quickly.
That's fantastic. Trade a bad problem for one that's much worse. Get the RIAA to legitimize their practices by using a guise of stopping spam? Let's not.
Also, force all email to have some element which identifies the source. Not just a header that can be forged, but something that can't be hacked.
Now by force, what do you do if they don't? Enforement issues again here.
Ultimately, legislative solutions for spam DO NOT and CAN NOT work for much but a small part of the problem. It's satistfying when some moron is clumsy enough to get caught (as with the guy in VA), but mostly these days the spammers aren't that stupid. Technological solutions work far better.
Re:Ugh (Score:2)
The convenient thing here is that jurisdictional boundaries are often accompanied by physical boundaries, such as the atlantic ocean. There is a known number of internet links into the Unit
kill botnets , thats the solution. duhhhhh (Score:2)
1. find all bot net PCs
2. once found, firewall them so they can ONLY LOOK at the ISP homepage, nothing else.
3. dont let them in until the user cleans the PC.
4. find the irc channels that bot nets connect to, and log their servers to see who is controlling the bot nets, if a private irc server, firewall it world wide amongst the big ISPs/international gateways.
5. Find all trojan websites and get the host
Actually, it's not that complicated (Score:3, Insightful)
2. It's mostly your spam that's dumped upon the rest of the world. USA is currently _the_ biggest source of spam, followed by... offshored operations paid for by someone from the USA.
So on one hand, the USA could halve the
Re:Ugh (Score:3, Insightful)
None of those "let's redefine the SMTP standard" crackpot schemes are going to w
It willl never work (Score:2)
Yes the ISP could monitor the bandwidth on port 25 or just block port 25 and people could still download ISO or large updates. This still wouldn't stop it. Why? What about servers in Russia or China. Do you think american laws have any effect on
Re:The way to stop spam... (Score:3, Insightful)
A better strategy, IMO, is to work on the commercial level. It has been said here on
Re:The way to stop spam... (Score:2)
I agree 100%. The problem is educating the "average" PC user to recognize spam. To most of us it's easy, but to a casual user, that offer they received looks like a great deal. Hm, refinance at 1.3% interest? Enlarge certain appendages with all-natural herbs? One must be educated to be able
Re:The way to stop spam... (Score:3, Informative)
I don't see that helping. Legislate in what jurisdiction? In which countries can it be enforced? Note that one can simply lease servers in a country immune to such legislation, or outsource to a company in such a country.
Besides, FAX spam has been illegal for years, yet it continues to happen pretty constantly.
Also, force all ISP's to mon
Re:The way to stop spam... (Score:2)
And I've seend spam promoting a completely unaffiliated site, in the interest of getting a competing site shut down.
Just to clarify, the typo should have said I've seen spam.... The way it's typed could be interpreted as I've sent, which is certainly not the case...
Re:The way to stop spam... (Score:4, Interesting)
Plus, with the postal service, there are 1000's of laws in place. If I send you an offer through the mail designed to rip you off, that is a federal offense. You can't use the US Postal Service for illegal activities, if you do you get caught.
Remember the movie The Firm? They did not convict the lawyers for tax evasion or any other crime. They convicted them for mail fraud. And if you let the worst spammers know that each and every time they send a message that is spam, each instance will incur a penalty, that might stop them.
Re: (Score:3, Insightful)
Re:I have an idea (Score:5, Insightful)
The thing is, I don't belive spammers ever remove an address due to an error. I had a domain that received a ton of spam, and that domain expired. Two years later (fighting with Network Solutions) I got the domain back, and immediately started receiving a ton of spam. Two years of spammers sending spam to invalid addresses (no DNS on the domain) and they still continued.
Why?
Simple: the spammers don't receive bounce messages, and the spam-servers (which could be static servers, or compromised zombie machines) don't provide accurate return information. Much like how telemarketers often show invalid or "Unknown" caller-ID info. It costs nearly nothing to send a spam message to an address, whether that address is valid or not. It costs much more to weed out invalid or unreachable addresses from your list by intercepting bounce messages etc.
And spammers don't give a shit. Most of the time, they are using someone else's machine (a zombie'd Windows box, or an open relay) so they don't need to care. So this trick simply doesn't work. It's cheaper to just continue sending to invalid addresses. Not to mention, many newbie spammers get their lists from less-than-legit sources who are selling large lists; they don't care (and are usually fully aware) that many of the addresses they are selling are bogus or no longer valid...
In short, simple tricks like this don't work, when dealing with an "industry" that doesn't give a shit...
Re:I have an idea (Score:5, Insightful)
Authenticate SMTP with public key signing. -- Then use a trust network to only accept email from trusted companies.
Why it won't work:
It involves effort and cost.
Baah, the internet should be unregulated, if they can get rid of SPAM then whats to stop them getting rid of porn, anti-government information etc. There's a road we all want to go down.
Don't buy it and Get over it(tm).
Re:I have an idea (Score:3, Interesting)
Anarchy never worked in the real world, how could it work in the electronic world?
Re:I have an idea (Score:2)
Re:I have an idea (Score:2)
STOP FORWARDING! (Score:2)
Once done, then ALL mail administrator can then implement DNS verification against the sender^H^H^H^H^H^Hspammer's IP address. If they don't match, NULL-BIT bucket it.
Seems like a small price to pay for restoring normalcy (until the next SMTPv2 comes along).
Re:STOP FORWARDING! (Score:2)
Sam
Re:I have an idea (Score:2)
Re:Great - that will validate emails for spammers (Score:2, Informative)
This would be completely done server side. Just like when you sent an e-mail to a host, and you get returned mail because you somehow typed in the address improperly. There would be no difference between that message and one that was sent to a user and then flagged as spam. It would be impossible to tell the difference if the user was a valid address or not.
Thats what I am getting at.
validating email addresses for more spam (Score:4, Insightful)
I don't undertsand this. On one hand, you have the police saying they can't track spammers. Spammers use drones, they remain hidden, they hide their tracks. On the other hand, if you unsubscribe, they know your email is a real one, and you get more spam. That tells me whoever runs the unsubscribe service is in cahoots with the spammer and is just as guilty. They have to know where to send their lists? Just track them as part of the war on spam.
Re:validating email addresses for more spam (Score:4, Informative)
Re:validating email addresses for more spam (Score:2)
Maintaning secret knock patterns and keeping track of which ones are where (if they are all the same it seams a honey pot would be a good investment to me).
logging of requests for invisible
Re:validating email addresses for more spam (Score:2)
Re:I have an idea (Score:2)
Re:I have an idea (Score:2)
That's exactly how it happens. The spammer places an innocent domain name in the "reply-to:" field and HREFs in the message-body to reply through.
It has been happening lately with one of my domains - I get bounce emails explaining that the spam filter at wherever.com can't deliver my adverts for full-length adult DVDs...
So please, if you get this crap and need to respond, don't use the "reply-to:" field - it's fake
Re:I have an idea (Score:2)
Re:Take a lesson (Score:4, Insightful)
Re:Take a lesson (Score:2)
Re:The easiest way to stop span. (Score:2, Insightful)
That'll trim spamming more than any 'message count'.
Re:The easiest way to stop span. (Score:3, Informative)
Very true. They use a botnet.
They send it straight through their computer.
Not they don't. It's the easy to be on a RBL.
Now, you could put outbound filtering on port 25, and require everyone to send mail through the ISP's servers (with authenticated SMTP of some sort), though there will be some legitimate traffic surpressed if that happens...
The botnet is used to send just a few e-mails from each bot. Get an unfiltered inbox. Check the multiple cop
Re:bullets are cheap (Score:2)
And a couple dead Joe Job'ed anti-spammers would get law enforcement heavly involved.
Re:A penny an email will keep the Spammer Away (Score:2)
what if people talk in latvian? (Score:2)
Im sure email that is written in PNG or other languages that arent in the top 10 will look like '99% wrong spelling'