Spam Filtering Floods Innocent Inboxes

Discussion in 'other security issues & news' started by ronjor, Dec 5, 2006.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
    Article
     
  2. phasechange

    phasechange Registered Member

    Joined:
    Aug 10, 2004
    Posts:
    359
    Location:
    Edinburgh
    It's a bit like bounce-back option on Mailwasher Pro :

    "Bounce back unwanted email to the spammer so it looks as if your email address is not valid.

    This makes the sender think your address is no longer active, so your name is removed from their list."

    Which is fine if (1) the spammer is listening and (2) they bounce back to the spammer and not to some poor guy whose email address has been harvested/bot-neted. In my experience you (1) and (2) are never both true at the same time.

    We are adding to the problem with these opt-in systems. I personally think a combination of DNS blacklisting, whitelisting, spam filters, and knujon type services that chase the advertised service are the closest to an answer that we will get.

    It's about time the UN decided to police the internet against Spam and an international convention on Spam was established. I get the same products, services, and stocks spammed to me all the time. It's about time those companies were brought to book. Spam is a disease.

    Phasechange
     
  3. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    Spam is a uncurable disease. Politics does not play a part in solving technological problems.
    From my point of view, a international convention can't solve the problems caused by malware or spam, so long as we have a bunch of uneducated and unaware computer users these problems are never going to go away.

    Experienced users & experts can help with the knowledge and advice that they have, but the users must help themselves too.
     
  4. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    No, this isn't right. First there is, and can be, no obligation whatsoever on "uneducated and unaware" users to improve their skills or knowledge of computers. Users learn - if they so wish - what they need to, to get things done. Beyond that, you can expect no more.

    Spam is a curable disease, at least it can be cured sufficiently for it to become a non-issue. There are lots of accurate anti-spam technologies available (without having to resort to inexact and false-positive rich Bayesian methods) that, if implemented widely on ISPs' mail servers (and corporate MTAs) would cut spam by 90% or more. Clearly, ISPs do not see incentives in implementing them, though. That's where legislation can help.

    In fact, there's no need for worldwide agreement. Suppose the US or UK governments, for instance, introduced legislation which required all ISPs based on home soil to implement defined anti-spam technologies, then all the end-user customers of those ISPs would benefit enormously. Instead of 80% of those nations' emails being spam, it would be slashed to, say, 10%. That would have huge economic benefit for the countries involved, killing the greater part of the spammers' revenue at a stroke.

    I'm sure some people would see this as heavy-handed but, hey, so what?
     
  5. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I don't see that as a solution just because a- spammers are always changing their techniques, so what works today might not work tomorrow, and b- you're always going to have false positives, filtering legitimate emails. I don't know about you, but if I'm emailing someone about anything that could potentially be purchased, I always fear that it will get sucked up into a spam filter, and sometimes it does. I think that ultimately the cure will have to come in the form of a new email technology all together that verifies the sender, and verifies that they intended to send it. That is unless a way can be found to make spam unprofitable.
     
  6. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    Sure, spammers are always changing their techniques, but there are still accurate server-based anti-spam technologies which will continue to significantly reduce spam levels. In any case, when the spammers make a major shift of technique so the defensive measures need to adjust accordingly (just as they do now for those servers which do implement anti-spam). False positives can be kept to a minimum by the use of the right techniques, coupled with enforcement of certain - already existing - standards on public mail servers.

    There are already server-based sender-verification technologies available, such as SPF, which - if implemented globally (or nationally) - would have a very significant impact indeed. The only problem is the lack of take-up. There's no technical justification for SPF not to be implemented - it is just lack of will, or indifference, that has held it back. That's why legislation is needed. It would work, because it would make spam unprofitable.
     
  7. phasechange

    phasechange Registered Member

    Joined:
    Aug 10, 2004
    Posts:
    359
    Location:
    Edinburgh
    I think technology is part of the solution but spammers will keep getting round technology however if you can take the profit out of spamming then there will be no incentive for them to do so. The way that profit could be taken out of spamming is if Interpol started pursuing companies whose services or shares ("stocks" in US) were being promoted and fining them then they would quickly learn not to pay spammers. If they offered a reduced fine (25% reduction say) for handing over sufficient evidence to convict the actual spammer then this could have an enormous impact.

    In stead, what do I have in reality... in the UK I can download http://www.informationcommissioner.gov.uk/cms/DocumentUploads/Electronic_Mail_Complaint2.pdf this ridiculous form and send it to the Information Commissioner (http://www.ico.gov.uk/) to report A spam email. In other words the government wants me to go away.

    It's time to get tough.

    Phasechange :ninja:
     
  8. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    ... for people to stop responding to spam. It's the same with regular junk mail. If there were not a market for it, it would not be profitable, and would cease.

    We (I included) assume that it is the not-so-literate computer public that feeds on spam.

    Not so. At least in one case. I and a friend, retired - who did computer work in his industry - were talking about spam, and I mentioned that surely, no one we know, would read/open spam. Well, he does.

    "Why?"

    "I'm curious. Sometimes I find good deals on stuff."

    "How often to you peruse your spam?"

    "Every day."

    "Shouldn't this stuff be forced to stop?"

    "No, it's a free country; anyone is welcome to just filter/delete the stuff, just as you throw away your regular junk mail. If we force spam to stop, we should force the ceasing of regular bulk/junk mail"


    I wonder how many others, unbeknownst to us, feel this way!

    I mentioned to him the article ronjor posted. He agrees that it is a bad solution and knows of several such instances where it creates a huge problem.

    regards,

    -rich
     
  9. softtouch

    softtouch Registered Member

    Joined:
    Jan 31, 2006
    Posts:
    415
    A friend of mine having the same problem currently.
    He receive thousands of "undelivery notification" from emails he never sent.
    Look like somebody use an anonymous emailer, use his email as sender and send to a user which does not exist, so the server will return an unknown user/undelivered notification, to the inbox of my friend.
     
  10. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    This is a common issue, and is created by spammers using spoofed "From" and/or "Reply-to" addresses in their emails. Defence against this kind of 'spam bomb' is best done at the server level (i.e., by your friend's ISP), and is one of the big problems that can be eliminated by widespread use of SPF, or by mail servers rejecting non-verified emails (i.e., those that do not pass SPF checks - there are other ways to handle this too) at the protocol level rather than by sending back NDRs. There are server anti-spam solutions which do this effectively.

    This is just another reason why I promote the enforcement of effective spam controls on ISPs. Give them the will to do what they already can, but choose not to.
     
  11. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I'm inclined to agree, although technology leaders could also implement new standards as well.. perhaps something different will emerge with IPv6.

    With the environmental issues we face today, I tend to think that we should.

    I would probably point out that there are newsletters that you can sign up for to get better and legitimate deals every day, ones that don't overload "stolen" servers and get innocent people's email addresses black-holed across the internet. I would ask if his definition of a free country includes infecting innocent users' computers with trojan mailers, hacking into other people's email accounts and/or mail servers, and if they should be allowed to retaliate in anger, doing what they can to make your internet experience as miserable as possible, when someone dares to ask to be removed from the mailing list or report illegal activity. There is legitimate bulk emailers out there, but that's not what's being referred to.
     
  12. phasechange

    phasechange Registered Member

    Joined:
    Aug 10, 2004
    Posts:
    359
    Location:
    Edinburgh

    I open Spam to decide which Knujon email address to send it to: stockjunk or general spam :D To be accurate I use the Thunderbird preview screen in the Junk folder. I would rather not even take this minute risk but I think the risk is very small anyway. (HTML is not downloaded).

    I think very few people want unsolicited email and their disappointment if it was eradicated would be small and they would soon get over it.
     
Loading...
Thread Status:
Not open for further replies.