Turing Tests to Stop Spam 284
cexy writes "The Register has a story about how Hotmail and Yahoo! are using Carnegie Mellon developed captcha technology (completely automated public Turing tests to tell computers and humans apart) to stop spammers from automating signups for accounts from which they can send spam. These guys are using captcha too, but to stop incoming spam."
Yahoo works, hotmail not (Score:4, Interesting)
Re:Yahoo works, hotmail not (Score:4, Informative)
At least that was the case the last time I ran this little experiment...
It's no secret, at least it shouldn't be, that Micro$oft is making money selling your hotmail address (yet then they spam you with advertisements for their spam-blocking software)...
*sigh*
Re:Yahoo works, hotmail not (Score:5, Informative)
You must have some bad luck. I've got a hotmail account I've used consistently for two years, and I'm typically around ~10% of my quota.
Either you're advertising your email address, or you've got some really easy to guess address, because the behavior you describe is far from typical.
Re:Yahoo works, hotmail not (Score:4, Funny)
Ambrose Buse
abuse@hotmail.com [mailto]
Re:Yahoo works, hotmail not (Score:4, Insightful)
I've had my Hotmail account for nearly three years, and I typically get about 5-10 spam messages per day - not a lot. I have custom filters that catch all emails with "mortgage, viagra, debt" - this catches most of the spam I get (I actually don't filter porn spam, well I haven't really tried, as at least they are creative with their subject lines - "Knob Gobblers" was a favourite - I've had some other funny ones too)
My username is 11 characters long with an underscore - this is probably a bit out of range for your typical "brute force"/random sign up name spammers.
So - if you want to use popular free email services, perhaps follow the same guidelines for creating secure passwords? Numbers, special characters,(although this is a bit more limited with email) and more importantly length of name!
Re:Yahoo works, hotmail not (Score:3, Insightful)
However, I gave my email account to one site and went from 0->2MB quota filled in less than a day in much less than 2 months. It's all about who or what you're in contact with... not about the service itself.
Re:Yahoo works, hotmail not (Score:5, Insightful)
Instead of just experimenting by setting up a Hotmail account, has anybody ever tried the other way around? That is, pose as an advertiser and approach Hotmail about e-mailing their users?
Re:Yahoo works, hotmail not (Score:4, Interesting)
This is simply not true.
I used to have a short email address (5 characters) @ hotmail. I got A LOT of spam. I closed the account and made a new one, which included my first name, middle name and last name. I only gave out the e-mail address to a few people, and I have NEVER received a single piece of spam through that account.
Spammers are using "brute force" to find e-mail addresses randomly. They send a test e-mail (or even the 1st spam) and remove the ones that bounced. Voilla, now they have a complete list of all e-mail addresses 6 characters or less.
Re:Illogical. (Score:3, Insightful)
Re: (Score:3, Interesting)
wrong (Score:2)
1.) you sign up for something with that email
2.) they randomly generate it
3.) yahoo/hotmail sells/gives it to them or they get hacked
Re:wrong (Score:2, Informative)
Re:wrong (Score:4, Funny)
Re:Yahoo works, hotmail not (Score:3, Informative)
-Berj
Re:Yahoo works, hotmail not (Score:2, Informative)
Re:Yahoo works, hotmail not (Score:2, Interesting)
Hotmail is more popular (Score:4, Interesting)
Re:Hotmail is more popular (Score:4, Insightful)
This kinda defeats the object of email - for people who barely know you, if at all, to contact you. Email is excellent at bringing together people from all over the world - what's the point if only people you already know can contact you using it? Wasn't the Internet supposed to surpass the letter and the stamp?
I'd rather put up with the spam. But if you really need to avoid it, do what I do: use two accounts: one for online publishing on the Web and sites like Slashdot, and the other for people I know. You get the best of both worlds.
Re:Hotmail is more popular - but now? (Score:2)
The custom filter option in Hotmail now is restricted to just 10 filters. I have 32, and if I edit them once now, I'm sunk. 10 can't possibly keep out all I'm succeeding with now.
Boobs [I wish I had real email with this in the title, but I don't]
Virgins [Once again, wishful thinking]
DVD [Don't own a drive yet]
FREE [Do your friends tell you you are getting something for free?]
And I don't bother reading any "Re:Your Inquiry" emails. I mean, how stupid do you have to be to send an email to someone with the subject "Your Inquiry"?
CAPTCHA project (Score:5, Informative)
http://www.captcha.net/ [captcha.net]
Re:CAPTCHA project (Score:3, Interesting)
The source code is there to download, but are we allowed to use it in our own sites?
Re:CAPTCHA project (Score:2)
I speak as one who did just that, BTW. Last page of http://justice-email.findlaw.com/cgi-bin/survey.c
Re:CAPTCHA project (Score:5, Informative)
First of all, the largest sole source of CAPTCHA funding is the National Science Foundation, so if you are a U.S. taxpayer, you are paying for this work.
Having said that, the rights to and interests in NSF-sponsored work are very much up in the air, nowhere moreso than the Carnegie Mellon School of Computer Science. The Dean is said to have a somewhat different view than the Provost, who is probably not in agreement with the President, and the Board of Trustees are clearly all over the map on the issue, too. CMU is a study in contrasts when it comes to intellectual property opinions. CMU switched intellectual property policies [cmu.edu] exactly three days after I entered (yeay for freshman camp -- I knew it was worth the extra few bucks!) and the new (1985) one is draconian yet astoundingly vague [cmu.edu]. So, the authors might not even know the actual rights under which they are allowed to distribute their software. Noboday may know -- often an ajudication committee is required to make an arbitrary decision on a case-by-case basis.
However, principles of academic freedom have repeatedly trumped the Intellectual property policy, and that means that the researchers have the right to publish their code as sceintific research results, without restriction which is what they have apparently done. The scientific method requires absolutly no restrictions on such results (so as to allow for unimpeded replication), which means that the code is in the public domain. Even if it is released under copyright or GPL later, it is still in the public domain.
I am not a lawer, but years ago I paid a lawyer to answer a related question and I am faithfully repeating his answer above.
Re:CAPTCHA project (Score:4, Insightful)
So, while I commend their effort, I wish CMU would work harder to make their tools available not just to commercial sites but to the Open Source community and projects like Slashcode. This would help the captcha project actually accomplish its mission of protecting users from abuse, instead of leaving sites like Slashdot vulnerable to any 13 year old Visual Basic programmer with a grudge and a clue.
Re:CAPTCHA project (Score:4, Informative)
Re:CAPTCHA project (Score:3, Interesting)
I believe we have miscommunicated, and I apologize. What I meant to point out was that the code was so inacessible that professional Slashdot programmers had to start from scratch rather than use any of the 5 systems developed at CMU. This means that not only was it a little harder than "make install", but it would have taken more time to adapt the CMU code than it did to attack the problem independently from scratch. There really isn't any other answer to the question of why Slashdot spent months developing a home-brewed system that doesn't even come close to measuring up. I think we'd all agree that the Occam's Razor dictates this answer, since the only other possible alternative was that deep-seated hubris or other mental defects prevented them from using off-the-shelf software.
Re:CAPTCHA project (Score:5, Funny)
CAPTCHA: Hello. I am CAPTCHA. How can i help you?
SPAMMER:
C: Please go on.
S: I would like your email address.
C: Can you elaborate on that?
S: I'm planning to spam you.
C: Does it please you to believe I am planning to spam i?
S: What the fuck?
C: Does that question interest you?
S: ARGH!
C: Please go on.
automated turing test (Score:3, Interesting)
maybe it's just my cognitive science degree making me touchy, but i'd prefer the term "automated coherence filter" or something(even "automated intelligence test" would be an improvement).
Hasn't this been around a while? (Score:2, Insightful)
Re:Hasn't this been around a while? (Score:2, Redundant)
Likewise, a legless person... (Score:2)
AFAIK, /. doesn't do business with the government.
Are you sure? I'd figure that Congress has set out a pretty broad definition of "doing business with the government", just like the government tries and usually succeeds to classify virtually all commerce as "interstate commerce".
Besides, a blind person could always get a sighted person to help them with the one-time account signup.
Likewise, a person using a wheelchair could always get a walking person to help them with climbing the landlord's stairway to sign up to rent an apartment.
What I want to know is... (Score:4, Funny)
Re:What I want to know is... (Score:2)
Someone does. Or are you Mr. Subliminal?
Re:What I want to know is... (Score:2, Funny)
Given who Hotmail's corporate parents are, I don't think you would like the answer to this...
Re:What I want to know is... (Score:2, Funny)
I find Yahoo to work much better though... (Score:5, Informative)
Yahoo spam today:
0
Hotmail spam today:
18
Which is doing a better job at stopping spam you say?
Re:I find Yahoo to work much better though... (Score:2)
Spam to date : zero. The only crap I get is that which is forwarded from my unexpectedly still-active university account.
FastMail has a 'bounce' option that lets you fake an 'undeliverable' error message. Good for ex-girlfriends too.
Re:I find Yahoo to work much better though... (Score:2)
The first step is stopping it from getting there (Score:5, Insightful)
Re:The first step is stopping it from getting ther (Score:5, Informative)
go to
"Enter email address (or domain) to block:"
enter domain in text baox, such as
whatever.com
click, add block
return addresses always forged (Score:2)
****** SPAM ****** SpamAssassin Plug (Score:5, Informative)
Title and From (Score:3, Interesting)
Use a little imagination; it isn't necessary for a spam filter to immediately trash suspect mails. By default, all SpamAssassin does is TAG the emails in their subject lines and add a scoring report to the body. It suffices for me to have probable spams all collected together so that it is only one quick scan and a button click away from destruction.
Come to think of it, if my quick from/subject scan method doesn't suffice, that attached scoring report does. A mail with a score of 33 with a web bug is certainly bogus. I'll cheerfully trash that without reading the rest of the body and those reports can be quickly parsed as well. Not that I usually bother. Simply having your signal not interleaved with the probable noise is useful and SpamAssassin can certainly be trusted for that.
I run a small server with a few user accounts. (Score:2)
First, I would like to know if there is a server-side daemon I could run that goes through all user accounts and weeds out spam (without knowing their passwords.)
Second, I would like to know if I have any legal recourse against unsolicited email hogging my bandwidth. Could I stockpile a years worth and send the spammers a bill for the used bandwidth?
Re:I run a small server with a few user accounts. (Score:3, Interesting)
It's been tried. But don't wait a week to try to find them; they tend to, um, move a lot. A prosecutor I talked to said they needed three PI's and several months to corner one who started a new corporation every week.
those images and web bugs... (Score:2)
MsgTo.Com used images to thwart spammers (Score:4, Insightful)
Kind of offensive though, a lot of people took offence to clicking a link to send me email.
MsgTo.Com dissappeared some time ago during the
Hedley
'automated signup' (Score:2, Interesting)
Re:'automated signup' (Score:2)
IRC needs Captmfa (Score:5, Funny)
a/s/l?
"18f,Florida"
Do you mind if I ask you to take a quick Captmfa?
"Sure, go ahead"
Test completed. Result = 34m, Detroit.
Re:IRC needs Captmfa (Score:2)
What, are you talking about this? [fu-fme.com]
What a ripoff (Score:2)
Instead it's something they hacked up because new programs were getting around the old OCR blockers. Blah.
Re:What a ripoff (Score:2, Insightful)
Free-mail woes (Score:2, Interesting)
The truth is accounts like Yahoo and Hotmail only exist to turn a profit for their owners. I know not everyone can get an e-mail address that they can use for personal means in any other way, but you have to accept what you are getting into when you open one of these accounts.
Personally, I have several e-mail accounts and only use my hotmail and yahoo for things like web page registration.
Think the editors could pass a no-repeat test? (Score:5, Informative)
repeats!
http://developers.slashdot.org/article.pl?sid=0
Granted this is not a direct repeat but the articles are just different sources for the same story.
Links to previous Slashdot stories on CAPTCHA (Score:3, Informative)
Captcha killers (Score:2)
Re:Captcha killers (Score:4, Interesting)
NY Times article [nytimes.com]
Berkeley press release [berkeley.edu]
Computer vision pages (w/papers) [berkeley.edu]
Greg's page on breaking Gimpy [berkeley.edu]
Whitelists do the trick. (Score:2, Informative)
0 spam for months now.
The only negative is if someone not on my whitelist sends mail, I have to rummage throught the rest of the junk to find it.
I failed the Turing test! (Score:5, Interesting)
I recently had to create an e-mail address that I could use for posting to a mailing list where the addresses are all public. I tried Hotmail first, and although I passed part 1 of their Turing test, the captcha test, I think I failed part 2: once I was all done filling in my personal information (retired female homemaker in Antarctica, born in 1891), I got some kind of mystifying error message saying something about my .NET account (which I don't have). I guess if I was human, I'd have been able to figure out what they meant.
Oh well, I passed Yahoo's captcha test, and they didn't have a part 2...
As a recipient of spam, I also don't see this having any benificial effects. I gets lots and lots of spam from hotmail.com and yahoo.com addresses. They're all forged headers, so it doesn't matter that Yahoo and Hotmail have botproofing -- the accounts I'm getting spam from aren't even real Yahoo and Hotmail accounts. It's great that they're trying to make sure they aren't spam havens (and of course it costs them money if spammers use their services), but I really think the whole e-mail infrastructure needs reworking in order to get rid of spam. Sending e-mail should cost some token amount of money, and there should also be some way of tossing out mail with forged headers (e.g., my mail client should be able to tell whether the cryptographic signature on an e-mail indicates that it really came from hotmail.com or yahoo.com).
OT: What do various nosy sites think you are? (Score:2)
I'm a 70 year old Afghan woman who is the head of a major multimedia corporation, making less than $20,000 per year. At least, that's what the New York Times thinks...
Re:I failed the Turing test! (Score:3, Insightful)
It's easy to throw such ideas around, but implementation becomes an issue of rights quickly. I guess you want to force everyone to use their ISP's mail server and pay their ISP the amount. Fine. You have to block outgoing port 25, which fucks over anyone running their own mail server. Spammers will just buy T1s and be their own "ISP", and sell a flat rate email sending fee to other spammers. (They already do that).
What about people like myself that maintain announcement lists for my web sites. That's something like 2000 emails each time I send an update. It's all completely opt-in, and has a real return address, from which I personally handle unsubscribe requests from the people that can't figure out how to use the web site to unsubscribe. It's nothing like spam.
What about all the thousands of other email lists. The owners of the linux kernel mailing list would have to pay thousands a month in your email fees, even if it was only a couple cents an email.
Anyway, everytime someone comes up with these "change the infrastructure" silver bullet solutions to spam, they are always half-baked.
Ok here we go (Score:3, Insightful)
And now, back to our regular show.
Re:Ok here we go (Score:5, Insightful)
Bayesian techniques depend on predicting which elements (usually, which words) are likely to indicate spam, and which are likely to indicate non-spam messages. This can vary highly from user to user, and so it should be done on a per-user basis.
For instance, I am a security administrator and receive a lot of legitimate mail about "antivirus software", and very little legitimate mail about "teenage lesbians." However, my girlfriend's crush, who is an activist lesbian, may well receive a lot of legitimate mail about "teenage lesbians" and only spam about "antivirus software." If we are on the same ISP, then it would be erroneous behavior for my reporting "teenage lesbians" as spam and "antivirus software" as nonspam to throw her spam-filtering out of whack, or vice versa. And yet it is a potential privacy violation for the ISP to be gathering statistics on which one of us gets virus bulletins, and which one is the lesbian.
(Moreover, there also isn't yet any standard mechanism for users to report spamminess or nonspamminess back to normal IMAP or POP mail hosts -- and Bayesian algorithms require sampling both spam and non-spam mail, not just spam reported to an abuse address.)
The filtering mechanisms that should be implemented on the server are general ones -- ones that do not rely on deep inspection into the content of the message. I don't really want ISPs to gather stats on common keywords in users' incoming mail -- do you? It is one thing to examine structural elements of the message, such as the IP address which sent it, or the presence of normal headers; or to statelessly scan the message for static patterns, such as virus signatures or "DISCOUNT HERBAL VIAGRA !!!" It would be quite another thing to gather the kind of data that Bayesian filters involve, for every user on a large end-user system.
Re:Ok here we go (Score:2)
Re:Ok here we go (Score:2)
You do realize that calculating spam-likelihood probabilities requires nonzero amounts of processing power/cpu time, right?
Re:Ok here we go (Score:3, Insightful)
I strongly suspect that Bayesian filtering would turn mail processing into a CPU-bound activity. You're converting words into known tokens, looking up coefficients associated with each distinct token, and then manipulating them. If anything, it resembles compiling as a workload.
To prove the issue either way, of course, I'd have to get off my tail and actually build an efficient filter and test it. As an O(n log n) problem, it _might_ not be CPU bound, for low enough disk/network throughput.
HHotG (Score:4, Funny)
is this really new? (Score:2, Interesting)
they've used this for years elsewhere. for example, Major League Baseball's Online All Star Voting has used it ever since pudge stuffed the ballot box [boston.com] right before the 1999 game.
Junk Mail?? (Score:3, Funny)
But does it sign up the SPAMMER for all sorts of free offers and catalogs to be sent to their home address? (ala Ralsky)?
Getting by spam filters (Score:2, Funny)
Aside from that, I created my hotmail account and was spam-free (with no filters or settings) for a long time. That is until I registered on a career-type website (let's call it site A). This one is for the lawyers out there: Another similar career-type website (let's call it site B) sign itself up as an employer and ran through Site A looking through personal information otherwise not available unless as an employer. After that, I presume they built a good list of emails. I was spammed with their emails trying to get me to register with Site B. After a short while, these diplomas and weight loss and triple-your-breast-size started to pile up. Is what site B did illegal? Because in this case, it seems like personal information was stolen.
The /. posting title is misleading (Score:5, Insightful)
But I don't think that translates into 60 times the cost. The Turing tests are interesting but I don't think that the creation of the accounts ever was a bottleneck in the process in sending spam. You could get a high school kid to create all the accounts you would need for a month in about an hour, and pay him in pr0n.
If the truth were known, Hotmail and Yahoo are just trying to decrease server loads. I bet that when bots create accounts they create hundreds or thousands more than are used, which take up server resources during creation and later as the accounts eat up storage. With Turing tests it is more likely that not too many will be laying around waiting to be used.
Spam Arrest -- Patent Pending? (Score:2, Interesting)
They have patent pending on "calling back to verify a phone number" except it's email.
I would suggest avoiding this company's products and services.
Accessibility (Score:2, Insightful)
"[...] humans can read distorted text as the one shown below but current computer programs can't:"
I think they mean "non-blind humans". How exactly will they ever solve that problem? If a blind
man's OCR program can read the text, so can the spammer's.
Re:Accessibility (Score:5, Interesting)
I wrote Yahoo about this problem just about a year ago, after
finding no explanation in their online help on about how
visually impaired users were supposed to use their service,
and this is what they had to say.
I kind of thought this sucked, that apparently the solution
is to wait for a human operator to read the feedback
form and phone you back. Surely someone can come up with
a better system.
=-=-=-=
Hello,
Thank you for writing to Yahoo! Account Services.
If you are a visually impaired or blind user, please fill out the
feedback form at:
http://add.yahoo.com/fast/help/us/edit/cgi_access
A customer care representative will call you back, to assist you with
registering for a Yahoo! account.
If we can be of further assistance, please let us know.
Thank you again for contacting Yahoo! Customer Care.
Regards,
Yahoo! Customer Care
For assistance with all Yahoo! services, please visit:
http://help.yahoo.com/
inherent imperfections (Score:4, Insightful)
Logical next step (Score:2)
- Use the emacs psychologist to determine the mood of people sending you email!
Spam Tax (Score:5, Interesting)
This idea means licensing them so that they are properly registered, Meaning we know who they are and where they live.
Meaning that they can be billed for use of service, etc. and jail those not properly licensed.
Meaning that we can send bill collectors and tax collectors hunting after them.
The bottom line is that IF we can make it profitable to go after these guys, someone will make a business of it. We just go to figure a way how.
Then we get to use the scum of society, such as bill collectors and tax collectors, and turn them to some good, going after spammers.
And we can use the money collected to subsidise the cost of something useful.
Now Lessig has also proposed something similar to this:
http://www.cioinsight.com/article2/0,3959,533225,0 0.asp [cioinsight.com]
Which essentially means that there are more eyeballs to track the scum down. And a financial reward to do so.
The twist in my proposal is to mach spam have a cost even if sent "legally" - [lots of states have finance problems], and make the penalties truly painful if done illegally. I want to set my own fees for receiving spam
Damn Slashvertisements (Score:2)
On the other hand, the banners are just fine and for those of you who have their banners turned off, Blizzard has an opening for a Unix Admin and a great ad. I'd link to it here but you should really turn banners on. I know they are annoying, but banners bring in money for slashdot. That $49.99 or $9.99 or whatever you pay for your ISP is NOT giving that money to slashdot, and for them to remain free, they need you to download those damn ads.
Now, turning off pop-ups, that's accetable. But think of all the porn you're missing!
Here's an idea to solve this: (Score:2, Informative)
And since these tests are interactive (ie: you're asking the PERSON who e-mailed you a question, they can be quite hard to fool with a computer).
Non-challenging e-mail addresses (or mailings) can still exist, and will be clearly marked as haven't bee 'verified'... ie: streated as bulk e-mail.
I like this... (Score:2)
I want to be whitelisted for x number of days. Or maybe a setup similar to DHCP where I've got a lease for x number of days that doesn't expire until I haven't used it for y number of days.
This would allow email to remain FREE like it should be and solve the problem at the same time.
In Mozilla News.. (Score:3, Informative)
Mozilla now comes with it's own Spam Filter [mozilla.org] starting with 1.3Alpha. Anyone know how well it works? I haven't had a chance to try it.
Think this is off topic? Read the last line of the slashdot story and click the link, where you can take a "Free 30-Day Trial!!"
=)
Re:In Mozilla News.. (Score:5, Informative)
I have this to say about it
GET IT.
I trained it on a corpus of spam I've been keeping around for just such a purpose (about 300 messages, not a lot really). Since then I have been giving it minor corrections to tag new spam and it is nearly perfect. No false positives. The interface is easy to use.
If you use Mozilla now for Mail, you owe it to yourself to start using the 1.3a. If you're using something else, it's worth looking at Mozilla.
Shameless OS X Plug (Score:3, Informative)
Is spamarrest a joke? (Score:2)
This has got to be a spammer that runs it.
Re:Is spamarrest a joke? (Score:3, Interesting)
Like what that Spam Jerky said, it's a business. What's going to keep someone from creating an extensive/ultimate filter list/software, and offer a safe loophole for other Spam Jerkies to get by for an X amount of dough?
Re:Is spamarrest a joke? (Score:2)
not only mail spam, sms too (Score:4, Insightful)
Next they'll patent the phone call (Score:4, Insightful)
What do you get if you eliminate the human from the above? Why, a protocol link. Might as well require me to type in TCP/IP packets and consider me human if I make too many erorrs :-)
Automated Turing test? (Score:4, Insightful)
The Turing test is where a human talks to a computer and tries to decide if the backend that's answering him is a human or a computer program.
This is more of a reverse turing test, where the computer asks questions to try and find out if it's interacting with a person or a program.
It would be possible to write a program to beat this system, but it would not qualify as having passed the Turing test, because it would have only fooled another computer program, not a real person. Of course maybe said program could go on to pass the Turing test.
Wouldn't it be weird if spam was the driving force behind the creation of the first real AI?
Skynet began learning at a geometric rate.......by 1800 hours every mailbox in the world was jammed with unfilterable spam.
How about the CCD noise approach to spam? (Score:3, Interesting)
Then, when you get mail at your "real" account that mail is examined to see if it matches any of the mail received at the "fake" account.
This is sort of like the digital camera technique of taking a "picture" of the CCD image with the shutter closed after a long exposure, to get an idea of what just the noise from the CCD looks like so it can be subtracted from the image data collected.
Of course, I'm not sure how well it would work in practice or if you'd really get the same spam very opten in both accounts...
The only thing that needs to be done... (Score:3, Interesting)
As long as you spam me from a legitmate email address I can request that the ISP delete your account. If the ISP chooses not to do so, then I can block the whole damn domain guilt-free. If the ISP has a decent EULA they could sue their subscriber for breaking the terms of their agreement and use that money to pay their various postmasters to take care of spam complaints.
captcha stops blind people too (Score:5, Insightful)
Re:captcha stops blind people too (Score:3, Informative)
REALLY old news (Score:4, Informative)
The Register article had absolutely nothing of value to add. As you were.
Simple way to beat image tests (Score:3, Funny)
2. Send most of the (fake) registration info until it sends you a "turing test" image.
3. Display the image in the next webhit on your popular porn site saying "to get free porn, type these characters"
4. Send whatever they type to hotmail/yahoo/whatever & complete your registration.
5. Profit?
the mousetrap race continues... (Score:3, Informative)
Re:Why? (Score:4, Interesting)
It works with Outlook (not Outlook Express).
The coolest part is when you find an email that is spam, which it didn't catch (perhaps about 5% of the time), just click "Block" and it'll record that you blocked it on their servers, so anyone else receiving the same (or nearly similar, I think) email will have it blocked as well.
In other words, it's a community-driven spam blocker which works better the more people use it. And it already works very well.
Re:Why? (Score:2, Interesting)
Having said that, I believe that prevention is better than the cure. Especially from a bandwidth point of view.
Re:An idea for hotmail (Score:2, Informative)