Brightmail Denies "White List" Deal With Spammer - Slashdot

Become a fan of Slashdot on Facebook

×

Brightmail Denies "White List" Deal With Spammer 226

Posted by michael on Sunday December 21, 2003 @12:06AM from the as-the-spam-turns dept.

ThePretender writes "From the InfoWorld article: 'A spammer's claim to his clients that he had an agreement with anti-spam technology vendor Brightmail to not block his traffic was contradicted by Brightmail officials today.' From the sounds of it, Scott Richter (apparently a notorious spammer) might just be looking for some media attention, he even goes as far saying he has similar agreements with some major ISPs. Ouch! May the drama unfold..."

This discussion has been archived. No new comments can be posted.

Brightmail Denies "White List" Deal With Spammer

Search 226 Comments Log In/Create an Account

Comments Filter:

spammer fraud? (Score:5, Insightful)

by belmolis ( 702863 ) writes: <billposer.alum@mit@edu> on Sunday December 21, 2003 @12:17AM (#7777032) Homepage

If it's true that Brightmail made no special deal with him, it looks like he could be prosecuted for consumer fraud as well as spamming. Indeed, his clients could presumably sue him too. If Brightmail did make a special deal with him, assuming that they advertise that they block spam, then they comitted consumer fraud. Somebody's in trouble here one way or the other.

Share
twitter facebook
Comment removed (Score:5, Insightful)

by account_deleted ( 4530225 ) writes: on Sunday December 21, 2003 @12:31AM (#7777078)

Comment removed based on user account deletion

Parent Share
twitter facebook
Proving a negative... (Score:5, Insightful)

by LostCluster ( 625375 ) writes: on Sunday December 21, 2003 @01:12AM (#7777253)

The biggest problem with the "I didn't opt in!" complaints is that spammers have gotten better and better at submerging the opt-in indication to a yes-defaulted checkbox within all sorts of websites and software. Once you have slipped up and comprimised your e-mail address this way, you've basically given that publisher permission to spam you and share your address with any other spammers they want to "partner" with.

Therefore, anti-spam laws will always have a hole that a truck can be driven through. Since proving that you've never accidently tripped over a "universal opt-in" is nearly impossible to do, successful prosecutions will be tough.

The only way we're ever going to fully kill spam is to abandon SMTP and get a better way to verify that e-mail really came from the claimed sender and leaves a valid return address...

Share
twitter facebook
Re:That's nothing... (Score:4, Insightful)

by Anthony Boyd ( 242971 ) writes: on Sunday December 21, 2003 @01:13AM (#7777261) Homepage

I've got a deal with Microsoft and the big AV companies to not do anything about the email virus I'm about to let loose.

<sarcasm>
And this is different from standard Microsoft policy, how?
</sarcasm>

Parent Share
twitter facebook
A note on Brightmail (Score:5, Insightful)

by pw700z ( 679598 ) writes: on Sunday December 21, 2003 @01:16AM (#7777268)

Part of the reason to toss the name 'brightmail' around is because their product is awesome at stopping spam. The spammer is probably just trying to undermine brightmail's credibility.

Share
twitter facebook
sure (Score:5, Insightful)

by danidude ( 672839 ) writes: on Sunday December 21, 2003 @01:18AM (#7777280) Homepage

Use the "which is more probable?" principle: which is more probable? A anti-spam technology ruin itself by promising blocking spam and letting thousands of junk mail pass by becouse ti made a deal that will ruin it's bussiness or The goo'dam spammer is lying?

Share
twitter facebook
Re:Is this an attempt to hold customers? (Score:3, Insightful)

by LostCluster ( 625375 ) writes: on Sunday December 21, 2003 @01:20AM (#7777293)

He's likely trying to spin some statement that says "If you really are doing opt-in e-mail, we'd never block you," from Brightmail into a promise that they won't blacklist him... doesn't quite work that way in his case.

Parent Share
twitter facebook
Re:Why not revise email standards? (Score:1, Insightful)

by Roydd McWilson ( 730636 ) writes: on Sunday December 21, 2003 @02:40AM (#7777581) Journal

You know, this might actually work if you extremely limit the unauthenticated e-mail streams rather than dumping them entirely. This would allow legitimate e-mails from new acquaintances while strangling of spam. What I envision is that each server has a maximum e-mail reception rate from various other servers. This is structured (1) to encourage efficient flow, i.e. max_in_rate = max_out_rate, and (2) so that others are given apportionments based on the trust level. So for example servers within the same organization may have unlimited interchange rates (or for a complex network, limited to reflect the true capacity and encourage load balancing), edges between different ISPs may have rates established by contract, and unknown hosts are limited to a rate which allows legitimate e-mail but makes spamming excruciating. In addition to simple rates, other rules could be established about message flow to favor legitimate e-mail. The key benefit of this scheme is that e-mail delivery can be kept reliable: messages are either enqueued or rejected depending on capacity availability; at the same time, no information is given out about whether an e-mail address is valid or not when turning away spam. A potential downside is the huge number of mailhosts which would have to be tracked. However, I think if we set the threshold rate for untrusted servers correctly, we can greatly limit the number of mail servers which we need to track with larger rate allocations. Furthermore, traditional blacklisting can be used to demote servers rather than entirely cut them off, and if a particular mail server sees demand for two-way communication with a blacklisted mail server, it can ease the restrictions. Another possibility is to use a reliable non-real-time dual to QoS at the IP level for routes along which e-mail is sent, if it's possible to use the existing and emerging IPv6 standards and infrastructure for this purpose.

Parent Share
twitter facebook
Re:They both must be right, would either one lie? (Score:5, Insightful)

by mr i want to go home ( 610257 ) writes: on Sunday December 21, 2003 @03:06AM (#7777655)

Agreed! Just how trustworthy does anyone think AOL is?
From the Reuter's article linked to in the story..
"Scott Richter, a bulk e-mailer who ranks No. 3 on Spamhaus's list, told Reuters he was not worried by the arrest because he said he does not break any laws.
"I'm happy to see law enforcement cracking down on people who use false headers and I wish they could get all of them," Richter said. He added that he sends large amounts of commercial e-mail but does not disguise routing information and takes pains to comply with Internet providers' policies.
"I was just at AOL's office a month ago," Richter said.
AOL officials declined to comment on their relationship with Richter or say whether he had visited their offices. "We are aware that he follows the legal developments (of anti-spam laws) very closely," AOL Assistant General Counsel Charles Curran said."
What do you do when you know you've screwed up, but can't say so?
Decline to comment of course!

Parent Share
twitter facebook
Re:Anti-spam Software and Spammers (Score:4, Insightful)

by fdiskne1 ( 219834 ) writes: on Sunday December 21, 2003 @03:19AM (#7777683)

I don't normally opt-out of ANY spam. In this case, I knew they already had the email address and knew it was valid. This was a company I was dealing with while we were evaluating different anti-spam software, not just any spammer. I opted out because the fact that they deal in anti-spam software told me that they could be trusted not to spam. I was obviously wrong.

Parent Share
twitter facebook
Re:A note on Brightmail (Score:3, Insightful)

by balamw ( 552275 ) * writes: on Sunday December 21, 2003 @04:16AM (#7777912)

Brightmail? Awesome? Not for me it ain't, at least not right now. My ISP (AT&T Worldnet) uses it and it is letting through sooo much obvious spam recently that I'm beginning to think the spammers must have figured out a way around Brightmail's rules.

FWIW, both Yahoo! and the new Hotmail filters are performing much better than brightmail for me now

Regardless, I download all my mail through a SpamAssassin [spamassassin.org] POP3 proxy, which just plain knocks em dead.
Balam

Parent Share
twitter facebook
Re:Why not revise email standards? (Score:4, Insightful)

by Tarqwak ( 599548 ) writes: on Sunday December 21, 2003 @08:58AM (#7778496)

If you can't kill them then filter them...

One thing that seems consistent lately is that domains what are linked in the spam have been created in less than a month, more likely in the past week.

Do a whois on linked <a href="..." <img src="..." <script src="..." domains, and if (registration date < 1 month) add-to-spamminess(+1);

Yes I know, whois servers aren't meant for this :/

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

390 comments32-Hour Workweek for America Proposed by Senator Bernie Sanders
358 commentsWhat Should Happen to Empty Downtown Office Spaces?
340 commentsHacktivism Erupts In Response To Hamas-Israel War
324 comments'Feedback' Is Now Too Harsh. The New Word is 'Feedforward'
248 commentsWorkers are Resisting Calls to Return to Offices

"I've seen it. It's rubbish." -- Marvin the Paranoid Android