Interview With The SpamAssassin 202
comforteagle writes "Howard Wen has conducted an interview with Daniel Quinlan of SpamAssassin. In it he explores what keeps Daniel motivated in the face of the unrelenting torrent of spam and new spamming techniques, as well as, what is working - what is not, and what he predicts spammers have up their sleeves next for defeating spam detection." From the interview: "If you don't mind deleting spam manually, that's your prerogative, but don't complain about it. If your ISP doesn't do a good job fighting spam, then switch ISPs or install your own anti-spam software. There are a lot of choices out there."
Re:Complain as much as you can! (Score:3, Insightful)
This might be a little difficult to do. Spamming is already is illegal in US. But anyone can spam from other countries. And making the US laws apply over there would be difficult.
in my opinion a fix to spam has to come from the software side, not from the government side.
How to stop spam (Score:3, Insightful)
Re:Complain as much as you can! (Score:4, Insightful)
Re:Complain as much as you can! (Score:3, Insightful)
Re:Complain as much as you can! (Score:1, Insightful)
Other analogies (Score:5, Insightful)
It seems pretty simple to me: complaining leads to awareness, which leads to action. Maybe a bunch of people on Slashdot griping about spam won't amount to jack, but let Oprah or someone else with a grappling hook or two on the office/church/bar water cooler complain about it and they can make a difference in social attitudes.
SpamAssassin is a good step but the real problem is the social system which makes spamming possible. How else can you explain a 60-year-old grandmother 1) using her computer as a spam relay, 2) acknowledging it on television, and 3) not seeing it as a problem because it's "legal" and she's getting regular cheques to do so?
How is it that a social/legal system can be designed to bankrupt and scare the shit out of people who share a few movies or songs but barely put a dent in the people sending out millions of useless, offensive, and content-bordering-on-the-illegal emails? Is there nothing wrong with this?
Re:Am I alone? (Score:2, Insightful)
Re:Am I alone? (Score:3, Insightful)
Some of us think that's a really sad state of affairs when you can't have a public email address. I mean yes, there's cranks who might send you flames or whatever, but one shouldn't have to be utterly innundated with crap just for letting everyone know their address.
Sadder still is that this sort of secrecy just becoming the norm now.
(no, I don't put my email on my slashdot account, but I like being pseudonymous for other reasons)
The next frontier in spam fighting (Score:5, Insightful)
This has both good and bad aspects. First, the good news: responsible ISPs will be able to block a good portion of spam at their routers and mailservers; it's not hard to detect and blacklist a PC which is spewing the same email to 20,000 different recipients. Unfortunately, it only takes a few poorly-configured ISPs to provide a great deal of bandwidth to spammers. Couple this with Windows' known security holes, and home users' typical apathy regarding patches and security updates, and you have a large pool of potential spam-hosts which cannot be as easily targeted as open relays or specialized spam-spewing servers. After all, if spammers are using a legitimate ISP's mail server to send spam, a remote admin can't block that mail server without also condemning large amounts of legitimate email to deletion, which may well be unacceptable.
The upshot of all this? The onus of spam filtering is going to be, more and more, on ISPs rather than on recipients. While this has its good side - spam filtered at the source doesn't take up as much precious bandwidth - it also means that filtering will be more difficult for those not close to the source.
Re:How to stop spam (Score:1, Insightful)
Not to mention that Spam Arrest are themselves spammers.
remember the economics (Score:2, Insightful)
But I think that one would lead to the other. If relatively few people are seeing spam, then suddenly spamming is no longer making money for the spammers, and they would eventually stop actually sending it.
Of course that's an optimistic scenario. It would probably lie somewhere in the middle. Fewer and fewer people see the spam, so spamming itself is less and less cost effective. Fewer and fewer spammers participate, while the remaining ones will have to reduce their fees since there will be fewer views. Fewer spammers and less money mean less innovation. Eventually (hopefully), the entire movement will slow down until spamming is only done by a few recluses targetting only the most oblivious users.
Re:personalized training (Score:5, Insightful)
Someone (the author or some editor) added that comma to my sentence. My original email had no comma there. A clearer phrasing that would not tempt someone into adding punctuation would be:
They also removed the name of the company where I work (IronPort [ironport.com]), which struck me as a bit odd considering how my job allows me to do open source was part of the article. I think my employer deserves some kudos for that. Not to mention implying that I'm more than just one of the developers. There are eight commiters, six of them on the Project Management Committee and two of them (Justin Mason and Theo Van Dinter) write at least as much code as me.
Re:All I can say is... (Score:3, Insightful)
If you aint on the list, you aint gettin through.
While I despise whitelist only systems in the business world, in this specific situation, it is the only way to ensure that only people the kids know, can email them.
We dont drop non whitelisted mail. It sits in a file for a while, and we go through it periodically if someone says "hey, I sent you mail" and they were not whitelisted.
Re:The next frontier in spam fighting (Score:4, Insightful)
Re:Your best choice (Score:3, Insightful)
If you can't use your own address then your spam filters suck. I will not let spammers decide where and with whom I share my address. It is mine, and I'll do what it takes to defend it.
Re:Complain as much as you can! (Score:3, Insightful)
This fool needs to realize that not everyone is or wants to be a computer expert, or an email specialist just so they can use their email. If every day a barrel of paper junk mail got delivered to your door you'd sure as hell complain, not just arrange to have a paper recycling company sort and collect the rubbish, or learn about the intricacies of the US postal system.
When are we in the IT industry going to stop telling users that they need to be computer experts to run a computer. The RTFM attitude just does not cut it!
Re:A spam "bubble"? (Score:2, Insightful)
This all means that spammers can be far less successful than any other business, yet still remain in business.
Re:Complain as much as you can! (Score:3, Insightful)
You're kidding yourself if you think that's the explanation. I reckon 80% of the spam I get is US based. No, I don't know that it's sent from mail servers in the US, probably zombies, but it definitely advertises US products to a US audience. Rx??? Didn't even know what that meant til I got 50 spam a day about it. What the hell is it with you guys and prescription medicine anyway? Approved for a new low rate? Is it really so difficult to find a mortgage via legitimate means?
Anyway, the point is it seems to me that if I WANTED to buy from the vast majority of spammers, then as a non-US citizen they wouldn't be interested in my custom.
From where I'm standing, at least, spam is mostly an American problem. Spanish-language second coming in a fairly distant second. China? Never seen any spam whatsoever advertising Chinese products to a Chinese audience.
And, imho, where the spam is technically sent from is utterly irrelevant. Follow the money!!