Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Software Spam The Internet

Stichting Spamvrij (spamfree.nl foundation) Closing 118

Posted by Hemos from the a-sad-day dept.
TeVi writes "Stichting Spamvrij.nl (Spamfree.nl foundation), the authority on spam in The Netherlands, has decided to stop. Spamfree.nl gained international attention for their fight against the CyberAngels spammers. More information can be found on their website regarding the shut-down." It's the classic story of too much work to do, not enough time; meanwhile another reader notes: "Some new anti-spam products out there - but everyone seems to agree that even Sender ID ideas and laws won't do much."
This discussion has been archived. No new comments can be posted.

Stichting Spamvrij (spamfree.nl foundation) Closing More

Stichting Spamvrij (spamfree.nl foundation) Closing

Comments Filter:

  • English text (Score:5, Informative)

    by Karamchand ( 607798 ) on Monday October 11, 2004 @08:40AM (#10492518)
    is available here [spamvrij.nl].

  • Sysiphus labour? (Score:4, Insightful)

    by DenDave ( 700621 ) on Monday October 11, 2004 @08:41AM (#10492522)
    A sad thing but the reality is that there is nothing they could do to stop spam. In fact the only thing anyone can do to stop spam is to stop using email. Yep, the spammer wins.. I abandoned my email account. So in effect he loses because my address is now worthless..
    • He'll have no idea whether you're using it or not. Using it but not clicking through on any of his links would do just as well.

    • Re:Sysiphus labour? (Score:5, Insightful)

      by Timesprout ( 579035 ) on Monday October 11, 2004 @08:49AM (#10492587)
      I agree. I was so pissed of with all the junk mail I was getting through the post few years ago I abandoned my house so my address was worthless to them. Altering my lifestyle completely and living in a cardboard box under a bridge can be a bit of a chore but its worth it not to let the spammers win.
      • Cute comparison. But I bet you aren't one of those people who has an email account getting over 1000 spams a day. I'm giving up that account because it's taking me a half hour every other day to sort out the remaining spam, even after Thunderbird's spam filter has run.

        By the same token, I bet if some delivery person was putting a thousand unwanted packages in your living room each day, and you couldn't stop him, you would, in fact, choose to move.

        • no, I could shoot him and hide the body in my septic tank. *note to all law enforcment, there are no bodys in my septic tank, please dont look*
        • Thunderbird's spam filter is nice, but you might want to try you spamihilator, along with some extensions that should sort out all your spam problems.

          http://www.spamihilator.com/

        • Currently I have 6 email accounts, and I have discarded about 8. I write my contacts each time the signal to noise ratio rises above a certain point and let them know I am moving again. So far that has worked, but MAN it is a pain in the glutius to deal with!

          I have said this jokingly, but I am getting to the point where a serious effort here might be worthwhile: Small off-shore mercenary army and....
          • How do you get so overloaded with spam so quickly? Even the account that I use in situations where I might attract spam only gets, at most, 10 junk mails each day -- and it's been in use for well over six years. The accounts I use for friends or colleagues and for mailing lists get almost no spam (one or two each month for the last account).

            I admit I'm pretty paranoid about posting my addresses in publicly viewable places. However, I'm surprised that people seem to have to cycle through addresses so rap
            • As to online habits: I did an experiment: I opened 4 email accounts, 2 free, 2 paid for which I did NOT use AT ALL for 5 months. All of them became spam bait. I kept a graph for a while of the stats on spam per day on them. I wanted to see if "paid for" or "free" email addresses were more vulnerable. One of the two paid for accounts was a telnet only account. I wanted to see if that had any effect. after the 5 months I found no difference. Web Based, telnet only and accessed via Pine, POP3 service....

      • What bridge? (Score:2, Funny)

        by kop ( 122772 )
        Please tell me where your cardboard box is located,
        i might have an interesting mortgage offer for you.
        You can safe many $$$ on loans that way!
      • Are you a republican? ;)
      • Totally different scenario. Deserting my email address costs me nothing but the 5 minutes it takes to mass-mail my address book a "hey, this is my new address" mail. To desert my house costs me one house.

        Personally I'd rather change email accounts and spend the 5 minutes it takes switching over and informing everybody of it than spend the 5 minutes everyday it takes to pick through a hundredweight of spam looking for the two emails I might want to read. An email address is not a house, and you don't lose

    • Spam can be stopped... (Score:2, Interesting)

      by ravind ( 701403 )
      Here's an idea. Give the spammers what they want, which is more traffic. Create a small client that anyone can install on their machines, all it does is use your spare CPU cycles and Bandwidth to repeatedly hit the links that are advertised in spam. If the servers can withstand the mass DDOS, then the bandwidth costs will make them think twice before sending out emails. Use P2P to distribute the list of links to be hit and the spammers will have no central "black-list" server to bring down in retaliation.

      T

      • Here's an idea. Give the spammers what they want, which is more traffic. Create a small client that anyone can install on their machines, all it does is use your spare CPU cycles and Bandwidth to repeatedly hit the links that are advertised in spam. If the servers can withstand the mass DDOS, then the bandwidth costs will make them think twice before sending out emails.

        Yeah, that would be great except that it wouldn't work. There would just be more spammers hosting their web sites on Windows virus zombie

        • That's great if they proxy it through a zombie, it will take even less effort to shut it down. Most broadband home connections have a very limited bandwidth for upload precisely because your ISP doesn't want you to act as a server.

          Also, it's not like the spammer can send you an updated URL when the first zombie goes down. I don't see and easy way for spammers to make your suggestion work.
          • As if we didnt already discuss the whole issue a hundred times here... *sigh*

            It is _no_ good idea to try striking back by auto-ddosing all urls mentioned in some spam. First as already mentioned abov in most cases you simply attack some zombie box; so what, 50k fellow minions waiting to take its place when the next spam flood is coming... And there is always the famous joe-job, which means you will help to attack some more or less innocent third party which already gets tons of complaints and trouble with

          • The combined total bandwidth of all the endpoint broadband connections far exceeds their upstream bandwidth. When attacking multiple broadband connections at the same ISP, your DDOS attack will max out the ISP's uplink long before it takes out all the end-users' links.

            Congratulations, you have now taken out an internet connection belonging to some Grandma who doesn't know anything about viruses (arguably a problem that needs to be dealt with in SOME way if not DDOS), but as a bonus you've also horked band
      • Another solution is to make it so that anyone who spams for a domain loses that domain.

        PS Yes if that someone does not own the domain and tries to make it hard for the onw who owns the domain - it is not a domain-losable offence.
    • The only solution to the problem is to start paying for sending emails. Before everybody starts modding me down, tell me is it a problem for you to pay 1 cent per sent email? Of course not, except if you are a spammer and planning to send billions of emails. Why are spammers not using regular mail for spamming purposes (well, they do it, but in a much lower scale)? Its because its not free.

      • Re:The only solution (Score:2, Insightful)

        by Karzz1 ( 306015 )
        The only solution to the problem is to start paying for sending emails. Before everybody starts modding me down, tell me is it a problem for you to pay 1 cent per sent email?

        I work for a company that sends out legitimate email newsletters to several million subscribers a day. Even at 1 million emails a day, that would effectively put my company out of business.

        Also, what about all the mailing lists out there. This would have the same net effect on say the Linux Kernel Mailing List as having patents in O
    • To avoid spam simply use email aliases. Not more, not less. Use a hard to guess email address and never ever publish it. The only tricky thing is to have one address that you use for sending.
    • i felt the same way for a long time about my primary email address... after 9 years of using the same address, i think i was on pretty much every list around, and was getting somewhere around 300-500 spams a day, up to 800+ on particularly bad days...

      i tried filters... i tried stuff like spamassassin... i tried dns black holes... nothing worked...

      then one day i decided to try a challenge / response package called TMDA (tmda.net)... it took quite a bit of fiddling with to get things just like i wanted, and

  • need anti spam adverts (Score:4, Insightful)

    by Anonymous Coward on Monday October 11, 2004 @08:41AM (#10492526)
    on TV etc.. encouraging public not to buy from spammmers citing illegality of approach & risks

    • This is a solid idea.
      Who do you get to fund it though? The actual adverts themselves would be hilarious.
      "Look Maureen, those manhood enlargement pills I bought from manh00dgr0w3r.com have arrived. Pass me a glass of water, I'm going to get started"
      Death occurs. Someone stump up to fund this.

      • [how]

        do you get to fund it though?

        By selling a pamplet on TV about "How to make money on the Internet! (spam your way to fame and fortune). You sell them on your great rise from a 'one bedroom apartment' to a mansion and tell the people how they can as well. Once you have your fortune, you can use part of it to educate the same people you just ripped off! Even better, since you already have their addresses you can just direct mail them! It'd save a ton of money on TV costs.

    • Great! More spam to counteract spam...!

  • ... and another one comes, ... and another one comes,
    (repeat ad nauseum)

    Unfortunately, the subject refers to the spam-fighting groups, and the body refers to spam itself. Sad.

    Simon
    (Assuming the site was to do with fighting spam, since I can't get to it after it's gone public on /. :-()

  • They were good at something. (Score:4, Informative)

    by Killjoy_NL ( 719667 ) <slashdot@nospAM.remco.palli.nl> on Monday October 11, 2004 @08:47AM (#10492565)
    From what I read this morning in the dutch news, they did find out that a notorious dutch spammer didn't stop spamming, so they got him into a lot of trouble. There was also something about some more "detective" work that they were good at, but I can't remember what it was at the moment.
    • Yes, they did a lot of good work, but they were also a relatively unknown foundation themselves unfortunately... Maybe if they'd been a bit more pro-active (not thru spam :)) to get their name across to the general public as well, there would've been more volunteers to help them (and/or even more funding) and they wouldn't have to close down... A sad loss.
    • Agreed. Rejo (from Spamvrij.nl) really did a lot of good investigations. When the accused ones attacked him, accusing Rejo for e.g. libel, he was always able to back up what he said, or did so later because he still depended on some details. His succesful research made various big spammers shitting in their pants.

      Martijn Bevelander, Akin Franks, Patrick de Bruin among others, they really got bashed away in the media. Even when they tried to defend themselves, Rejo was able to be too smart, providing detail

  • What are (were?) the "CyberAngel spammers"? I missed that one.

  • Looking for an Altruisitiic Billionare (Score:4, Insightful)

    by Alien54 ( 180860 ) on Monday October 11, 2004 @08:52AM (#10492614) Journal
    Maybe some Altruistic Billionaire would be interested in funding these guys. Especially guys who have a track record contributing to the public good. You know, get them some help.

    Sure, we know of billionaires giving the money away to things like cancer research. Computer Industry Billionaires

    Maybe something like just a mere few hundred thousand or a million for these dedicated warriors. Get them some help.

    But then, my cynicism kicks in hard, really hard.

  • Laws *can* do much (Score:5, Insightful)

    by decarelbitter ( 559973 ) on Monday October 11, 2004 @08:55AM (#10492644)
    The postings states that people seem to agree on the fact that laws can't do much in the fight against spam. I disagree on that. At the moment many countries have fairly good laws against spam. However, the problem is not with those laws, but the lack of enforcement of them. If countries aren't willing to setup a group/agency/team/etc. that has the technical expertise to trace and track the spammers and the legal abilities to use the existing laws to their full extent than those laws aren't going to be of much help.

    Oh, and the correct URL for the English Spamvrij.nl website is www.free-of-spam.nl [free-of-spam.nl].

  • Bogofilter (Score:3, Interesting)

    by Gadzinka ( 256729 ) <rrw@hell.pl> on Monday October 11, 2004 @09:01AM (#10492684) Journal
    I don't understand all this cry about spam. I've been using bogofilter almost since day one and today, if I see one spam a month I'm surprised.

    Meanwhile, my spam folder is autocleaned via cron job from messages older than five days. Sometimes it accumulates 1500 messages (yes, that's 1500 spams in five days)[1].

    But I had to ignore some guidelines to achieve these results. I didn't teach bogofilter from dead corpus, I just installed it over empty database and taught it live. Also spam cutoff is set to 50 instead of the default 90 (?). I do have occasional false positives (much rarer than false negatives) this way, but I like it anyway.

    The best testament to all this is the unmasking of my address on /.

    And there are better [sourceforge.net] filters [nuclearelephant.com] than bogofilter.

    Robert

    PS I work exclusivelly on Linux, but viruses are annoying anyway, so I installed Clam AV, hence viruses don't increase my spam count.
    • One still has to download the email.

      The filters in Mozilla, work pretty good, but I only have less than 5 valid emails a day out of 50. That is still a pain to have to download 50 emails to only read a couple.
      • Funny I run Spam Assassin and rarely download spam. Just setup procmail to put spam in it's own folder, dont download that folder (You are using IMAP to read your mail right :) if I think I might have a false positive I go look in the folder but otherwise it gets cleaned on the server. Filtering spam isn't something the mail client should be doing thats a server job.

    • standard "filtering is not the answer" post (Score:5, Insightful)

      by FooAtWFU ( 699187 ) on Monday October 11, 2004 @09:22AM (#10492873) Homepage
      Filtering! You think spam is "OK" because of filtering?!? My site has had 4 gigabytes of traffic these past six days, and I'll tell you: Most of that is not the httpd. It's just spam spam spam spam spam to the umpteenth degree. Someone has to pay for that bandwidth and the processor power to do that filtering. And it's not the spammer.
    • So you are in a position of luxury where it doesn't matter if a legit email is filtered out every now and then. I'm sure it works for you.

      But others want to make sure their filter doesn't filter out email they were supposed to read! It happens, you know.

      I'm happy for you. You don't care if you lose a few non-spam messages. Well, I do, and even using filtering, spam is a major pain in the neck, as I need to go through it anyway, to make sure the filter didn't catch anything important.

      • So you are in a position of luxury where it doesn't matter if a legit email is filtered out every now and then. I'm sure it works for you.

        For the last 3yrs I've been working as a freelance consultant. Also I'm the typical guy with anxiety-depression condition, that has problems with everyday life support. And yet, I am able to keep all the important (i.e. paying) jobs w/o worrying about emails lost to spam filtering.

        Get a life, get some good spam filter and stop bitching. In fact, for last three years, m
        • "In fact, for last three years, most of my lost income has been due to overzelous spamfighters (like ORBS etc)."
          Which is exactly my point. You let the spam filter kill mails without checking if it got any valid ones. I'm glad that works for you. It doesn't for me. I need to go through my spam to make sure my filter hasn't caugh anything it shouldn't.
        • WTF? Wonder why both my posts explaining that trusting one's spam filter not to catch legit mail is not a luxury everyone can afford was modded down.

          Maybe I should get in touch with CT again, and see if there's mod abuse involved. Mod points will be lost.

  • Laws could work (Score:4, Insightful)

    by Monoman ( 8745 ) on Monday October 11, 2004 @09:01AM (#10492685) Homepage
    The problem is that everyone keeps trying to create laws to specifically address the spam problem.

    There are already existing laws against fraud, computer B&E, etc.

    What needs to changes is obviously the mail protocol and the parties held accountable. I know you could joe-job someone to frame them but in some countries you are innocent until proven guilty.

  • It still doesn't make any sense that there is as much spam as there is: these people are out to make money, right? It's not just to annoy people, is it?

    But nobody even reads this shit, do they? Much less buy whatever it is they're selling... do people actually give money to these fuckers?
    • Yes, people do read/purchase/visit from spam otherwise it wouldn't be as profitable as it currently is. With the low costs involved, even 0.1% 'read' rate for of millions of sent messages makes it profitable. Just blocking the content won't solve the problem. Shutting down the websites and phone numbers that the spam is pitching is a longer-term solution.
  • Was the site linked from slashdot 'cos it shutdown,
    or shutdown 'cos it was linked from slashdot?
  • Spam exists because it is profitable. If each of us would take the time to select just one spamming business per day, and tie up their resources by calling their agents, requesting literature, doing whatever we can to decrease their profit, we could end spam by cuting it off at the root. As long as spam is a more affordable delivery vehicle, it will get used.

    • Reply to all spam! (Score:1, Interesting)

      by Anonymous Coward
      Reply to all of it!

      If everyone replied to every spam message, the spammers resources would be overwhelmed, and they would not be able to determine which are the legitimate replies, and their reasons for sending spam would disappear. It would take a while, and take general cooperation (but not necessarily from everyone.)

      Of course, this isn't something one can do on their own; it has to be a movement. Everyone ready?

  • PopFile (Score:3, Insightful)

    by bstadil ( 7110 ) on Monday October 11, 2004 @09:03AM (#10492698) Homepage
    I don't understand what the big deal is with spam. I implemented PopFile [sourceforge.net] 6 months ago and I get 99.5%+ accuracy. Less than one piece of misdirected mail per day.

    Keep the bucket simple and have lots of Magnets for the people you normally interface with and Spam is a thing of the past. You can even put the server on a remote location so it is available when you travel.

    You can even redirect your spam to a Gmail account and have it all marked Spam thereby helping Google et al improve their filtering tools.

    • Re:PopFile (Score:2, Insightful)

      by ravind ( 701403 )
      99.5% accuracy is good, but not good enough. It means I still have to scan through the 1500 emails marked as spam to find the 1 email a month that might be a false positive. The only difference is I'm sorting them out in the "spam" folder as opposed to the "inbox".

      If I sound overly critical, it's only because I want to emphasize the importance, in my mind of having a solution that is 100% accurate, which I can blindly rely on.

      • Re:PopFile (Score:3, Interesting)

        by bstadil ( 7110 )
        What is the problem with a false positive? IF you have Magnets from everyone you normally interface with it has to come from someone that you do not normally correspond with

        If really important that person most likely has other means of getting hold of you and relaying on email is folly.

        What I am trying to say is you have to amortise the problem of one false positive with the effort involved in getting better accuracy. Not worth it and most likely not doable.

        By the way a mis-directed email does not

        • Re:PopFile (Score:2, Insightful)

          by ravind ( 701403 )
          You seem to be approaching this problem only from your experience with an email address reserved for personal matters.

          Other people have their addresses up on websites because it is important for legitimate strangers to be able to contact them, and it is often their only means of being contacted.

          These are also the kind of email addresses that get the largest amounts of spam. In short, false positives can be a problem, and we should be looking at a way of eliminating them rather than taking the "it's a cost
    • This [nixcartel.org] is what $WORK rejects. Those numbers are culled from a random minute of log analysis, and are accurate.

      Half of what spam slips through is caught by some more complex filters.
      And about 20% of what gets through is still spam.

      Do you really think that spam still isn't a problem? Or that *any* content filter will scale to that kind of load, on a reasonable budget?

      The right point of stopping spam is before it hits your MX, not after it has been accepted.
      • That's interesting and scary. My mail goes thru 2 filters upper level filters before hitting me. One at the forwarding level and one at my ISP (comcast)

        I turned the filter off at Comcast once and saw no real difference.

        This level of spam that your graph shows should be nuked differently. Zombie killing or turning off whole subnets once in a while.

        Before Bayesian filters came available I nuked all Hotmail and aol extensions at my mailserver.

        • You think we don't have filters on our border routers?
          This is stuff that comes in past the packets filters for the most abusive netblocks.
          And we block huge swathes of netblocks (smallest block I have ever applied is a /24) for spam runs. If > 25% of a /24 is found to be hitting our spamtraps, they get nullrouted.

  • bah (Score:1)

    by smurfi ( 91140 )
    That shut-down notice need a serious apostrophectomy. :-/

    Anyway -- too bad, though I hazard to say it's their own fault: if you do consulting you got to charge for it.

  • SPF, Caller-ID and Sender-ID (Score:5, Informative)

    by Zocalo ( 252965 ) on Monday October 11, 2004 @09:08AM (#10492744) Homepage
    Once again, there seems to be some confusion over this in the linked articles, both of which were written after the situation stabilised, so for those that don't know:
    • SPF (Sender Permitted From) is one of the original DNS based schemes for verifying an IP was authorised to send an email. It is an open standard using text only records that was proposed by Meng Wong of pobox.com and is still going just fine with many big mail domains (Hotmail, Gmail...) using it.
    • Caller-ID is the original closed standard Microsoft proposal that uses XML records. It goes beyond SPF in its scope, but is encumbered by numerous pending patents which Microsoft has yet to adequately disclose.
    • Sender-ID is a derivation of Caller-ID, also by Microsoft, that was proposed to the IETF as a potential "standard" mechanism for acheiving DNS based sender validation. Owing to it sharing many of the same patent issues of Caller-ID and a failure of the parties in the MARID working group at the IETF to arrive at a compromise that open source developers were happy with, Caller-ID was rejected.

    Caller-ID and Sender-ID are currently languishing in Redmond, with Microsoft yet to make any announcements about whether or not it intends to implement them anyway. SPF-Classic on the otherhand is still gaining momentum, with tens of thousands of domains registered as having SPF records, plus an unknown number of unregistered ones. SPF-Classis is also supported by most MTAs and anti-spam solutions, either directly or via a plug-in, and is most likely to become the "default standard" as things stand.

    • I really wish people would stop thinking SPF is only a spam stopping thing. Really, it's not! As you can see if you really read about SPF for more than 30 seconds is that SPF is a way of checking to see if a server claiming to send mail from some domain is really authorized to do so.

      Lots of people on /. think this isn't a problem, most of them are clueless. For those of us that run mailservers that see any kind of real traffic we know that a LOT of mail is sent with spoofed domains. Some of it is spam, som

      • True enough, but I didn't go into that because it's not entirely on-topic for the discussion at hand. SPF and the like have almost zero impact on the problem of spam as they are intended to stop the problem of joe-jobs and social engineering emails claiming to be from "admin@your.bank.com". Indeed, there's nothing to stop a spammer publishing SPF records for their domains, as several of them do in the hope that someone will think that adds some legitimacy to the email.

        I publish SPF records for all my pe

        • Indeed, there's nothing to stop a spammer publishing SPF records for their domains, as several of them do in the hope that someone will think that adds some legitimacy to the email.

          Actually, this is a good thing. As we move forward with SPF (hopefully sans the Sender-ID, MS-patented features), more and more of the world will be able to build relationships and trust maps with the domains that send them mail. If spamloser.com has sent me spam on several occasions, then I can start to ignore mail from them.
    • I want to address the other thing that people tend to get confused over:

      SPF is primarily about spoofing (and thus phishing), not about spam. I currently work in the e-mail department of the #2 financial institution. I see the impact that phishing has, and how SPF can be used to alleviate it. Each phishing e-mail that doesn't arrive because SPF averted it is a potential victim protected.

      Spoofing/Phishing is what SPF protects against best and that's what it's for. If some spam dies an early death because it

  • One small step for spam... (Score:2, Funny)

    by Anonymous Coward
    ...one giant leap for spamkind.

  • ddos the spammers (Score:3, Interesting)

    by wolfywolfy ( 107431 ) on Monday October 11, 2004 @09:20AM (#10492854)
    I have an idea for beating spam -- renegade style. Everyone forwards their spam to a server(s), which intelligently sorts the mail, finding culprit websites, then a massive distributed network (SETI@home style) retrieves worst-offending URLS from the server, then DDOSes (./ effect s) the spammers websites. Their bandwidth is quickly maxxed. IANAL but I imagine this isn't law-friendly. It's using the zombie-network theory against the spammers (except this time we opt into the network).

    I've set up a SF project, anyone wanna help?

    The simple version right now just uses a javascript auto-refresh page to draw images off several sites at a time, display, then request the server for more URLs. Once a site goes down you get a 'kill'. You could run teams like seti.

    Ideally it'd run as a daemon or win service, and be bandwidth-limited.

    • Re:ddos the spammers (Score:3, Insightful)

      by FooAtWFU ( 699187 )
      The problem: Spammers don't run their own websites. You do.

      (Well, at least if you use Internet Explorer or don't keep your virus protection up to date, you do.)

      • Actually they do. Think about it. They aren't spamming you for sh*ts and giggles, are they? There MUST be a website on the end of it, somewhere, otherwise there's no way to make money!

        I guess you could be email harvesting, but, on the large part, there are live websites (With lots of pretty pictures) at the end of those URLs in your spam.

  • A modest proposal (Score:5, Interesting)

    by INT 21h ( 7143 ) on Monday October 11, 2004 @09:36AM (#10493009) Journal
    "Spamhunters" the tv-show. I'm serious! Think about it, several episodes of pretty ppl running around with wifi-gear and blinkenboxes and having lovelife-problems while hunting down spammers, crackers, 419ers, identity thieves, pedos, virus writers, whatever. It seems to be the only way of educating the public these days. CSI: Internet, you know it makes sense!

  • choking on spam (Score:3, Interesting)

    by Doc Ruby ( 173196 ) on Monday October 11, 2004 @11:00AM (#10493789) Homepage Journal
    If spam fines were earmarked to support exactly these effective antispam groups, the scaling of spam would scale their efforts. The predator/prey relationship would keep spam to a minimum. Once at the top of a sustainable foodchain,feed on other privacy/security vermin in the abundant ecosystem could allow them to hunt spam to extinction. Now that fines are actually being collected, the rest of us can learn from this negative example.
  • The delete key. Press it once for each piece of spam you get.

  • Spamgourmet solved my problem (Score:3, Informative)

    by SysKoll ( 48967 ) on Monday October 11, 2004 @12:01PM (#10494590)
    At the risk of repeating myself, spamgourmet solved my problem. It's a free and open source disposable email address system that is traceable and also good for anti-phishing measures.

    Let's say your spamgourmet account is joeblow. This gives you unlimited addresses of the form prefix.accountname_at_spamgourmet.com.You post on some web forum with the address web.forum.joeblow_at_spamgourmet.com. But you give your bank the address mybank.joeblow_at_spamgourmet.com. If a spammer collects the address from the web forum and sends you a phishing message, you can 1. disable the web.forum.joeblow address except for some selected senders, 2. immediately know that the phishing message is a scam because your bank would not write you to this address.

    Note: Yes, I _did_ have to abandon my old email address because it was mass-spammed all the time. The spamgourmet server filters out the crap (spammed addresses are disabled) and then forwards my email to a private "secret" address.

    There are also various features that limit the ability of a random spammer to attack your account.

    The code is free. Right now there is only one public spamgourmet server. It would be nice if someone picked the code and created his own replica. And of course, the project could use more coders.

  • I replied to this topic last year (I think). what I (sort of) said then still applies.

    A fix depends on email server software allowing the email recipient to easily define and edit an approved list based on content of one data packet. SPAM in one data block is not really possible, but a bank ID, purchace transaction number, many other unique identifiers like family or friends names, email addresses, fit neatly in one content data block (beyond routing history) and leave little or no room for SPAM content. A
    • Your idea is a good one, but a bit too limiting. If you step back from some of the terms (e.g. "data block") and look at existing implementations, I think you'll see that an authentication system (of which, for example SPF is a good first step) combined with SMTP-time weighting of the headers (something like SpamAssassin, but working only with header information) and then a reputation system with a few for degrees of granularity than you suggest above, still meets the basic requirements you set forward.

      The
      • Thanks, I agree, maybe a bit to limiting .... I am not a big fan of most bulk filter list generated for mass consumption. I always want everything, then I limit as needed on IP-subnet/domain/.... Authentication of frinds, family, interest, ... is a personal activity for me not for an ISP and/or government, and for me good reputation I limit to friends and family, but remain open to most content/news/....

        If an ISP/Domain could scan a personal reject email list (... many of them ...like all accounts) SPAM so

Slashdot Top Deals

Promising costs nothing, it's the delivering that kills you.

Close