Bad guys winning

The Times confirms what many of us had suspected, that spam has suddenly exploded again as the assholes who send it found new ways around filters. Anyone who thinks that spam is a problem that has been or will be solved with technology alone is wrong.

  • I agree completely, although why these assholes believe that I might change my mind about the service offering i’m trying to block and therefore keep bombarding me I don’t know.

    The people who must take responsibility for spam are the assholes that reply, that actually justify these pricks in the first place, it’s the same with cold calling and junk mail. If nobody responded there would be no money in it and no point. Any active boycott of any company that uses spam, cold calling or sends junk is the only way to finish the bastards.

  • Andrew

    I do not understand why challenge-response systems, where senders not in the receipient’s address book or approved senders list, have not caught on. Though I understand these systems are not friendly to certain disabled web users, it does seem to be an effective deterrent from bulk senders.

  • Charging a small amount to send a message would put a stop to this at little cost to the average person. Even one cent per message sent would be very expensive to a spammer sending out a million messages.

    Those who use hijacked machines would still fail since the collection system could be set up with the ISP’s such that there is a pre-paid nominal account for email and any sign that this is being exceed would stop further traffic.

    What would happen with poorly managed foreign servers is something that would need to be worked out as well. Perhaps a new international body which mirrors the ones sent up for post and telegraph and radio spectrum allocation. Countries that don’t follow the rules would not be allowed to transmit traffic into the international part of the internet.

  • Glyn,,1954392,00.html

    If people are interested this recent article in the Guardian briefly analyses various approaches to spam: Password Systems; Challenge-response systems; Pay per email; ISPs block on port 25 email (No, I don’t know either); and Limiting emails sent per day.

    Here’s an extract about Challenge-response systems:

    “These are a phenomenally bad idea. Primarily this is because on almost all spam, the From: and Reply-To: address is nonexistent or forged. So you receive a spam and end up sending a challenge into the ether, or to the wrong person. In effect, you are spamming them with your challenges.
    Even if spam didn’t forge addresses, by using a challenge-response system you are essentially outsourcing your anti-spam operation to a myriad of third parties. Do you trust all those third parties reliably to accept the challenge? A number of people will automatically junk any challenges they receive – and, similarly, a number of people will automatically reply to any challenge they receive, regardless of whether or not they sent the original message. (That lets spam through to the challenger.)
    There’s also the issue of deadlock. Suppose you and I both run a challenge-response system. I send you a message, and don’t whitelist you. You send me a challenge. I send you a challenge in response to your challenge … and neither one is ever responded to.””

  • Ethan

    What about the Iraq Study Group, Jeff? Care to comment on the failure of the war you used your loud, prominent voice to cheerlead for?

  • Can we solve the spam problem by killing all the spammers? Please?

  • Screw web 2.0, I really want email 2.0 to come out.

  • The first way to kill spammers is to encourage people to NOT put their email addresses on the web. That’s just begging to be spammed. (Jeff, you’re guilty of this…) You don’t put your SSN on the web. Why put your email address there?

    Second, companies should never be able to give/sell your email address with their business partners, whether you give them permission or not.

    Third, any company that uses spammers to promote their business should be publicly listed as such and actively boycotted.

    Fourth, much of the internet is smart enough now that a challenge response is not necessary. In fact, ISP’s and others should be able to simply void any email that comes through no reply address, etc. Why even let these come through?

  • John F.

    The problem can be solved with existing technology, e.g.:

  • I HATE spam! (and pop-up ads…, and…)

    Since I have my own domain, I’ve been able to effectively stop all spam coming to me by changing my primary e-mail address and setting up the old address as an auto-responder. It’s wonderful not having all that trash to filter through. Now spam is starting to make it’s way through the corporate firewalls and filters at work. However, I can fix that, too. (I’m on the threshhold of retirement.)

  • By the way, to then receive an email from your web site, you create an email form. I’m sure that your son knows how to do this. But no email address is exposed.