Anti-spammers urged to gang up The combined efforts of anti-spam products outperform any individual products alone, according to an experiment by Virus Bulletin, the independent security certification organisation. In a comparative test, almost 200,000 sample emails were sent to 14 different anti-spam products that were required to filter out spam messages …
Reading the article title I had the faint hope that someone was trying to try and resurrect the Blue Frog concept in some form or other. To my knowledge that's the only anti-spam mechanism that has been worrying enough to the spamming community for them to collaborate in bringing their botnets to bear against the threat.
Every spam filtering system that is well-maintained achieve the same results. The problem is the 'well-maintained' bits that requires _a lot_ of manual work by the sysadmin and the cooperation of the users. And with cooperation I don't mean whining and bitching as usual.
Any spamassassin+clamav will achieve the same results as 14+ commercial solutions, but you have to pay the sysadmin. And not 'any' sysadmin, one that knows what the fsck he is doing.
Blue Frog system was very good in the way it stoped spam and very bad for the spammer as it had the side affect of DDOS the hacked mail servers with request for removal emails and was crashing a lot of spammers servers due to load (as each blue Frog computer would send 3 emails back i am guessing differently formatted)
currant system uses learning system or Manuel spam list blocking
The more widely a content filter is used, the more spammers will know how to avoid it. Bot armies have no or little costs to operate and they can parallelize attacks on these filters trivially. Has spam gone away because of these filters? No. Will a theoretical 99.89% accuracy make any difference? No. Filtering mail by content encourages networks to do nothing about their compromised systems. Spamming will increase as needed to compensate. The only end result is that everything is running a lot slower than it should, with resources wasted on a massive invisible battle that can have no victory.
Change the filters to block by network ownership and suddenly there's an incentive to keep customers clean.
if the anti-spam product makers start working together, in the long run won't the resulting products converge to the point where they are no longer different enough that a multi-product solution would improve things? At which point the resulting monoculture makes things easier for the spammers.
Back in the day when i hosted my own email, we shelled out $500 bucks or so every month for a spam filter.
Did you? Have the spammers reimbursed you for it yet? The big providers are getting their money, it's time us little guys shared in these pies.
The class of spam injured like you and me needs to find a law firm that will sue the class of spammers. It would be nice if the big guys would would let us opt in to their suits.
Spammers have hella money. The courts have already established that spammers must pay. We just need to automate the process.
Reporting and tracking tools are easy to build. I have a domain that has been on the spammer's CD's since the very first (port 25) spamming tools. I have hundreds of addresses that are receive 100% spam. I think i read about one of the filtering software companies that uses this system. Before I outsourced filtering I added fake users such as AARON@mydomain.net to trap incoming spam.
If we band together and make it a class action, Using technical + legal automation we can make spamming more expensive than speeding in a photo-radar zone. Spammers are the ultimate freetards, so raising the price should drive most of them out.
Grenade... Don't forget to lube it up before inserting into spammer.
The problem there is that the anti-spammers don't have the right economic model. I think many of them have outstanding motivations, but without the economic model, they don't have the legs to outlast the spammers in the marathon.
Therefore I think we need to leverage the key characteristics of the spam against the spammers. (1) The spammers need to contact humans, specifically the few humans who are so stupid as to send money. (2) The other humans who hate spam are much more numerous.
Here is my suggestion of how to leverage these two characteristics to (sadly only metaphorically) cut the legs off of the spammers:
http://metablog-shanen.blogspot.com/2009/11/removing-spam-in-signal-helping-good.html
Of course, if you ask me, we shouldn't stop cutting with the spammers' legs. Also, we should be cutting the spammers with something suitable. Perhaps a really dull chain saw with a worn out motor that keeps cutting out and needing to be restarted. About two inches at a cut, too... Okay, it's just a pleasant fantasy--but I'm sure that my suggestion would help to tip the scales against the spammers.
...is set up your own homebrew Blue Frog and send an autoreply to the worst of the spammers with a list of laws they are breaking, penalties to be paid etc. I did this back in the last century and it didn't go well:
Result 1: I was barred from sending email within 2 hours by my ISP as they had seen a flood of emails leave my account and they hoofed me for spamming. Took 3 days to sort that out.
Result 2: All my campaign did was confirm that I had a working email address. My spam doubled in short order.
Ah well, it was worth a try. It definitely wouldn't work these days, as spammers usually spoof the reply-to address, so you'd be sending to the wrong person. Just in case anyone is thinking of trying something similar.
Yes, bad idea :)
I think the bit that worried the spammers so much about Blue Frog was that its client software followed spamvertised links to the extent that the Blue Frog community were essentially DDOSing the spammers sites. The quote that sticks in my mind is by Pharmamaster, one of the biggest spammers at the time Blue Frog was up and running: "Blue found the right solution to stop spam, and I can't let this continue".
Well, I got so fed with it that I made this quick and nasty free windows app:
http://spamshagger.cgisys.com/spamshagger.html
You just direct it to the offending beneficiary site and waste their bandwidth. Of course it would only cost them anything if many people used similar software on the same sites. Then penalty would be relative to amount of spam sent.
Yeah loved the blue frog..... Pity the guys who ran it turned out to be such pussies when the DOS attack started up.....
Personally I would have unplugged the server, gone fishing for a few days and the resumed grinding them down again, when I got back.
That or flown over there and shot them.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
