Spam: Is an end to it coming?

We all get spam, and I guess some people use special email addresses when ordering stuff etc to avoid it as much as possible. But, even so, other people forwarding an email with your address on it, or sending one of those e cards or webpage referral is an opportunity for an emial address to be harvested.

Filters are pretty good these days, but even so, the burden on the web that is given by all this crap traffic really bugs me. I have got a couple of domains, and I get an absolute shitload of returned mail, auto responders and even some personal abuse type mail directed my way because the spammers put whatever ‘reply to’ address in their spam that they like. I guess the ratio of spam/legit mail I get is up to about 100/1. Shocking.

So, it got me thinking.

Why doesn’t the internet protocol people set up some sort of certification system for SMTP or whatever the sending mail protocol is?

What I am meaning is if every mail server first had to verify that the ‘reply to’ mail address is genuine by getting the mail authoring tool (outlook, outlook express, eudora, lotus etc etc) to send a secure code to the server along with the mail. Then if the code doesn’t match what is held on the server, then it is treated as spam.

Even some of the relay servers could send the code to the domain’s server to check.

Eventually, to get full anti-spam, everyone would need to upgrade/patch their email authoring s/ware and set up the server code. The idea is that any mail that is not using an authorised reply to address will be treated as spam, but not only that, the spammers can no longer spoof other people’s emails.

I am probably missing something, but there has got to be something done. This might slow sending a mail down a tad, but we are talking a tiny amount of extra data. Of course, the offset that there will be reduced crap traffic out there would more than make up for it.

/rant.

Your plan has already been suggested. It hasn’t been put into action because the major players either want to impose their own proprietory system, or won’t back a plan that involves someone else’s.
Meanwhile… email is rapidly approaching the point where it’s useless. I’m seriously thinking to implement a whitelist and friend code barrier, and dev/null everything else. If people really want to get in touch with me they can use the phone.

I support the death penalty for spammers. Chinese style, bullet in the head, bill sent to the family for the ammunition. I’d have them executed twice if it were possible.

I wonder if the makers of that Spam meat in a can are pissed that their name is used for junk emails. Just a thought…

A major pitfall is that a lot of spam these days doesn’t fake its origin. It gets sent by computers belonging to innocent people, which have been taken over by a virus. Then it uses their email to spam people.

One solution that has been suggested would be to make people pay a tiny amount of money to send an email - a few cents maybe. That wouldn’t be a big deal to actual people, but to spammers (who get a response rate of about one in ten million), it really would.

But of course, the internet is so huge and heterogenous and political that getting any kind of uniform solution in place is gonna take decades

[quote=“Brendon”]A major pitfall is that a lot of spam these days doesn’t fake its origin. It gets sent by computers belonging to innocent people, which have been taken over by a virus. Then it uses their email to spam people.

One solution that has been suggested would be to make people pay a tiny amount of money to send an email - a few cents maybe. That wouldn’t be a big deal to actual people, but to spammers (who get a response rate of about one in ten million), it really would.[/quote]
But wouldn’t that mean that I have to pay if the spammer uses my account via the virus?

Hmm. I can’t access my bank account in Hong Kong from work because the servers flip every few seconds. I’m not sure why this happens but I bet it would make all my email appear as spam under the proposed system?

Also as a non-spammer how do I control who gets email from me. For example if I get an email address sent to me as someone who is interested in my product should I send a request first to check that the recipient is happy? Would that request in itself be seen as spam? I use an opt out link, and use it genuinely and would never ever sell my database (even the opted out people) but many people don’t trust the opt out because it has been abused by others less scrupulous than I.

Maybe if you look at the problem from two sides you can come up with a better solution?

Most definitely. After all, they sued the muppets for naming a wild boar Spa’am, claiming it would harm their trademark. Not surprisingly, that was a humorous lawsuit.

cyber.law.harvard.edu/metaschool … hormel.htm

They also tried to register “spam” as a trademark in the EU for unsolicited emails, to block others from using the word, but they failed.
zdnetindia.com/news/security … 56191.html

Incidentally, here’s the Monty Python skit that purportedly led to the use of hte word spam to refer to unsolicited commercial emails:
youtube.com/watch?v=8y6pm1W1 … ed&search=

[quote=“Edgar Allen”]Hmm. I can’t access my bank account in Hong Kong from work because the servers flip every few seconds. I’m not sure why this happens but I bet it would make all my email appear as spam under the proposed system?

Also as a non-spammer how do I control who gets email from me. For example if I get an email address sent to me as someone who is interested in my product should I send a request first to check that the recipient is happy? Would that request in itself be seen as spam? I use an opt out link, and use it genuinely and would never ever sell my database (even the opted out people) but many people don’t trust the opt out because it has been abused by others less scrupulous than I.

Maybe if you look at the problem from two sides you can come up with a better solution?[/quote]
Well as long as the mail contains a code file, it shouldn’t matter if the sending server changes it’s IP. It’s more application controlled than server, except for the SMTP verification.

The best way to control the second problem you mentioned would be to allow advertising emails to registered spammers only. And, again, they have to use their verification code to send anything.
What it means is that you then have the option to set up what advertising you area happy with (remembering that not all advertising email is bad. Eg, I get flyers from Page One every month or two that I like to read, I am on a few job search databases that send out matches, and plenty of B2C sites have alerts - stocks, auctions, etc)
The spam registration set up could mandate that any mail without a code or considered as spam, is directed to the spam forwarding servers where it is either dumped, or forwarded to recipeints who have agreed to receive it.

For a nominal fee, consumers would have access to ALL spam registrars by category and company, and could set up rules accordingly. Maybe once a month, the spam big brother could send out a single email with a list of companies that have requested to send spam to me - if I ignored the mail, they don’t get the authority to send it to me. I’d pay $10USD a year for that service, and if it added significant value to most people’s email, then I am guessing others would too.

[quote=“Rascal”][quote=“Brendon”]A major pitfall is that a lot of spam these days doesn’t fake its origin. It gets sent by computers belonging to innocent people, which have been taken over by a virus. Then it uses their email to spam people.

One solution that has been suggested would be to make people pay a tiny amount of money to send an email - a few cents maybe. That wouldn’t be a big deal to actual people, but to spammers (who get a response rate of about one in ten million), it really would.[/quote]
But wouldn’t that mean that I have to pay if the spammer uses my account via the virus?[/quote]

Yep. An excellent incentive to stop using software that lets you get viruses

But in seriousness, it’s reasonable to assume that a system which made you pay to send emails would also ask you for a password or such on each send, making it harder for viruses to exploit you.

To be honest… G-Mail’s spam filter works really well… i’ve only ONCE ever gotten spam in the inbox, with the rest all being sent to the spam folder… admittedly, once or twice a genuine email has been sent to spam, but they were from websites I had signed up to, which sent automated verification emails… but since I knew they were coming, no problem…

But yeah, my hotmail and other account that I use in Outlook get spammed big time… and I don’t even use the other email (hotmail I do) apart from family and friends email~

[quote=“x08”]To be honest… G-Mail’s spam filter works really well… [/quote]Yes, it is pretty good. I wish MailFilter Pro worked that well… Like Truant I have my own domain so it’s a bit of a nightmare. Some asshole has taken to spamming me from the ‘abuse’ account on my own domain, even though I haven’t opened such a mailbox. It’s taking the piss. :raspberry:
Seriously, email becomes a less valuable tool to me with each passing day as the volume of spam increases and the ratio of junk to genuine mail gets ever worse.

There used to be a bloody interesting article at a site called blackviper.com by an XP guru.

He claimed to not run any antivirus software at all, and had a detailed article about his filtering setup in Outlook. I implemented some of his ideas and it really did help out.

Unfortunately, black viper has gone now.

But, rather than just filter the shit, I am more concerned about the absolute clogging of the web by this unnessary BS. Sometimes I randomly open some spam to see what it actually says. More often than not it doesn’t even make sense anymore, so it’s not even that efficient from the sender’s point of view. It’s pure abuse. Cyber Graffiti.

Well Truant, maybe this is the real root of the problem. Moving all those terabytes of spam around requires more mail servers, more broadband connectivity, more operating systems and mail server software packages to be installed. Without that, would the industry still be growing? What incentive does the industry itself have to actually tackle the problem?

I guess that is the same logic as to why some countries feel the urge to invade others. War is good business.