|
Grex > Oldcoop > #376: The problems with Grex, e-mail and spam | |
|
| Author |
Message |
| 25 new of 480 responses total. |
tsty
|
|
response 127 of 480:
| 
Dec 1 09:00 UTC 2006 |
glad i started something progressive ... keep it up - thank you.
,.
|
naftee
|
|
response 128 of 480:
|
Dec 2 19:37 UTC 2006 |
tajnxxxxxxxxx tws
|
remmers
|
|
response 129 of 480:
|
Dec 6 15:55 UTC 2006 |
There's an article in today's New York Times about the recent upsurge in
spam and why methods of dealing with it that were reasonably effective a
few months ago are now failing.
http://www.nytimes.com/2006/12/06/technology/06spam.html
According to the article, spam volume has doubled in the last year, 90%
of internet email messages are spam, and spammers have developed new
techniques that are very effective in getting past existing spam
filters. The article has interesting details on how spammers are
foiling the filters and why they remain motivated -- there are still
enough suckers who fall for their scams to make them money, often a 5%
or 6% return in just two days.
Anti-spam companies are scrambling to develop techniques to filter the
new breed of spam, but they have a way to go to catch up. If and when
they do, spammers will invent new techniques to get around the new
filters, judging from past patterns.
My own experiments with spam control on Grex tend to bear out what the
article is saying. A few months ago, SpamAssassin filtered over 90% of
the spam coming to my mailbox. I reactivated the filter yesterday, and
it was catching less than half of it. In fact, the spam score of most
of the junk messages was 0.0, meaning that SpamAssassin didn't think the
message was suspicious at all.
SpamAssassin has a "learning" feature (the "sa-learn" command; you can
tell it that messages it let through are in fact spam, and that's
supposed to make it smarter about filtering in the future); I've been
playing around with that and will see if it really improves things. But
it's somewhat cumbersome to use. I'm sure users want a spam solution
that "just works" rather than something that requires constant care and
feeding.
The trouble is, nobody has such a solution. Given that companies that
specialize in spam filtering and actually pay their programmers are
having such poor success nowadays, I'm pessimistic about Grex's
prospects of effectively controlling spam, at least in the near term.
Giving users the option of turning off inbound mail entirely seems more
and more desirable.
|
rcurl
|
|
response 130 of 480:
|
Dec 6 17:33 UTC 2006 |
Spam might be thought of as an infection, and spam blocking is equivalent to
antibiotics. However is there any potential for *immunization*? I imagine an
"anti-spam bot" that infects people's computers with a spam-bot killer
application. I can see an ethical question in this - immunizing users'
computers without their knowledge - but that is till better than the
infection, especially as the "anti-spam bot" could be made to have no side
effects.
|
remmers
|
|
response 131 of 480:
|
Dec 6 17:52 UTC 2006 |
Interesting idea. I can see various problems with it but won't discuss
them here, as this item is supposed to be about what measures might be
feasible for Grex to take regarding the spam problem.
|
keesan
|
|
response 132 of 480:
|
Dec 6 18:00 UTC 2006 |
I change my filter every day or two when the subject line of the stock spams
changes. Today it is 'check this' with a name, some days just a name, some
days 'name here' etc. Labor-intensive but I get less than 10 spams a day,
most of them in the spam folder (anything on the spamcop or sorbs list which
slips through spamassassin goes there). I am also dumping inline images,
javascript, 3DContent, and all Windows charsets, and whitelisting any friends
who use that junk, if I find their mail in my log file.
I dump anything mailed by The Bat!
|
mcnally
|
|
response 133 of 480:
|
Dec 6 18:14 UTC 2006 |
Sindi is using what could probably be thought of as the Howard Hughes
method of spam immunization.
|
rcurl
|
|
response 134 of 480:
|
Dec 6 18:50 UTC 2006 |
That takes probably more time than just deleting it.
|
nharmon
|
|
response 135 of 480:
|
Dec 6 20:42 UTC 2006 |
Re: Anti-spam immunization, there are groups that do something like
this except for exploit botnets not necessary spambots. I think its
called the Honeynet project.
|
keesan
|
|
response 136 of 480:
|
Dec 6 21:23 UTC 2006 |
I consider it fun to tune the spam filter, but unpleasant to have to delete
spams. And it only takes a few minutes a day to analyze what is slipping
through. I seem to be missing a lot of the Windows-1252 stuff, it gets
through the beginning of my filter, don't know why.
|
void
|
|
response 137 of 480:
|
Dec 7 02:32 UTC 2006 |
I rather liked the Alan Ralsky method of deterring spam...people found
out his home address and signed him up for every kind of junk snail mail
they could think of. Too bad other sapmmers' home addresses are not so
easily found.
|
gull
|
|
response 138 of 480:
|
Dec 7 04:05 UTC 2006 |
Re resp:130: The idea of retaliating against spam bots surfaces every
so often. It's been tried, but there have always been problems with
mis-targeting, collateral damage, and legal liability.
|
rcurl
|
|
response 139 of 480:
|
Dec 7 06:37 UTC 2006 |
It would have to be done in the same spirit of the spammers - undercover.
Is there a discussion somewhere of mistargeting and collateral damage?
|
krj
|
|
response 140 of 480:
|
Dec 7 19:26 UTC 2006 |
Just as a personal whiny datapoint: I had 180 spam e-mails in my
work e-mail this morning, which had all arrived since I left
work the previous day. This extrapolates out to close to 300 per
day; this would mean that my spam load has tripled since early
November, when I was getting about 100 per day.
If it triples again, my work e-mail account will get close to 1000
per day.
There is no reason to assume this growth curve will stop short of
the collapse of the e-mail infrastructure.
On Grex, /var/mail is full again.
|
keesan
|
|
response 141 of 480:
|
Dec 7 19:51 UTC 2006 |
I think we should bring back the 100K mail limit, 1MB mailbox limit, and
delete mailboxes of anyone who has not read their mail in 1 month except for
members.
|
rcurl
|
|
response 142 of 480:
|
Dec 7 20:04 UTC 2006 |
Given the spam load, a 1MB mailbox limit could be reached in one day - the
limit should be big enough to allow a week's worth of mail since not everone
can log in daily (like I usually do - but then, I will be away and possibly
out of touch over the holidays). What happens to mail when the limit is
reached?
This is another reason for a general Grex filter for the spam-of-the-day
variety.
|
cross
|
|
response 143 of 480:
|
Dec 7 21:00 UTC 2006 |
This is yet another reason for grex to adopt an ``opt-in'' email strategy.
The fact of the matter is that most grex users don't use grex email (and by
users, I'm referring to the vast, vast majority who never touch the BBS or
party). So their mailboxes just get full and sit on the disk, taking up
space, but full of useless spam.
A far better solution is to, by default, not to premit users to send *or
receive* email unless they specifically request it. Then set up an automatic,
and verifiable, way to determine who gets access (or allow some group of
people to ``sponsor'' email access).
The model could be this:
You login via newuser, create an account, and have no network or email access.
Say you want email access. You run some program that tells you to submit a
$1 one-time donation via PayPal; then you get access. If you cannot do that,
you can be told to ask a member to sponsor email access somewhow. E.g., send
a write message, run another program to request access that sends a message
on your behalf, etc.
There should be a program called ``sponsor'' that allows members to set up
accounts and email access for new users. So when Sindi donates some obsolete
computer to some random person, she can beforehand create that person an
account on grex. Then, once they get said computer, they can just dial in
as normal and be shown how to use, e.g., mutt for email access. *They* don't
need a PayPal account since we trust Sindi to vouch for them.
International users are by and large looking for Unix access, not email. They
can either use PayPal to verify their identity, or use ask someone to sponsor
them.
For that handful of users who *do* actually use email, a mixture of an
aggressive spam and virus filter coupled with subscribing to the various spam
detection services and blacklists would greatly reduce the amount of incoming
spam. Anyone who wanted to go further could do something like use Sindi's
filter.
|
edina
|
|
response 144 of 480:
|
Dec 7 21:07 UTC 2006 |
If someone wants to eliminate my email account, consider this
permission to do so.
|
keesan
|
|
response 145 of 480:
|
Dec 7 21:33 UTC 2006 |
How about emailing everyone asking if they want to keep their email account,
and if they don't reply and have not accessed the account for amonth, delete
it except for the 40 paying members. Limit everyone to 1MB and they can
forward mail some place else if they go on vacation away from a computer.
Make the spam filter optional, for people who like 1MB of spam in their box.
|
twenex
|
|
response 146 of 480:
|
Dec 7 21:41 UTC 2006 |
Emailing everyone to ask them something we could just as well ask them in bbs
would place a tremendous load on the system; then we'd get people asking
grexstaff to gun the job of the luser consuming unreasonable amounts of system
resources by emailing everyone to ask them if they wanted their email account
left open and do we really have to email everyone.
For the record, I have too many places on the net where I've given my grex
address to to even think about finding them all and redirecting email, so
unless grexemail becomes a paid-for service I'd like my email account to
remain open, please.
|
gull
|
|
response 147 of 480:
|
Dec 7 22:24 UTC 2006 |
Re resp:139: Well, for starters, remember when Grex's mail was blocked
by some sites because SpamCop had labelled us a spammer? Imagine how
much worse it would have been if SpamCop had instead launched some kind
of active attack against us to try to saturate our network connection
or shut us down. That's the sort of thing that can happen.
Lycos tried a screensaver that would bombard spam websites with
requests, but pulled it after a few days:
http://www.eweek.com/article2/0,1759,1735539,00.asp
|
mcnally
|
|
response 148 of 480:
|
Dec 7 22:51 UTC 2006 |
I think the idea of sending a system-wide e-mail to users asking them
to opt-in to e-mail before a certain deadline or be opted out has
potential but needs some further thought put in to how it will be
implemented.
But it would greatly reduce the strain on Grex's e-mail system if we
could eliminate the thousands of e-mail boxes that aren't being used.
I might recommend starting out small with this change -- for example,
identify a batch of, say, 200 users with large mail spool files but
who haven't logged in regularly and try it out with them. If the
approach proves workable, then start working one's way through the
password file. This should be implemented in conjunction with a new
opt-in system for e-mail and changes to newuser that give users the
option to decline e-mail on Grex or to set up automatic forwarding
to another site.
|
cross
|
|
response 149 of 480:
|
Dec 7 23:08 UTC 2006 |
Regarding #146; Well, for starters, the vast majority of grex users never
use BBS. At least not regularly. I don't think there's an intention to
delete the mailboxes of active users. I don't know that sending an email is
going to be a particularly efficient use of resources, either. I'd modify
the system login procedure to force a check on login for pre-existing users
and non-members. Or just make it the default for new accounts and run
expire for most of the old, stale accounts.
Regarding #148; I think you could grandfather existing users and use the
normal account expiration mechanism to weed out most of the idle accounts.
I wonder when the last time a reap was run....
One thing that I think is important is that, for users creating their own
accounts via logging in as newuser or using webnewuser, opting into email
should be a *separate process* that can only be done once they've created an
account on grex. It shouldn't be a part of newuser (though it should be a
part of the process by which members can sponsor other accounts). The only
two options when creating a new account should be forwarding mail offsite or
discarding email sent to that user, with instructions on how to opt into
mail after the account has been created.
I don't think any of this is particularly hard to implement; it just needs
to be done. It doesn't require an army of volunteers to process manual
requests, either; most of it could be automated.
|
keesan
|
|
response 150 of 480:
|
Dec 8 00:23 UTC 2006 |
Would a reap today keep incoming mail from bouncing for a while?
|
keesan
|
|
response 151 of 480:
|
Dec 8 01:17 UTC 2006 |
6 spams in 10 minutes x 6 x 24 is about 900/day.
|