Spam blacklist project
Hi, The following idea just hit me. How about a server which maintained a list of people who don't want to recive SPAM? The idea being that email recpients who don't want SPAM send their email address to the list. A SPAMer who want to check an email to see if it is on the list could then obtain the SHA-Digested list of addresses and remove them from their internal databases. Of course I don't for a moment imagine that this will be 100% effective. Without government regulation there will always be slimeballs who send mail to people who don't want it. The advantage of this scheme is that it would mean that the spam industry can avoid regulation pressure and they can deflect criticism. Meanwhile recipients of unwanted spam have a legitimate beef. Comments? Phill
hallam@ai.mit.edu writes:
The following idea just hit me. How about a server which maintained a list of people who don't want to recive SPAM? The idea being that email recpients who don't want SPAM send their email address to the list. A SPAMer who want to check an email to see if it is on the list could then obtain the SHA-Digested list of addresses and remove them from their internal databases.
Of course I don't for a moment imagine that this will be 100% effective. Without government regulation there will always be slimeballs who send mail to people who don't want it.
The advantage of this scheme is that it would mean that the spam industry can avoid regulation pressure and they can deflect criticism. Meanwhile recipients of unwanted spam have a legitimate beef.
I proposed this very idea on Usenet a few weeks ago. Apparently the folks who send out spam e-mail (DEMMA) like it very much. (They're not masochists -- they don't want to mail people who'll mailbomb them right back or complain to their postmasters or otherwise make their lives miserable :-) Such a list should be maintained by a neutral third party, not by one of the junk-mailers for two reasons: they can't really be trusted, and their plugs get pulled all the time. Note that I also proposed making freely available lists of people who said they _do want to receive junk mail on various topics - to make *selling* such lists meaningless. I'll repost some excerpts from the Usenet thread to give you some idea of what's been discussed already, and what kind of discussion it was. 1. From: dlv@bwalk.dm.com (Dr.Dimitri Vulis KOTM) Message-ID: <PggZqD92w165w@bwalk.dm.com> A user asks a 'bot for a random cookie. The user e-mails the 'bot the cookie (for authentication) and his preference for unsolicited commercial junk e-mail: wants it, doesn't want it, or doesn't care The 'bot maintains an FTP site with 2 compressed lists of e-mail addresses: people who said they want junk e-mail and people who said they don't want it. (No list for "don't care's" is needed.) An advertiser preparing a mass e-mail campaign should take care not to e-mail the addresses that don't want junk e-mail. (A mailing list scrubbing tool should be provided.) Bothering people on this list would be a serious net-abuse On the other hand, sending unsolicited commercial e-mail to people who told the 'bot they want it, or who haven't bothered to tell the 'bot they don't want junk mail, is not net-abuse. Like it or not, if you post to Usenet, you can expect junk e-mail coming your way. It's your responsibilty to make it known that you don't want unsolicited commercial e-mail 2. From: clewis@ferret.ocunix.on.ca (Chris Lewis) Message-ID: <DuHrG8.6Fp@ferret.ocunix.on.ca>
I remind everyone of Dr. Grubor's brilliant proposal. (I will type slowly, so that even the Cabal can understand.)
Grubby's "brilliant proposal" isn't really Grubby's. It's been made by several spammers over the months. Eg: Slaton. Tyrell's InsideConnections. The "Direct Email Marketing Association". 3. From: dlv@bwalk.dm.com (Dr. Dimitri Vulis) Message-ID: <Jg02qD534w165w@bwalk.dm.com> References: <PmZiqD58w165w@bwalk.dm.com> <PggZqD92w165w@bwalk.dm.com> <DuHrG8.6Fp@ferret.ocunix.on.ca> <gkB2qD124w165w@bwalk.dm.com> <DuJ15n.9n4@ferret.ocunix.on.ca>
but if they agree to abide by his list and not to e-mail the people who indicated their desire not to be e-mail, it's just wonderful!
They won't.
From what I know of Slaton, I don't expect him and his associates to send unsolicited commercial e-mail to addresses that indicate to him that such e-mail is unwelcome
I get junk mail; I also see bounced junk mail addressed to nonexistent accounts like "antivulis@bwalk.dm.com" (used for forgeries by your pal Pidor Vorobiev). Sometimes the junk mail tells the recepient to e-mail some address to be removed from a mailing list. I tried it a few times, but the address would always be defunct by then.
Exactly.
You sound proud of the fact that there's no mechanism for me to let Slaton know that I don't want to receive unsolicited commercial e-mail?
It's particularly inexcusable if you're telling the truth and Slaton&co have indeed agreed to abide by the "don't-mail" requests.
I didn't say that they _do_ abide by them.
Of course they can't now There is no FTP site where a spammer can get (for free) the list of addresses to which junk e-mail shouldn't be sent. Nor is there a user-friendly way to add one's address to this "don't e-mail" list - yet
Even when they've invented the "don't-mail" process themselves, they don't abide by them. Slaton just used it as a means to extort money - he never intended to actually respect it.
Slaton&co shouldn't be the one maintaining the list of addresses that don't want junk e-mail. A deamon should do it, and the service should be free. By the way I don't recall Slaton asking anyone to pay for not being e-mailed. Unless you provide a quote, I'll assume you made this up.
And you know what? Not a single spammer uses any one of them. Including Slaton or Tyrell. They just sell the lists to other spammers.
Please explain how the spammers would _sell each other the list of addresses of people who DON'T want junk e-mail if it were _freely available for FTP. I think you overestimate their talent for salesmanship. :-)
It's called "fraud". They'd do it exactly the same way that Slaton sells his "products" and "services" which are known to (a) not work, and (b) aren't supported as promised.
You haven't answered my question, Lues. If the list of e-mail addresses of people who DON'T want junk e-mail is made available for _free for FTP, together with a tool for spammers to scrub their mailing lists of these addresses, and an easy way for anyone to add his or her address to this list for _free, then how would Slaton _sell this list to anyone?
You haven't answered my question, Lues. If the list of e-mail addresses of people who DON'T want junk e-mail is made available for _free for FTP, together with a tool for spammers to scrub their mailing lists of these addresses, and an easy way for anyone to add his or her address to this list for _free, then how would Slaton _sell this list to anyone?
Easily. What percentage of, er, mass internet advertisers would know that this site exists? I assume it would become a very large list, and would make a very atractive target for someone who wanted to provide email addresses to others for a fee. btw - my girlfriend just wandered by, and read this over my shoulder. She's the network operations center mgr. for a large ISP. She just got a complaint last night from a, er, Internet Direct Mail Marketer, who claimed that his outbound mail queue was filling up, and this was somehow the ISP's fault that he couldn't reach certain addresses on a list he had recently purchased. Sorta like calling the phone company and complaining that some numbers on a telemarketing list were disconnected, or that nobody answered :) I'd say it's a safe bet that the unscrupulous could easily sell a large, up-to-date list of email addresses of people who DON'T want junk email to people who want to send such mail. - r.w.
Rabid Wombat <wombat@mcfeely.bsfs.org> writes:
You haven't answered my question, Lues. If the list of e-mail addresses of people who DON'T want junk e-mail is made available for _free for FTP, together with a tool for spammers to scrub their mailing lists of these addresses, and an easy way for anyone to add his or her address to this list for _free, then how would Slaton _sell this list to anyone?
Easily. What percentage of, er, mass internet advertisers would know that this site exists?
Some mass advertizers are pretty bright and have good brains working for them. Others will be destroyed by the market forces.
I assume it would become a very large list, and would make a very atractive target for someone who wanted to provide email addresses to others for a fee.
Most mass e-mailers are in touch with one another via DEMMA, who's been promoting the idea of "do not e-mail" list. If such a list and the scrubbing software are made available for free on an FTP server, they'll know about it. If they can get away with e-mailing their stuff to hundreds of thousands of addresses and not having theur plugs pulled by merely scrubbing their lists from people who object, they'll salivate over this prospect and kick the asses of whoever jeopardizes their business by mailing to "unscrubbed" lists.
I'd say it's a safe bet that the unscrupulous could easily sell a large, up-to-date list of email addresses of people who DON'T want junk email to people who want to send such mail.
I rather doubt it. Business people tend to be much smarter than the geeks you see at academic computing centers and ISP's. --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps
-----BEGIN PGP SIGNED MESSAGE----- In list.cypherpunks, hallam@ai.mit.edu writes: [ a 'don't call' list of email addresses suggested ]
Of course I don't for a moment imagine that this will be 100% effective.
I think the figure you're looking for is closer to 0% than 100%
Without government regulation there will always be slimeballs who send mail to people who don't want it.
If you remove the first three words of that sentence, I agree 100%. If you replace the first word with "With", I also agree 100%. Regulations aren't the answer. Slimeballs don't care if there are rules. Furthermore, regulations for spam mean enforcement procedures. Looks like GAE is the only way to do it. Howzabout you can only send mail through a USPS gateway? Wouldn't that make it easy? {for the acronym-impaired, the E stands for email. the sarcasm-impaired probably already hit delete}
The advantage of this scheme is that it would mean that the spam industry can avoid regulation pressure and they can deflect criticism. Meanwhile recipients of unwanted spam have a legitimate beef.
You're asking marketing concerns to proactively limit their coverage in the absence of legislation or regulation. History suggests it would be less than completely effective. - -- Roy M. Silvernail [ ] roy@scytale.com PGP Public Key fingerprint = 31 86 EC B9 DB 76 A7 54 13 0B 6A 6B CC 09 18 B6 Key available from pubkey@scytale.com -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMj4n0Bvikii9febJAQGfEgQApg8urK9TpWxfggZTRNdvvHY0rYptrJyV zvcRjgcgQsB2aca2TekXNtiG/h6blfey46sdVTX2bpZFoC8nnSDn8fVikiG7epwo xuR5Zr5mGQiUwr+hMWxGIHf79BMuRAwahFQRXTroPK8Wo82nrVKamuK0qoXm+c++ kGugOkYMtHc= =dIo2 -----END PGP SIGNATURE-----
On Mon, 16 Sep 1996 hallam@ai.mit.edu wrote:
Hi,
The following idea just hit me. How about a server which maintained a list of people who don't want to recive SPAM? The idea being that email recpients who don't want SPAM send their email address to the list. A SPAMer who want to check an email to see if it is on the list could then obtain the SHA-Digested list of addresses and remove them from their internal databases.
Such a beast already exists: A simple search for 'spam' on www.yahoo.com reveals: The Internet Spam Control Centre : http://drsvcs.com/nospam/
Of course I don't for a moment imagine that this will be 100% effective. Without government regulation there will always be slimeballs who send mail to people who don't want it.
I think the internet will be better off without any government regulation. Governments tend to make a mess of everything they regulate. Cheers, Alex Le Heux /// I dabble in techno-house and sometimes, /// I do that badass hip-hop thang... /// But the F U N K gets me every time!
Not impressed by their setup, there does not seem to be any checking to see if the mail address is correct (ie to checlk for a denial of service attack) and the setup requires distributors to submit their list for "washing". That type of setup may be OK for the bush league but its hardly cypherpunk type stuff. Its fairly easy to set up a scheme in which the blacklist can be distributed with no risk to the subscribers. Simply use a SHA digests and so on. I hadn't checked on Yahoo, I tend to use Alta-Vista having found Yahoo somewhat arbitary in category definition. Phill PS Sites that use red text on a white background ... ugh!!!
On Wed, 18 Sep 1996 hallam@vesuvius.ai.mit.edu wrote:
Not impressed by their setup, there does not seem to be any checking to see if the mail address is correct (ie to checlk for a denial of service attack) and the setup requires distributors to submit their list for "washing". That type of setup may be OK for the bush league but its hardly cypherpunk type stuff. Its fairly easy to set up a scheme in which the blacklist can be distributed with no risk to the subscribers. Simply use a SHA digests and so on.
I didn't say it was their setup was the setup to end all spams :) But I never really gave it much thought. It shouldn't be to complicated to set some up like you describe though.
I hadn't checked on Yahoo, I tend to use Alta-Vista having found Yahoo somewhat arbitary in category definition.
I usually check on Yahoo first. Alta-Vista always comes back with such an enourmous amount of links.
PS Sites that use red text on a white background ... ugh!!!
Ah well... Some people never learn :( Cheers, Alex /// I dabble in techno-house and sometimes, /// I do that badass hip-hop thang... /// But the F U N K gets me every time!
participants (6)
-
Alex Le Heux -
dlv@bwalk.dm.com -
hallam@ai.mit.edu -
hallam@vesuvius.ai.mit.edu -
Rabid Wombat -
roy@sendai.scytale.com