Wholsalers America-Its Time To Make Some Real Money (fwd)

Jim Choate ravage at ssz.com
Thu Mar 29 17:27:45 PST 2001 


    ____________________________________________________________________

       Beware gentle knight, there is no greater monster than reason.

                                             Miguel de Cervantes

       The Armadillo Group       ,::////;::-.          James Choate
       Austin, Tx               /:'///// ``::>/|/      ravage at ssz.com
       www.ssz.com            .',  ||||    `/( e\      512-451-7087
                           -====~~mm-'`-```-mm --'-
    --------------------------------------------------------------------

---------- Forwarded message ----------
Date: Thu, 29 Mar 2001 17:34:57 -0500
From: Marcus Watts <mdw at umich.edu>
To: coderpunks at toad.com
Subject: Re: Wholsalers America-Its Time To Make Some Real Money 

Various have written:
> mkb:
> > > seems feasible to me to keep out a lot of the spam while still
> > > allowing anonymous posters to contribute.
> 
> spiff:
> > see here:
> > 
> > http://www.toad.com/gnu/verio-censorship.html
> 
> oi.  
> 
> i was thinking of it more from a technical standpoint than a political
> one.  a few simple filters would stop a lot of the spam without much
> impact on anonymous posters.  for example, don't allow messages that
> don't list coderpunks at toad.com on the To or Cc headers.

"coderpunks at toad.com" would match To: fields of 26 of the last 60 spam
messages.  No hits in cc: - guess it's not so popular in spam.  There's
also "resent-to" and "resent-cc", and of course bcc (and how do you
spot that?...)  Of course, anything to "Undisclosed.recipients at toad.com"
is pretty glaring.

To be really effective, a spam filter has to look for less obvious
"spam signatures" that aren't so easily spoofed.  For instance, there
was once a spam package that sent out date fields that looked like:
	Date: 1/6/99 9:17:27 AM Pacific Daylight Time
(and since when has PDT applied in january?)  Authors of real mail
programs have to worry about y2k considerations, international users,
and other considerations that never bother spammers.

I've got "a few simple filters" on all mail I receive (actually, more
than a few these days), including that from coderpunks.  Until these
last 2 flurries of spam, I thought I was doing pretty good.  I did
catch a few, but it was like 10%--pathetic.  Now I understand (from the
URL above) why my filters lost it big-time - apparently I'm filtering
the spam that's already been through "a few simple filters" upstream of
me.  It looks like I'll be doing a lot more content based spam
filtering.  I've already got 3 of them going...

I don't know what toad.com says [if anything] when it bounces spam, but
I bounce spam with a bible quote.  Last thing I want to tell the
spammer is how to get around the filter.  I hope instead they'll pull
my address from their list as "undeliverable".  Unfortunately, I also
bounce the occasional legitimate mail with a bible quote - them's the breaks.

I hate to think this might all be due to some silly dispute with
an ISP -- things ought not to get to that point.

One random thought: I wonder if we've created any of this problem
ourselves?  For instance, if any of us has an automated script that
sends a spam complaint off to the "responsible parties", it's
possible those scripts have decided it's toad.com's fault the spam
got sent, and fired an inflamatory message off to verio...
I know I don't do this (I no longer get mad, I get even.  My filters
protect 20,000 mailboxes...), but perhaps others of us?

> i'm sorry to be filling up the list with anti-spam talk rather than
> crypto talk.  i did try to contact the moderator directly.

Me to (well, except I didn't try to contact the moderator--which is um,
don't we have more than one?, um...)  That's the problem - both when
the spam overwhelms legitimate content, and when talk turns to dealing
with the problem.  I had proposed the "few simple filters" approach on
the list a long long while back--wish it had been done sooner so the
spammers wouldn't have had quite so many CD-roms out with coderpunks@
on it.  The latest round of bounces had me seriously wondering about
just was happening (had space aliens swapped the brains of Spamford
and Gilmore?)

A more "interesting" way to do the "simple filter" approach (and one
that might actually have some real relevance to the purpose of this
list!) might be something that actually uses cryptography.  For
instance, one solution might be to have a web server that supplies a
cryptographic "token", good for one mailing through the mailing list.
Simply cut & paste somewhere in the body of the message, and the mail
list software could remove the token before delivery.  It can even be
anonymous (web server hands it out to anyone) - the idea here isn't
actually to secure or authenticate the content, but simply to put an
obstacle that prevents automated scripts, regular mmf spammers and the
usual lot of scum from actually posting anything to the list.  If
mail missing the token is delivered to the moderator(s) even mail
missing the magic token could be forwarded if it were relevant,
although I don't think the moderators would want to encourage this
as a matter of habit.

					-Marcus

More information about the cypherpunks-legacy mailing list