Forgot your password?
typodupeerror

'Leak-Proof' Anti-Spam Solution? 90

Posted by Cliff
from the how-well-would-it-work? dept.
sikandril asks: "In an effort to help the Internet community and user-base at large in fighting spam, I have decided to put up this white paper for public review and remarks. As you will see, the system provides an almost 'waterproof' solution to spam blockage via an opt-in system. The main drawback is that everyone (except spammers or other evildoers) has to have this installed in order for it to work perfectly. A small number of installs means that unknown legit contacts still might show up as spam, albeit only for the first e-mail and/or until they too elect to install the software. I'm an independent developer located in Israel, and would love to hear your ideas regarding this."
This discussion has been archived. No new comments can be posted.

'Leak-Proof' Anti-Spam Solution?

Comments Filter:
  • by Bloater (12932) on Saturday April 22, 2006 @06:18PM (#15182121) Homepage Journal
    From TFA: "In an effort to help the internet community..."

    Bollocks, this is an attempt to get investors. What's the patent number?

    Am I a cynic? Hell yeah!
  • Obligatory... (Score:5, Insightful)

    by LiquidCoooled (634315) on Saturday April 22, 2006 @06:18PM (#15182124) Homepage Journal
    This article advocates a

    (x) technical ( ) legislative ( ) market-based ( ) vigilante

    approach to fighting spam. Your idea will not work. Here is why it won't work.
    (One or more of the following may apply to your particular idea, and it may
    have other flaws which used to vary from state to state before a bad federal
    law was passed.)

    ( ) Spammers can easily use it to harvest email addresses
    ( ) Mailing lists and other legitimate email uses would be affected
    ( ) No one will be able to find the guy or collect the money
    ( ) It is defenseless against brute force attacks
    ( ) It will stop spam for two weeks and then we'll be stuck with it
    ( ) Users of email will not put up with it
    ( ) Microsoft will not put up with it
    ( ) The police will not put up with it
    ( ) Requires too much cooperation from spammers
    (x) Requires immediate total cooperation from everybody at once
    ( ) Many email users cannot afford to lose business or alienate potential
    employers
    ( ) Spammers don't care about invalid addresses in their lists
    ( ) Anyone could anonymously destroy anyone else's career or business

    Specifically, your plan fails to account for

    ( ) Laws expressly prohibiting it
    (x) Lack of centrally controlling authority for email
    ( ) Open relays in foreign countries
    ( ) Ease of searching tiny alphanumeric address space of all email addresses
    ( ) Asshats
    ( ) Jurisdictional problems
    ( ) Unpopularity of weird new taxes
    ( ) Public reluctance to accept weird new forms of money
    (X) Huge existing software investment in SMTP
    ( ) Susceptibility of protocols other than SMTP to attack
    ( ) Willingness of users to install OS patches received by email
    ( ) Armies of worm riddled broadband-connected Windows boxes
    ( ) Eternal arms race involved in all filtering approaches
    ( ) Extreme profitability of spam
    ( ) Joe jobs and/or identity theft
    ( ) Technically illiterate politicians
    ( ) Extreme stupidity on the part of people who do business with spammers
    (x) Dishonesty on the part of spammers themselves
    ( ) Bandwidth costs that are unaffected by client filtering
    ( ) Outlook

    and the following philosophical objections may also apply:

    ( ) Ideas similar to yours are easy to come up with, yet none have ever been
    shown practical
    ( ) Any scheme based on opt-out is unacceptable
    ( ) SMTP headers should not be the subject of legislation
    ( ) Blacklists suck
    (x) Whitelists suck
    ( ) We should be able to talk about Viagra without being censored
    ( ) Countermeasures should not involve wire fraud or credit card fraud
    ( ) Countermeasures should not involve sabotage of public networks
    ( ) Countermeasures must work if phased in gradually
    ( ) Sending email should be free
    ( ) Why should we have to trust you and your servers?
    ( ) Incompatiblity with open source or open source licenses
    ( ) Feel-good measures do nothing to solve the problem
    ( ) Temporary/one-time email addresses are cumbersome
    ( ) I don't want the government reading my email
    ( ) Killing them that way is not slow and painful enough

    Furthermore, this is what I think about you:

    (x) Sorry dude, but I don't think it would work.
    ( ) This is a stupid idea, and you're a stupid person for suggesting it.
    • by e_AltF4 (247712)
      Was just about to post this form - thanks for saving me the work.
    • Seriously, this form is genius. Where did it come from? I've seen it a ton in comments. Any idea of the source?
    • Re:Obligatory... (Score:2, Insightful)

      by thorndove (726959)
      You went too easy on him
    • Come on, dude. If someone can seriously suggest this today, does he not rate "This is a stupid idea, and you're a stupid person for suggesting it"?

      Also the following definitely apply as well:

      - Ideas similar to yours are easy to come up with, yet none have ever been
      shown practical
      - Countermeasures must work if phased in gradually
      - Why should we have to trust you and your servers?

      In other words Sikandril (aka Ami Rodan), you don't know enough to know what you don't know. You're, what, 18 and in your first jo
  • Yet another FUSSP.

    Won't work, because everyone has to change.

    Naaah, the only way to stop it is to make it sufficiently unattractive to spam. Like by nailing their balls to the wall. And, most importantly, doing the same to the people who have their products spamvertised.

    • Naaah, the only way to stop it is to make it sufficiently unattractive to spam. Like by nailing their balls to the wall. And, most importantly, doing the same to the people who have their products spamvertised.

      AND you also have to sieze the spammer's client list. Not their spam list (ie: everyone they've sent an email to), but their actual, real live CLIENT list. Everyone they've sold stuff to.

      Then you track down those people, and nail them to walls as well.

      That way you've eliminated (or at least te

    • So what is the purpose of this system. I see plenty of stuff making it harder to put someone in the BCC but that will only help my email being leaked to a spammer. Well if they can not get it that way they will just guess ever possible email address. I have seen that bring down large email servers, so if I have to pick one then...well my email is on the company webpage like all the rest so who cares.

      Now a large scale PGP implimentation would determine if mail is being spoofed. Add that to a way to check
  • by FordPrfct (159271) on Saturday April 22, 2006 @06:26PM (#15182141) Homepage
    According to the article, this system is completely unbreakable! Unless, of course, the spammers decide to do things that are against the law.

    Heck, since we know that all spammers are good, law-abiding citizens, why don't we just pass laws against the spam, instead of trying to convince everybody in the world to use the same mail client?

  • This idea has been used before, I know sometimes when I email folks I have to jump through a load of hoops for it to actually get received by them.

    Mailing lists are a nightmare too, as would be getting any kind of automated response (invoices from online shopping etc) through.

    R.
  • Doh! (Score:3, Funny)

    by Limburgher (523006) on Saturday April 22, 2006 @06:33PM (#15182161) Homepage Journal
    Would-be spam fighter posts email address on public internet, gets linked to by /.

    Oops!
  • Yeah, sure (Score:3, Funny)

    by e_AltF4 (247712) on Saturday April 22, 2006 @06:34PM (#15182162)
    EVERYONE has to change to a NEW SOFTWARE/PROTOCOL and trust a CENTRAL SERVER controlled by a CENTRAL AUTHORITY and spammers have to STOP USING FAKE DATA and STOP USING BOTNETS (and probably all of us have to LICENSE THIS TECHNOLOGY).

    I clearly see this could work - NOT.
    • I have a 100% perfect anti spam solution. It hasnt failed yet. basically if the person is not in my address book or in a whitelist i create then the mail gets binned.
  • by FordPrfct (159271) on Saturday April 22, 2006 @06:37PM (#15182185) Homepage
    From the article:

    "6. Sixth, the system provides additional security and control over computer viruses which spread by e-mail - Client (1)'s connection with Server (2) is much harder to hack into than simply taking control of a regular e-mail client. Large and suspect amounts of key (4) requests from suspect client (1) can simply be blocked at the server level."

    Who said anything about hacking "the connection"? Once we have everybody using the same client, I am sure it is only a matter of time before somebody finds a vulnerability in it, and crafts a virus / trojan to take control of it. And you *know* that people will open it up. "It came completely verified from somebody on my whitelist! It can't be faked or a virus!"

    So Mom gets infected. It sends to everybody on her list. Because it was verified, it gets through to all of them, and they open it. Then to all of their friends. And so forth and so on. Not enough key requests from any one client to result in a block at the server level, and impossible to get ahead of it without blocking a significant portion of your userbase.

    Congratulations. You've reinvented Outlook, and given people a better reason to click on that attachment and perpetuate it.

  • Blah.. to accomplish true leak-free system, use two mail accounts, public spam account (use gmail), where user requests access to your real mail address, and the true account which you could host elsewhere, but it only allows mail if the sender address is listed on whitelist manually generated from the requests.

    Most spam will be caught in google filter, other stuff you can just label away. You should still see all valid mail access requests even if some spam gets through.

    If you get spam to the primary mail,
    • This works, unless you receive mail from gazillion random people every day.

      There are different categories of users with different requirements.

      The home user who connects to his/her ISP and downloads his/her email with POP3 and sends via the ISP's host has different needs than ...

      ... the small insurance company that deals with insurance agents and the occasional new individual ...

      ... which is different from Amazon or eBay.

      Your method works great for the home user who occasionally gets email from new addr

  • Yikes (Score:3, Insightful)

    by TheSHAD0W (258774) on Saturday April 22, 2006 @06:39PM (#15182197) Homepage
    The proposed solution relies on a centralized authority producing new keys for each person periodically, which is a recipe for disaster if a billion users sign up for it.
    • This post has merit - so far the only successful implementation of a centralized "mothership" server was done by the uber-congolo-hyper-mega-globo-corp Symantec. I used Brightmail and have to say it was the easiest and most effective spam solution I've used at a corporate level.

      /end corporate whoredom.

      In all seriousness though - I don't see "if you don't want junk mail subscribe to this entirely new Postal Service" catching on. Also to jump up a few comment threads - whitelists SUCK. Such is the p
  • ... but this probably wouldn't work because it seems to be a hastle for the people who would use it, from your white paper:

    "The defining characteristic of the client above (1) is that it does not allow placing of a large number of e-mail addresses in the to: cc: or bcc: sections (does not allow sending of the same message to more than e.g. 50 recipients) unless each one of the recipients has expressly given his authorization to the sender to be included in such a multiple e-mail distribution list/mass em
    • I understand your misgivings in this situation, but the fact remains that these restrictions (less than X recipients per e-mail sent) are already in place in most HTML based e-mail solutions as well as in traditional POP3 based ones (e.g the major ISP's over here have implemented a 'less than 50 policy' for customers).

      So yes, it requires an additional software layer IF you have a POP3 account or something similar. However, HTML based e-mail solutions can implement this transparently to the users. Think of t
    • And it forgets rule #1 of secure programming

      never trust the client
    • Can't a spambot just as easily send 500 separate messages in a row to 500 recipients as send one email with 500 people in BCC?
  • So, let's see, it's a glorified white-list relying on a central server and a dedicated email client. Ignoring the fact that we already have white lists (they don't work) and that a dedicated email client is a silly idea (you still have to cater for everyone who doesn't want to use it (e.g. spammers), so it's useless), how exactly do you imagine that central server thing working? Specifically, what happens if the server goes down? Email stops working? Or does your anti-spam system stop working? I bet it's th
  • by Anonymous Coward
    As you will see the system provides an almost 'waterproof' solution

    Would you go out to sea in an almost waterproof boat?

    Would you drink coffee from an almost waterproof cup?

    • There ain't no such thing as a waterproof boat. That's what bilge pumps are there for. Check out how many ships are continously pumping water out.

      Oh, that's right. American's aren't allowed to look at their ships anymore, in case they're planning a bombing mission.
  • The only way to prevent spam without completly reconstructing the email system is to use disposable email addresses.

    Give a different email address to every person that wants to be able to contact you. If one address gets compromised, disable it. Good email servers even have support for creating aliases using the + sign. (User+code@example.com will be sent to User@example.com). What is missing is an email client that automatically generates and tracks codes for each person you know.

    The above method only work
    • The easy way around that is getting your client to recognise when a user+tempcode@example.com address is used it asks you when it should expire when you recieve the first mail with it.
      Hell, you should be able to expire any temp address and move all future mails to the bin without your oversite.

      That way you can happily give out addresses without the client and pick up the pieces later.
    • yeah, great.

      So what email address do I print on my business card or company letter head ?

  • Really, what's needed is a second mail system. This communications system would take advantage of all we've learned in the 30 years or so since the first e-mail system was implemented. It would include voice, video, and IM communications as hooks to try to get people to join. Communication would necessarily be secure, signed, and verified along the channel to protect against attack. It would be somewhat decentralized, well-routed, and wouldn't fall prey to the middle-of-the-day mail floods.

    In short, it
    • There are lots of conflicting features that are desired, but I'd still like to see what features a new email system could have.

      Off the top of my head, I can think of;
      . Better handling of mailing lists/discussion groups/chat rooms.
      . Return recipit.
      . Unforgable ID's (or at least hard to forge).
      . No central authority.
      . Standardized rendering of non-english alphabets.
      . Standardized video/voice rendering
      . A lot less spam (not sure how to do it, but I'm sure I want it).
      . Attachments
      . Better error handling (especi
  • by mnmn (145599)
    While I was thinking about the OP's half-assed Microsoft-plagiarized antispam idea, I realized a slightly modified idea might work. You see, most antispam systems that can see your mailbox will whilelist everyone in your address book, and everyone you send emails to. Now clients like Thunderbird could once a day send your address book, and whoever you sent emails to, to a central server which will just collect the addresses and mark them. Emails which have a high incidence of ending up in someones address b
    • Unless spammers start setting up servers under the guise of security to harvest mails you send to them. Or that people who don't mark spam religiously have their dirty addressed uploaded because it is set on by default. Or.... or... or... Nope, next.

                    -Charlie
  • If you get into SpamAssassin and play around, it becomes as leak proof as anyone really needs.

    There are always going to be imperfections. Wise people plan for imperfection, rather than trying to hammer the world into one method.

    Also, isn't there something to be said for software diversity?

    Perhaps we'd like to recall the fun of Sasser and cousins thanks to the fact that everyone runs Windows.

    Yup. Getting everyone on one system sure helped there, right?

    • The only problem with SpamAssassin is that it is ALMOST perfect.

      Most of my users have setup rules so that the stuff SpamAssassin tags is automatically dumped into their trash. But they don't bother checking their trash much any more. They expect the system to always be right.

      Which still leads to the situation where someone thinks you've received their message but you haven't read it because it scored just over the spam level and it's sitting in your trash can.

      I would prefer a system that rejected messages a
      • Quarantine management is the biggest problem with most anti-spam solutions. My feeling is that mail should be rejected at the MTA or have such a high confidence level that you can leave quarantine management to IT.

        My mail path looks something like this:

        Greylisting (Postgrey) -> xbl.spamhaus.net (Only rbl I trust enough for a hard block) -> Custom Perl Filter to Spot UK Phishing Attempts -> SpamAssassin (Tags at 13) with ocrtext.pm/RBL+/Mailpolice -> ClamAV -> NOD32 -> Mailb
        • My path looks like this:

          Reverse DNS check (sendmail) -> SBL/XBL (Spamhaus) -> Greylisting milter -> SPF milter -> SpamAssassin -> procmail -> deliver

          The key element is procmail. Each user's procmail rules filter all spam scoring 10+ into a special folder that is initially defined as /dev/null, but can be changed by the user to a local folder if they wish to review it (in periodic reviews of my own mail box, I have never seen a false positive that scored 10+)

          All of the rest of the spam (5+
  • Why not use Blue Security's hashed "do not intrude" list? It comes with a spam reporting software, which (after manual processing by hired experts on the Blue Security facilities) sends complaints to the website in question.
    • Because it appears to be a windows only solution
    • Why not use Blue Security's hashed "do not intrude" list?

      Your own journal entry [slashdot.org] demonstrates how Blue Security's Blue Frog software can't work on much of the spam. And there are other reasons why it can't work on most spam. After reading Blue Security's FAQ, I see the following six fallacies, just off the top of my head... Actually they can be summarized as, "How can you possibly expect automated complaints to a form on a spamvertised website (if there even is a feedback or complaint form) will shame a spa

  • by Animats (122034) on Saturday April 22, 2006 @11:10PM (#15183008) Homepage
    Spam filtering technology is now working pretty well. That's what's driving this new "sender pays to bypass the filters" stuff. The spam filters don't care if there's some excuse under CAN-SPAM to let it through; they just recognize it as bulk mail selling something and delete it. Sellers hate that. Which is a good reason to keep the filters honest.

    The real effect of CAN-SPAM has been that most spam either gets deleted by filters, or involves a felony by the sender. The remaining spammers are either selling drugs illegally, trying to manipulate the stock market, or running a scam. That's ordinary law enforcement work, and it's now routine to hear of spammer arrests and convictions. We used to just have ineffective civil suits. That's over. Now they're doing hard time. It's not a safe business to be in any more.

    SpecialHam.com [specialham.com] is still up, and the usual suspects are still at it: "Looking for people with botnets to run ads! pm me for more details". But it's clearly a board for the clueless now.

    • The remaining spammers are either selling drugs illegally, trying to manipulate the stock market, or running a scam. That's ordinary law enforcement work, and it's now routine to hear of spammer arrests and convictions.

      Um, no. Spammers have been performing illegal scams and stock market manipulations ever since the first spammer. And I've never heard of any of them getting arrested. Heck, every time send such a scam to my local law enforcement agency, nothing happens and I don't even get so much as a reply
    • Spam filtering technology works well enough that I only get an average of one spam every seven hours in my inbox. The rest are filtered - which of course I have to verify to make sure I didn't miss anything.
  • In the posts I see here (I didn't read them all so I may have missed it) noone seems to have mention this HAS been thought of before and it never took off for the same reason that many have mentioned. I know I wouldn't consider using something of this nature for many of the already mentioned reasons.

    Being perfectly honest, as an ISP I wouldn't mind spam NEAR as much as I do if the @#$%@#%@# would atleast clean out invalid email addresses from time to time and wouldn't resort to harvest attacks. I'm still
  • by Anonymous Coward
    No offence but you are uber optimistic.

    12 hour key rotation for the database for probably the trillion e-mail addresses that are active?

    keys are inserted by the client of the sender and not by the actual smtp server? gee well I sent that e-mail to you 24 hours ago I wonder why it didnt show up... smtp servers couldnt connect for 12 hours and so my keys expired.

    wow I my name being directly tied to my e-mail address so the cops can just look at the centralize database.

    I can just see the lag as every single pe
  • I stopped accepting spam and wrote an article [freesoftwaremagazine.com] about it. Free tools exist today to restrict almost all UCE, so I'm not sure why there's a great rush to fix a non-broken system by replacing it with a giant unknown.
  • My idea for a completely "spam-proof" system:

    Have the mailserver check that the OpenPGP signature on every message corresponds properly to the sender and is not on a blocked list. Otherwise, or if the message is not signed, it goes in /dev/null.

    There's little point doing this on the outgoing SMTP server because most spam is sent from hastily-bodged-up SMTP servers running on compromised Windows boxes. It really should be done on the POP3 server {which, of course, receives mail by SMTP but then drops
    • 1) Read /. article
      2) Check the linked-to article. Good, nothing about sending back a 'rejection' to the sender of an unapproved email, which you were going to bitch about on the grounds that it's as bad as spam itself. Remember that you DO harangue anyone running a whitelist anti-spam system that spams *you* when some spammer spoofs your email address in the From field.
      3) Have it occur rather quickly to you that this 'key' system already exists, it's called PGP.
      4) Look at /. comments, search for 'PGP'
      5) F
  • Just install greylisting on your mail server, and you just got rid of ~98% of your spam with next to no effort, and with no ongoing maintenance requirements. Now if you care about the 2%, throw in a couple regex filters to block shit like forged gmail/yahoo mail, and mail with helo/ehlo with your mail server's name.
  • You want a proposal for spam blocking? Here's a proposal, based on a "hashcash" paradigm.

    When someone sends an email, they take the sender's email address, the receiving address, and 8 random alphanumeric characters (we'll call this "K"). The sender then initializes an 8-byte counter starting at 8 x 0x00. The sender then does a SHA-1 hash of the string with the counter appended on the end, and then increments the counter and repeats until the last 4 bytes of the SHA-1 are 0x00. It then saves the number
    • The end result is, it takes a significant amount of processing power to send a (first) email, which should be acceptable to someone sending a legitimate message but will significantly slow down the performance of a spambot.

      And the end result would be...spammers using 250,000 zombies to send a given spam instead of 150,000. No noticable change in volume of spam.
  • New to the group so bear with me... I have an SMB and when we went looking for an Anti-SPAM appliance we came accross the DS200 (see http://www.tyrnstone.com/emailfilter.asp [tyrnstone.com] if interested). Got a positive review from Brian Livingston at WindowsSecrets.com So far so good. Has anybody else seen/reviewed the DS200?

FORTH IF HONK THEN

Working...