Discussion on:

Understand how various spam software works

Most people here should already be familiar with the spam methods outlined in this article. I was actually hoping for something new.

We are currently using a combination of every filter method here, but still receive hundreds spam messages per day.

The only blacklist we don't use is SpamCop, as it is too easy to get listed and we end up filtering legitimate mail. However, all blacklist methods are reactive, so this remains an after-the-fact solution.

Content based filtering is also effective, but is again after-the-fact. Also, as the article states, spammers simply add a few more irrelevant characters to their words to beat the filters. Our current list is miles long and is growing each day.

The challenge/response method is a great solution in theory, but for any online business, this is the kiss of death. It takes a long time and a great deal of effort to create a successful online business. The very last thing people want to do is deter visitors by requiring a confirmation response to a "which product should I buy" question. Potential customers simply do not have the patience for such extra steps.

The spam issue remains a problem at the source. If hosting providers and ISPs were more responsible, then spammers would never have the opportunity to do what they do. We terminate any account that attempts to send unsolicited mail. Mailservers are actively monitored and systems are in place to to prevent abuse. In attempt to deter spammers from signing up in the first place, we also stipulate that we will fine users $5.00 for every reported issue.

It is currently estimated that 90 percent of all email traffic is spam. As long as companies continue to offer commissions to affiliates/resellers, then spammers have nothing to loose and a lot to gain. Ending spam abuse at the source is a simple process. Strict legislation directed at hosting providers/ISPs could stop this issue overnight. This would be far more effective than the CANSPAM act of 2003, which has done nothing to stem the amount of junk mail in our inboxes.

Site owners/administrators should also take steps to stop email addresses being picked from their websites and WHOIS records, which is how many addresses end up on the infamous marketing CDs, but I guess that's another issue.

That's why I have my own private DNSBL. ISP's have the best chance at blocking spam and viruses by requiring all mail to travel through their mail servers. The whole internet community would benefit by the save bandwidth and this would eliminate most spam and viruses, all with a simple access list. The next step would be a mail gateway that would check MX records for incoming mail and reject anything that doesn't match it's MX. If I were King for a day......

Thought I'd add that not only do blacklists block 'spammers' they block any address they deem an "open relay". As the article states, one is at the mercy of the blacklist administrator, which means their moral judgments become yours. For example, some major blacklists felt Comcast and SBC didn't terminate spammers accounts quick enough so they blocked their entire class B address range, seriously hurting many SOHO's and small bussiness's. Then there is the example of the blacklist owner who after being found guilty of fraud (or something similar) went back to the office and blacklisted the entire internet, casuing all of his customers to stop recieving email. My personal opinion, stay as far away from blacklists as you can, they are evil things USUALLY run by quite evil people. I wouldn't trust them to tell me the time.

Nick Staff
nick.staff@comcast.net