Full Disclosure mailing list archives
RE: SPAM and "undisclosed recipients"
From: "Jonathan A. Zdziarski" <jonathan () nuclearelephant com>
Date: Sat, 15 Nov 2003 23:24:18 -0500
There should be a way to stop the email spamming. You could use their weaknesses as a way to prevent spam. The fact is that most SPAM is sent in MASS quantities all at one time, or a very short interval. If servers could somehow have a "global awareness" of the activity of spammers this could be prevented.
We are working on adding new layers of "spam networking" on top of existing statistical filters similar to what you are saying, and the great thing is that many of the open-source filter authors are working together to come up with new solutions. One is through a process we call inoculation. You can read about it here (old copy of the draft until they post the latest one we sent) http://www.ietf.org/internet-drafts/draft-spamfilt-inoculation-00.txt Another thing that has been discussed is the design of a Peer-to-Peer network to exchange information about spams. The trick is to prevent any possibility of information leakage (e.g. you don't want to leak people's personal emails onto the network). No draft for this yet, but I've attached the initial email I sent out to the other authors about this. We've already implemented the inoculation message format, and my own project (DSPAM) also supports this and several other methods of "spam networking" such as classification groups and even shared groups (if you're really interested you can read more about it at http://www.nuclearelephant.com/projects/dspam/) This is all in an attempt to get past the 99.9% (1 in 1000) plateau of accuracy - as Bob Yerazunis [the author of CRM114] puts it...and try to push to 99.99% (1 in 10,000). Your point is well taken; statistical filtering in itself is extremely accurate, but the biggest weakness of filtering using the "Bayesian" buzzword is isolation. Breaking past the iron curtain is definitely going to bring us to the next level of spam fighting. Jonathan
Attachment:
p2p.txt
Description:
Current thread:
- SPAM and "undisclosed recipients" Kristian Hermansen (Nov 15)
- Re: SPAM and "undisclosed recipients" Valdis . Kletnieks (Nov 15)
- Re: SPAM and "undisclosed recipients" Jason DiCioccio (Nov 15)
- Re: SPAM and "undisclosed recipients" Kristian Hermansen (Nov 15)
- RE: SPAM and "undisclosed recipients" Steve Wray (Nov 15)
- RE: SPAM and "undisclosed recipients" Jonathan A. Zdziarski (Nov 15)
- RE: SPAM and "undisclosed recipients" Kristian Hermansen (Nov 15)
- RE: SPAM and "undisclosed recipients" Scott Taylor (Nov 15)
- Re: SPAM and "undisclosed recipients" Michael Gale (Nov 15)
- RE: SPAM and "undisclosed recipients" Jonathan A. Zdziarski (Nov 15)
- Re: SPAM and "undisclosed recipients" Kristian Hermansen (Nov 15)